Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Browser Issue. Clock off. Google redirecting.


  • This topic is locked This topic is locked
55 replies to this topic

#1 andrewsaputo

andrewsaputo

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eugene Oregon
  • Local time:05:07 PM

Posted 20 August 2016 - 07:05 PM

I'm having trouble with my browsers. The adblocker extentions failed and now I'm getting redirects and popups. Now the clock is off, google is inaccessible on both chrome and mozilla and sites are buggy. I've attached my log reports from FRST. I don't know what the specific virus/trojan/spywhere is. Thanks for the help.



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:07 PM

Posted 23 August 2016 - 09:04 AM

Greetings andrewsaputo and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me just a bit of time to review what you have posted.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:07 PM

Posted 23 August 2016 - 09:12 AM

Logs posted.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-08-2016
Ran by Andrew P Saputo (administrator) on GRUMPY (01-01-2008 04:48:20)
Running from C:\Users\Andrew P Saputo\Desktop
Loaded Profiles: Andrew P Saputo (Available Profiles: Andrew P Saputo)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\..\Interfaces\{9F230F35-2E15-4729-84D3-C5DBD3EFC0E1}: [NameServer] 75.75.75.75,75.75.76.76

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2122827531-3946508072-876639715-1000 -> {260C82F9-CB79-4533-BD53-F6AF2413975D} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-29] (Oracle Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-30] (AO Kaspersky Lab)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-29] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-30] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Andrew P Saputo\AppData\Roaming\Mozilla\Firefox\Profiles\e5vq89j0.default
FF DefaultSearchEngine.US: Google
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: AdBlock Lite - C:\Users\Andrew P Saputo\AppData\Roaming\Mozilla\Firefox\Profiles\e5vq89j0.default\Extensions\jid1-dwtFBkQjb3SIQp@jetpack.xpi [2016-08-17]
FF Extension: Adblock Plus - C:\Users\Andrew P Saputo\AppData\Roaming\Mozilla\Firefox\Profiles\e5vq89j0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-12-27] [not signed]
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2016-05-23]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.classzone.com/books/geometry_concepts/index.cfm?state=OR
CHR StartupUrls: Default -> "hxxp://www.bethel.k12.or.us/"
CHR Profile: C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-14]
CHR Extension: (Google Docs) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Google Drive) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13]
CHR Extension: (YouTube) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-17]
CHR Extension: (Google Search) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (Kaspersky Protection) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-27]
CHR Extension: (Google Sheets) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-14]
CHR Extension: (Google Docs Offline) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-17]
CHR Extension: (Video DownloadHelper) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2015-12-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-17]
CHR Extension: (Gmail) - C:\Users\Andrew P Saputo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-08-05] (Kaspersky Lab ZAO)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [919184 2015-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [201912 2015-07-05] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [58224 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [66976 2016-02-29] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [147328 2015-10-30] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [53168 2016-05-23] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [785328 2016-05-23] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [44120 2016-05-23] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [37048 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [38072 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [39304 2015-09-27] (AO Kaspersky Lab)
R1 kltdf; C:\Windows\System32\DRIVERS\kltdf.sys [73912 2015-06-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 09:24 - 2016-08-20 10:36 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\LocalLow\uTorrent
2016-08-19 09:24 - 2016-08-19 09:24 - 00002581 _____ C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-08-19 02:14 - 2016-07-10 21:40 - 02072064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-19 02:13 - 2016-07-10 23:00 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-19 02:02 - 2016-07-10 21:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-18 02:08 - 2016-07-15 13:32 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-18 02:08 - 2016-07-15 13:31 - 12841472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-18 02:08 - 2016-07-15 13:29 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-18 02:08 - 2016-07-15 13:27 - 09755136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-18 02:08 - 2016-07-15 13:27 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-18 02:08 - 2016-07-15 13:27 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-18 02:08 - 2016-07-15 13:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-18 02:08 - 2016-07-15 13:26 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-18 02:08 - 2016-07-15 13:25 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-18 02:08 - 2016-07-15 13:25 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-18 02:08 - 2016-07-15 13:25 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-18 02:08 - 2016-07-15 13:25 - 00354304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-18 02:08 - 2016-07-15 13:25 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-08-18 02:08 - 2016-07-15 13:25 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-18 02:08 - 2016-07-15 13:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-18 02:08 - 2016-07-15 13:25 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-08-18 02:08 - 2016-07-15 13:25 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-08-18 02:08 - 2016-07-15 13:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-18 02:08 - 2016-07-15 13:24 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-18 02:08 - 2016-07-15 13:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-18 02:08 - 2016-07-15 13:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-18 02:08 - 2016-07-15 13:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-08-17 10:25 - 2016-08-17 10:27 - 00000000 ____D C:\AdwCleaner
2016-08-16 22:48 - 2008-01-01 01:50 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-16 22:47 - 2016-08-16 22:47 - 00000899 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-16 22:47 - 2016-08-16 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-16 22:47 - 2016-08-16 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-16 22:47 - 2016-08-16 22:47 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-08-16 22:47 - 2016-03-10 13:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-16 22:47 - 2016-03-10 13:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-16 22:47 - 2016-03-10 13:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-17 02:09 - 2016-06-25 07:37 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-17 02:09 - 2016-06-25 07:37 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-17 02:09 - 2016-06-25 07:37 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-17 02:09 - 2016-06-25 07:37 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-17 02:09 - 2016-06-25 06:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-15 20:38 - 2016-08-17 10:05 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-30 02:09 - 2016-05-18 07:33 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-30 02:08 - 2016-05-10 07:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-30 02:08 - 2016-05-10 07:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-30 02:08 - 2016-05-10 07:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-30 02:08 - 2016-05-10 06:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-30 02:08 - 2016-05-10 06:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-30 02:03 - 2016-05-12 07:34 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-30 02:03 - 2016-05-12 07:34 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-30 02:03 - 2016-05-12 07:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-30 02:03 - 2016-05-12 07:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-30 02:03 - 2016-05-12 07:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-30 02:03 - 2016-05-12 07:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-30 02:01 - 2016-05-14 07:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-30 02:01 - 2016-05-14 07:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-06-30 02:01 - 2016-05-14 06:19 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-30 02:01 - 2016-05-14 06:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-30 02:01 - 2016-05-14 06:18 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-30 02:01 - 2016-05-11 05:09 - 00440552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-30 02:00 - 2016-05-14 07:47 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-30 02:00 - 2016-05-14 07:41 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-05-20 02:13 - 2016-05-20 02:13 - 00875712 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-05-20 02:13 - 2016-05-20 02:13 - 00536768 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-05-15 02:18 - 2016-04-09 13:17 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-15 02:08 - 2016-04-09 13:22 - 00638184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-15 02:08 - 2016-04-09 13:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-15 02:03 - 2016-04-09 12:37 - 03608808 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-05-15 02:03 - 2016-04-09 12:37 - 03556584 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-15 02:03 - 2016-03-10 09:07 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-15 02:01 - 2016-04-09 11:07 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-04-15 02:11 - 2016-03-04 08:52 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-15 02:10 - 2016-03-18 09:10 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-15 02:10 - 2016-03-18 09:10 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-15 02:10 - 2016-03-18 09:10 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-15 02:10 - 2016-03-18 09:10 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-15 02:03 - 2016-03-21 14:57 - 01208568 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-15 02:03 - 2016-03-18 09:10 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-15 02:03 - 2016-03-18 09:09 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-15 02:02 - 2016-03-17 09:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-04-15 02:02 - 2016-03-17 09:45 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-03-25 13:58 - 2016-03-25 13:58 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\Mozilla
2016-03-25 13:58 - 2016-03-25 13:58 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Mozilla
2016-03-11 03:16 - 2016-02-05 18:12 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-11 03:16 - 2016-02-05 18:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-11 03:16 - 2016-02-05 18:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-11 03:16 - 2016-02-05 16:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-11 03:15 - 2016-02-05 18:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-11 03:15 - 2016-02-02 07:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-11 03:15 - 2015-11-20 06:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-11 03:15 - 2015-11-20 06:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-11 03:14 - 2016-02-03 09:06 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-11 03:14 - 2016-02-03 09:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-03-11 03:14 - 2016-02-03 09:05 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-10 21:22 - 2016-03-10 21:22 - 00001726 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-03-10 21:22 - 2016-03-10 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-03-10 21:22 - 2016-03-10 21:22 - 00000000 ____D C:\Program Files\QuickTime
2016-02-26 01:32 - 2016-08-17 10:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-26 01:32 - 2016-08-17 10:05 - 00000858 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-26 01:32 - 2016-08-17 10:05 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-17 00:54 - 2016-02-17 03:01 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\Mp3tag
2016-02-17 00:54 - 2016-02-17 00:54 - 00000776 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2016-02-17 00:54 - 2016-02-17 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2016-02-17 00:54 - 2016-02-17 00:54 - 00000000 ____D C:\Program Files\Mp3tag
2016-02-15 03:15 - 2016-01-29 19:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-15 03:15 - 2016-01-29 19:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-02-15 03:15 - 2016-01-29 19:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-02-15 03:15 - 2016-01-29 19:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-02-15 03:15 - 2016-01-29 19:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-02-15 03:15 - 2016-01-29 19:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-02-15 03:15 - 2016-01-29 19:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-02-15 03:15 - 2016-01-29 19:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-02-15 03:15 - 2016-01-29 19:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-02-15 03:15 - 2016-01-29 19:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-02-15 03:15 - 2016-01-29 19:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-02-15 03:15 - 2016-01-29 19:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-02-15 03:15 - 2016-01-29 17:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-02-15 03:03 - 2016-01-07 07:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-01-18 03:09 - 2015-12-05 09:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-18 03:09 - 2015-12-05 09:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-18 03:09 - 2015-12-05 09:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-18 03:09 - 2015-12-05 09:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-18 03:09 - 2015-12-05 09:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-18 03:09 - 2015-12-05 09:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-18 03:09 - 2015-12-05 09:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-18 03:09 - 2015-12-05 09:02 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-18 03:09 - 2015-12-05 09:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2016-01-18 03:09 - 2015-12-05 09:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-18 03:09 - 2015-12-05 09:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-18 03:09 - 2015-12-05 09:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-18 03:09 - 2015-12-05 09:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL
2016-01-18 03:09 - 2015-12-05 09:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-18 03:09 - 2015-12-05 09:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-18 03:09 - 2015-12-05 09:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-18 03:09 - 2015-12-05 09:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-18 03:09 - 2015-12-05 09:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-18 03:09 - 2015-12-05 09:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-18 03:09 - 2015-12-05 09:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-18 03:09 - 2015-12-05 09:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-18 03:09 - 2015-12-05 09:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-18 03:09 - 2015-12-05 08:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-18 03:08 - 2015-11-13 08:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-18 03:08 - 2015-11-13 08:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-18 03:08 - 2015-11-13 07:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2015-12-16 03:14 - 2015-11-06 09:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-16 03:14 - 2015-11-06 08:32 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-16 03:14 - 2015-11-06 08:32 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-16 03:14 - 2015-11-06 08:32 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-16 03:14 - 2015-11-06 08:32 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-16 03:14 - 2015-11-06 07:27 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-16 03:14 - 2015-11-06 07:20 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-16 03:14 - 2015-11-06 07:20 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-16 03:14 - 2015-11-06 07:19 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-16 03:12 - 2015-11-02 09:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-16 03:10 - 2015-11-10 09:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-16 03:10 - 2015-11-10 09:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-16 03:10 - 2015-11-04 23:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 13:59 - 2015-12-09 13:59 - 00094208 _____ (Apple Inc.) C:\Windows\system32\QuickTimeVR.qtx
2015-12-09 13:59 - 2015-12-09 13:59 - 00069632 _____ (Apple Inc.) C:\Windows\system32\QuickTime.qts
2015-11-28 14:27 - 2015-11-28 11:54 - 03163426 _____ C:\Users\Andrew P Saputo\Desktop\IMG_3159.JPG
2015-11-14 03:06 - 2015-10-13 06:31 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-14 03:06 - 2015-10-13 06:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-14 03:03 - 2015-10-10 08:02 - 00526272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-14 03:01 - 2015-09-26 08:05 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-14 03:01 - 2015-09-26 05:21 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-10-18 02:00 - 2015-07-28 16:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 17:21 - 2015-10-13 17:21 - 00001664 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-13 17:21 - 2015-10-13 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-13 17:20 - 2015-10-13 17:21 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-10-13 17:20 - 2015-10-13 17:21 - 00000000 ____D C:\Program Files\iTunes
2015-10-13 17:20 - 2015-10-13 17:20 - 00000000 ____D C:\Program Files\iPod
2015-10-13 17:16 - 2015-10-13 17:16 - 00000000 ____D C:\Program Files\Apple Software Update
2015-09-14 02:20 - 2015-09-02 13:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-14 02:16 - 2015-08-05 07:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-08-17 21:04 - 2015-08-25 00:14 - 00000000 ____D C:\Users\Andrew P Saputo\Desktop\Covers
2015-08-13 23:10 - 2015-08-13 23:10 - 00001113 _____ C:\Users\Public\Desktop\Freemake Audio Converter.lnk
2015-08-13 23:10 - 2015-08-13 23:10 - 00000000 ____D C:\Users\Andrew P Saputo\Documents\Freemake
2015-08-13 23:10 - 2015-08-13 23:10 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-08-13 23:10 - 2015-08-13 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-08-13 23:10 - 2015-08-13 23:10 - 00000000 ____D C:\ProgramData\Freemake
2015-08-13 23:10 - 2015-08-13 23:10 - 00000000 ____D C:\Program Files\Common Files\Freemake Shared
2015-08-13 23:09 - 2015-08-13 23:10 - 00000000 ____D C:\Program Files\Freemake
2015-08-12 02:10 - 2015-07-21 08:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-12 02:10 - 2015-07-21 08:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 02:10 - 2015-07-21 08:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-12 02:10 - 2015-07-21 08:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 02:08 - 2015-07-31 11:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 02:07 - 2015-07-10 11:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 02:02 - 2015-07-18 08:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 02:01 - 2015-07-01 07:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 02:00 - 2015-07-09 06:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 02:00 - 2015-07-09 06:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 17:59 - 2016-01-18 03:28 - 00000000 ____D C:\Windows\system32\RTCOM
2015-08-11 17:58 - 2014-05-14 17:37 - 03086040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-08-11 17:58 - 2014-05-14 15:00 - 01099203 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-08-11 17:58 - 2014-04-30 10:34 - 00916696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-08-11 17:58 - 2014-04-28 14:48 - 02474200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2015-08-11 17:58 - 2014-04-25 12:51 - 02566872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-08-11 17:58 - 2014-04-25 12:23 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-08-11 17:58 - 2014-04-23 16:49 - 02140976 _____ C:\Windows\system32\SStudio.dll
2015-08-11 17:58 - 2014-04-10 11:19 - 01823320 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-08-11 17:58 - 2014-03-06 15:35 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-08-11 17:58 - 2014-03-05 04:11 - 00966904 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2015-08-11 17:58 - 2014-03-05 04:11 - 00818936 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2015-08-11 17:58 - 2014-03-05 04:11 - 00606968 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2015-08-11 17:58 - 2014-03-05 04:11 - 00219896 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2015-08-11 17:58 - 2014-02-06 10:28 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-08-11 17:58 - 2013-10-11 10:31 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-08-11 17:58 - 2012-01-30 10:42 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-08-11 17:58 - 2012-01-10 09:20 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2015-08-11 17:58 - 2011-11-22 15:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2015-08-11 17:58 - 2011-09-02 13:21 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2015-08-11 17:58 - 2011-09-02 13:21 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2015-08-11 17:58 - 2011-09-02 13:21 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2015-08-11 17:58 - 2011-03-17 11:16 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-08-11 17:58 - 2011-03-07 16:03 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-08-11 17:58 - 2010-11-08 06:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2015-08-11 17:58 - 2010-11-08 06:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2015-08-11 17:58 - 2010-11-08 06:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2015-08-11 17:58 - 2010-11-08 06:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2015-08-11 17:58 - 2010-11-08 06:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2015-08-11 17:58 - 2010-11-08 06:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2015-08-11 17:58 - 2009-11-24 08:55 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2015-08-11 17:58 - 2009-11-24 08:55 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2015-08-11 17:58 - 2009-11-24 08:55 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2015-08-11 17:58 - 2009-11-24 08:55 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2015-08-11 17:58 - 2009-11-18 17:42 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2015-08-11 17:57 - 2014-05-12 19:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2015-08-11 17:57 - 2014-04-10 11:20 - 11821656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2015-08-11 17:57 - 2014-04-10 11:19 - 03683416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2015-08-11 17:57 - 2014-04-09 15:39 - 00890160 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2015-08-11 17:57 - 2014-04-09 15:37 - 05086984 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-08-11 17:57 - 2014-03-19 18:19 - 00798296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2015-08-11 17:57 - 2014-01-31 15:44 - 00948336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2015-08-11 17:57 - 2013-08-14 14:36 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-08-11 17:57 - 2013-04-03 13:12 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-08-11 17:57 - 2012-08-31 18:17 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2015-08-11 17:57 - 2012-08-31 18:17 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2015-08-11 17:57 - 2012-08-31 18:17 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2015-08-11 17:57 - 2012-08-31 18:17 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2015-08-11 17:57 - 2012-08-31 18:17 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2015-08-11 17:56 - 2014-04-17 16:42 - 01116248 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2015-08-11 17:56 - 2014-04-17 16:42 - 00987224 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2015-08-11 17:56 - 2014-04-17 16:42 - 00966744 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2015-08-11 17:56 - 2014-04-10 11:19 - 28062296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2015-08-11 17:56 - 2014-04-10 11:19 - 14585432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-08-11 17:56 - 2014-04-10 11:19 - 01940056 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-08-11 17:56 - 2014-04-10 11:19 - 01691224 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2015-08-11 17:56 - 2014-04-10 11:19 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2015-08-11 17:56 - 2014-03-21 13:17 - 00265376 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2015-08-11 17:56 - 2013-08-14 14:35 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-08-11 17:56 - 2011-08-23 16:00 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2015-08-11 17:56 - 2010-09-27 08:34 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-08-11 17:56 - 2009-12-04 14:43 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2015-08-11 17:55 - 2015-08-11 17:55 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-08-11 17:55 - 2014-05-02 10:19 - 00029496 _____ C:\Windows\system32\audioLibVc.dll
2015-08-11 17:55 - 2014-04-07 15:03 - 06177624 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2015-08-11 17:55 - 2014-04-07 15:03 - 01490264 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2015-08-11 17:55 - 2014-04-07 15:03 - 00274264 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2015-08-11 17:55 - 2014-04-07 15:03 - 00221528 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2015-08-11 17:55 - 2014-02-18 16:04 - 02421792 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-08-11 17:55 - 2013-10-16 02:43 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-08-11 17:55 - 2013-10-11 11:47 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-08-11 17:55 - 2013-10-06 23:14 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2015-08-11 17:55 - 2013-10-06 23:14 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2015-08-11 17:55 - 2013-10-06 23:14 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2015-08-11 17:55 - 2013-06-17 19:20 - 00188696 _____ C:\Windows\system32\AcpiServiceVnA.dll
2015-08-11 17:55 - 2012-03-08 10:47 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2015-08-11 17:55 - 2011-05-31 08:42 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2015-08-06 02:08 - 2015-06-17 08:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-06 02:08 - 2015-06-17 07:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-06 02:02 - 2015-05-31 00:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-08-06 02:01 - 2015-06-27 08:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-06 02:01 - 2015-06-27 06:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-06 02:01 - 2015-06-27 06:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-06 02:01 - 2015-01-08 16:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-05 18:57 - 2015-08-05 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2015-08-05 18:57 - 2015-08-05 18:55 - 00001960 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2015-08-05 18:55 - 2016-08-16 19:03 - 00524288 ___SH C:\Users\Public\ntuser.dat{3fed28e7-3be0-11e5-8369-001a4d54f659}.TMContainer00000000000000000001.regtrans-ms
2015-08-05 18:55 - 2016-08-16 19:03 - 00065536 ___SH C:\Users\Public\ntuser.dat{3fed28e7-3be0-11e5-8369-001a4d54f659}.TM.blf
2015-08-05 18:55 - 2015-08-05 18:57 - 00524288 ___SH C:\ProgramData\ntuser.dat{3fed28e0-3be0-11e5-8369-001a4d54f659}.TMContainer00000000000000000001.regtrans-ms
2015-08-05 18:55 - 2015-08-05 18:57 - 00065536 ___SH C:\ProgramData\ntuser.dat{3fed28e0-3be0-11e5-8369-001a4d54f659}.TM.blf
2015-08-05 18:55 - 2015-08-05 18:55 - 00524288 ___SH C:\Users\Public\ntuser.dat{3fed28e7-3be0-11e5-8369-001a4d54f659}.TMContainer00000000000000000002.regtrans-ms
2015-08-05 18:55 - 2015-08-05 18:55 - 00524288 ___SH C:\ProgramData\ntuser.dat{3fed28e0-3be0-11e5-8369-001a4d54f659}.TMContainer00000000000000000002.regtrans-ms
2015-08-05 18:50 - 2016-08-16 19:03 - 00262144 _____ C:\Users\Public\ntuser.dat
2015-08-05 18:50 - 2016-08-16 19:03 - 00005120 ____H C:\Users\Public\ntuser.dat.LOG1
2015-08-05 18:50 - 2015-08-05 18:57 - 00262144 _____ C:\ProgramData\ntuser.dat
2015-08-05 18:50 - 2015-08-05 18:57 - 00005120 ____H C:\ProgramData\ntuser.dat.LOG1
2015-08-05 18:50 - 2015-08-05 18:50 - 00524288 ___SH C:\Users\Public\ntuser.dat{3fed28b6-3be0-11e5-8369-001a4d54f659}.TMContainer00000000000000000002.regtrans-ms
2015-08-05 18:50 - 2015-08-05 18:50 - 00524288 ___SH C:\Users\Public\ntuser.dat{3fed28b6-3be0-11e5-8369-001a4d54f659}.TMContainer00000000000000000001.regtrans-ms
2015-08-05 18:50 - 2015-08-05 18:50 - 00524288 ___SH C:\ProgramData\ntuser.dat{3fed28af-3be0-11e5-8369-001a4d54f659}.TMContainer00000000000000000002.regtrans-ms
2015-08-05 18:50 - 2015-08-05 18:50 - 00524288 ___SH C:\ProgramData\ntuser.dat{3fed28af-3be0-11e5-8369-001a4d54f659}.TMContainer00000000000000000001.regtrans-ms
2015-08-05 18:50 - 2015-08-05 18:50 - 00065536 ___SH C:\Users\Public\ntuser.dat{3fed28b6-3be0-11e5-8369-001a4d54f659}.TM.blf
2015-08-05 18:50 - 2015-08-05 18:50 - 00065536 ___SH C:\ProgramData\ntuser.dat{3fed28af-3be0-11e5-8369-001a4d54f659}.TM.blf
2015-08-05 18:50 - 2015-08-05 18:50 - 00000000 ____H C:\Users\Public\ntuser.dat.LOG2
2015-08-05 18:50 - 2015-08-05 18:50 - 00000000 ____H C:\ProgramData\ntuser.dat.LOG2
2015-08-05 18:47 - 2016-05-23 19:04 - 00785328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-08-05 18:47 - 2015-10-30 17:33 - 00147328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-07-05 23:10 - 2015-07-05 23:10 - 00201912 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\cm_km.sys
2015-07-04 01:18 - 2016-05-23 19:02 - 00053168 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-06-27 00:30 - 2015-06-27 00:30 - 00058224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klbackupflt.sys
2015-06-23 17:30 - 2015-06-23 17:30 - 00156856 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-06-22 19:40 - 2015-06-22 19:40 - 00153784 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-06-17 16:04 - 2015-06-17 16:04 - 06112072 _____ (Apple, Inc.) C:\Windows\system32\usbaaplrc.dll
2015-06-17 16:04 - 2015-06-17 16:04 - 00045056 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl.sys
2015-06-16 02:07 - 2015-04-24 07:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-16 02:00 - 2015-05-04 14:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-16 02:00 - 2015-05-04 14:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-16 02:00 - 2015-05-04 14:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-16 02:00 - 2015-05-04 14:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-16 02:00 - 2015-05-04 13:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-11 18:32 - 2016-05-23 19:04 - 00044120 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2015-06-11 14:52 - 2015-06-11 14:52 - 00054328 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2015-06-10 17:16 - 2015-06-10 17:16 - 00073912 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdf.sys
2015-06-08 18:43 - 2015-09-27 16:51 - 00039304 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-06-07 00:50 - 2015-06-07 00:50 - 00038072 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2015-06-06 07:50 - 2015-06-06 07:50 - 00046776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klbackupdisk.sys
2015-06-06 07:48 - 2016-02-29 20:05 - 00066976 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2015-06-06 07:31 - 2015-06-06 07:31 - 00037048 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2015-05-13 02:03 - 2015-04-10 15:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 20:37 - 2015-05-12 20:37 - 00000000 ____D C:\e7d27fc14c3ef36a60a76181652f7a0b
2015-05-08 16:16 - 2016-03-15 19:08 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\PFStaticIP
2015-05-08 16:10 - 2015-05-08 16:12 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\PortForward.com
2015-05-08 16:10 - 2015-05-08 16:10 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Downloaded Installations
2015-05-05 22:48 - 2016-08-19 09:24 - 00002581 _____ C:\Users\Andrew P Saputo\Desktop\µTorrent.lnk
2015-05-05 22:46 - 2008-01-01 01:45 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\uTorrent
2015-04-29 15:52 - 2015-04-29 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate ZIP Cracker Trial
2015-04-18 15:58 - 2015-03-04 18:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-18 15:58 - 2015-03-04 18:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-03-20 19:08 - 2015-01-28 17:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-20 19:00 - 2015-01-20 18:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-20 16:45 - 2015-03-20 16:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2015-03-07 18:00 - 2015-03-07 18:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2015-03-07 16:42 - 2015-03-07 16:42 - 00001804 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-07 16:42 - 2015-03-07 16:42 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\Adobe
2015-03-07 16:42 - 2015-03-07 16:42 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\LocalLow\Adobe
2015-03-07 16:41 - 2015-03-07 16:41 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-03-07 16:41 - 2015-03-07 16:41 - 00000000 ____D C:\Program Files\Adobe
2015-03-07 16:40 - 2015-03-07 17:22 - 00000000 ____D C:\ProgramData\Adobe
2015-03-07 16:39 - 2015-03-07 16:43 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Adobe
2015-02-21 19:09 - 2015-11-28 11:35 - 00000000 ____D C:\Windows\Minidump
2015-02-14 11:23 - 2015-02-05 12:48 - 24768144 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2015-02-14 11:23 - 2015-02-05 12:48 - 20465808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-14 11:23 - 2015-02-05 12:48 - 16016848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2015-02-14 11:23 - 2015-02-05 12:48 - 10773520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-14 11:23 - 2015-02-05 12:48 - 10713256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-14 11:23 - 2015-02-05 12:48 - 08473928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-14 11:23 - 2015-02-05 12:48 - 03247248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-14 11:23 - 2015-02-05 12:48 - 01047880 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234752.dll
2015-02-14 11:23 - 2015-02-05 12:48 - 00912528 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234752.dll
2015-02-11 03:01 - 2014-12-07 17:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-09 20:18 - 2015-02-09 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-09 20:18 - 2015-02-09 20:18 - 00000000 ____D C:\Program Files\7-Zip
2015-02-04 19:17 - 2015-02-04 19:17 - 00000000 ____D C:\Program Files\Western Digital
2015-01-24 11:07 - 2015-01-12 20:15 - 00908608 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2015-01-24 11:07 - 2015-01-09 18:43 - 01047880 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234725.dll
2015-01-24 11:07 - 2015-01-09 18:43 - 00911504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234725.dll
2015-01-15 03:01 - 2014-12-05 19:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-15 03:01 - 2014-12-05 19:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 03:01 - 2014-12-05 19:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-15 03:01 - 2014-12-05 19:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-10 14:35 - 2015-02-09 20:13 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\PeaZip
2015-01-10 14:27 - 2015-01-10 14:27 - 00000804 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-01-10 14:27 - 2015-01-10 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-10 14:27 - 2015-01-10 14:27 - 00000000 ____D C:\Program Files\CCleaner
2014-12-31 01:51 - 2015-08-05 18:57 - 00000000 ____D C:\Program Files\Kaspersky Lab
2014-12-31 01:51 - 2008-01-01 04:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-12-31 01:34 - 2014-12-31 01:34 - 00000006 ___SH C:\ProgramData\desktop.ini
2014-12-31 01:34 - 2014-12-31 01:34 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2014-12-31 01:31 - 2015-08-11 17:58 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
2014-12-31 01:31 - 2014-12-31 01:31 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Rainmaker_Software_Group_
2014-12-31 01:30 - 2015-08-11 18:01 - 00000000 ___HD C:\Program Files\Temp
2014-12-31 01:30 - 2014-12-31 01:30 - 00000000 ____D C:\Program Files\Realtek
2014-12-31 01:30 - 2014-02-26 14:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-12-31 01:29 - 2016-08-17 00:08 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\Rainmaker Software Group LLC.​
2014-12-31 01:29 - 2014-12-31 01:29 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2014-12-31 01:19 - 2014-12-31 01:19 - 00231808 _____ C:\Users\Andrew P Saputo\Downloads\32bit_Win7_Win8_Win81_R275.exe
2014-12-31 01:18 - 2014-12-31 01:18 - 00001769 _____ C:\Windows\Language_trs.ini
2014-12-31 00:53 - 2015-03-07 17:20 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\Apple Computer
2014-12-31 00:53 - 2014-12-31 01:27 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Apple Computer
2014-12-31 00:53 - 2014-12-31 00:53 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\LocalLow\Apple Computer
2014-12-31 00:52 - 2014-12-31 00:52 - 00000000 ___DC C:\Windows\system32\DRVSTORE
2014-12-31 00:52 - 2012-10-03 16:14 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-12-31 00:51 - 2014-12-31 00:51 - 00000000 ____D C:\ProgramData\Apple Computer
2014-12-30 23:50 - 2015-10-13 17:16 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-12-30 23:50 - 2014-12-30 23:50 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Apple
2014-12-30 23:48 - 2014-12-30 23:48 - 00000000 ____D C:\Program Files\Bonjour
2014-12-30 23:47 - 2015-10-13 17:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-12-30 23:47 - 2014-12-30 23:49 - 00000000 ____D C:\ProgramData\Apple
2014-12-30 23:18 - 2016-05-19 22:07 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\vlc
2014-12-30 23:15 - 2014-12-30 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-12-30 23:14 - 2014-12-30 23:14 - 00000000 ____D C:\Program Files\VideoLAN
2014-12-30 12:55 - 2015-09-01 16:50 - 00052736 _____ C:\Users\Andrew P Saputo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-30 12:36 - 2016-04-14 19:48 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-12-30 12:36 - 2016-04-14 19:48 - 00001971 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-30 12:35 - 2016-08-20 12:41 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 12:35 - 2016-01-08 18:02 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Google
2014-12-30 12:35 - 2014-12-30 12:36 - 00000000 ____D C:\Program Files\Google
2014-12-30 12:35 - 2014-12-30 12:35 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Deployment
2014-12-30 12:35 - 2014-12-30 12:35 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Apps\2.0
2014-12-30 12:35 - 2014-12-30 12:35 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Apps
2014-12-30 12:35 - 2007-12-31 23:09 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 12:34 - 2016-06-30 02:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-30 12:33 - 2016-06-30 02:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-12-30 12:28 - 2014-12-30 12:28 - 00000000 ____D C:\Program Files\Microsoft ASP.NET
2014-12-29 15:27 - 2015-02-14 11:27 - 00000000 ____D C:\ProgramData\NVIDIA
2014-12-29 15:27 - 2007-12-31 23:02 - 3756515328 ___SH C:\hiberfil.sys
2014-12-29 15:25 - 2014-12-29 15:25 - 00000000 ____D C:\Program Files\AGEIA Technologies
2014-12-29 15:24 - 2015-02-05 10:27 - 04404552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-12-29 15:24 - 2015-02-05 10:27 - 03058320 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2014-12-29 15:24 - 2015-02-05 10:27 - 02554000 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-12-29 15:24 - 2015-02-05 10:27 - 00670536 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-12-29 15:24 - 2015-02-05 10:27 - 00375112 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-12-29 15:24 - 2015-02-05 10:27 - 00061768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-12-29 15:24 - 2015-02-05 10:07 - 04236870 _____ C:\Windows\system32\nvcoproc.bin
2014-12-29 15:23 - 2015-02-05 12:48 - 00060560 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-12-29 15:22 - 2015-02-05 12:48 - 14119744 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2014-12-29 15:22 - 2015-02-05 12:48 - 02902784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2014-12-29 15:22 - 2015-02-05 12:48 - 00022594 _____ C:\Windows\system32\nvinfo.pb
2014-12-29 15:22 - 2014-12-13 02:02 - 01047696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234709.dll
2014-12-29 15:22 - 2014-12-13 02:02 - 00911504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234709.dll
2014-12-29 15:22 - 2014-10-09 09:02 - 00161424 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2014-12-29 15:22 - 2014-10-09 09:02 - 00027280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2014-12-29 15:22 - 2014-10-08 23:17 - 00908608 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco32.dll
2014-12-29 15:21 - 2014-12-29 15:21 - 00000000 ____D C:\ProgramData\Sun
2014-12-29 15:21 - 2014-12-29 15:21 - 00000000 ____D C:\Program Files\Common Files\Java
2014-12-29 15:21 - 2014-12-29 15:19 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-29 15:20 - 2014-12-29 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-29 15:19 - 2014-12-29 15:21 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\NVIDIA
2014-12-29 15:19 - 2014-12-29 15:21 - 00000000 ____D C:\ProgramData\Oracle
2014-12-29 15:18 - 2014-12-29 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-29 15:18 - 2014-12-29 15:18 - 00000000 ____D C:\Program Files\Java
2014-12-29 15:17 - 2014-12-29 15:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-12-29 15:17 - 2014-12-29 15:17 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\LocalLow\Sun
2014-12-29 15:09 - 2014-12-29 15:09 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Microsoft Corporation
2014-12-29 13:13 - 2014-12-29 13:13 - 00002052 _____ C:\Windows\epplauncher.mif
2014-12-29 13:12 - 2010-04-05 12:00 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-12-29 13:08 - 2014-12-29 13:08 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\WindowsUpdate
2014-12-28 20:15 - 2014-12-29 15:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-12-28 17:45 - 2011-03-12 13:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-12-28 15:34 - 2014-12-28 15:34 - 00000000 ____D C:\Program Files\Windows Portable Devices
2014-12-28 15:08 - 2014-06-26 14:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-12-28 15:08 - 2014-06-26 14:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-12-28 15:08 - 2014-06-26 14:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-12-28 15:08 - 2014-06-05 20:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-28 15:07 - 2014-06-15 14:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-12-28 15:07 - 2014-06-13 10:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-12-28 15:07 - 2014-06-13 10:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-12-28 15:05 - 2014-10-09 17:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-28 15:05 - 2014-10-09 17:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-12-28 15:05 - 2014-10-09 15:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-12-28 15:03 - 2009-09-09 18:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-12-28 15:03 - 2009-09-09 18:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-12-28 15:03 - 2009-09-09 18:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-12-28 15:02 - 2009-09-30 17:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-12-28 15:02 - 2009-09-30 17:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-12-28 15:02 - 2009-09-30 17:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-12-28 15:02 - 2009-09-30 17:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2014-12-28 15:02 - 2009-09-30 17:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2014-12-28 15:02 - 2009-09-30 17:01 - 00546816 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-12-28 15:02 - 2009-09-30 17:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-12-28 15:02 - 2009-09-30 17:01 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2014-12-28 15:02 - 2009-09-30 17:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2014-12-28 15:02 - 2009-09-30 17:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-12-28 15:02 - 2009-09-30 17:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-12-28 15:02 - 2009-09-30 17:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-12-28 15:02 - 2009-09-30 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2014-12-28 15:02 - 2009-09-30 17:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2014-12-28 15:02 - 2009-09-30 17:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2014-12-28 15:02 - 2009-09-30 17:01 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2014-12-28 15:00 - 2014-08-26 16:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-12-28 14:56 - 2014-10-23 17:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-28 14:51 - 2014-12-28 14:51 - 00000000 ____D C:\Windows\Migration
2014-12-28 14:41 - 2014-08-11 18:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-12-28 14:40 - 2014-12-28 14:40 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-12-28 14:40 - 2014-12-28 14:40 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-12-28 14:40 - 2014-12-28 14:40 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-12-28 14:40 - 2014-12-28 14:40 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-28 14:40 - 2014-12-28 14:40 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-28 14:40 - 2014-12-28 14:40 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-12-28 14:40 - 2014-12-28 14:40 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-28 14:40 - 2014-12-28 14:40 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-28 14:40 - 2014-12-28 14:40 - 00072822 _____ C:\Windows\system32\ieuinit.inf
2014-12-28 14:40 - 2014-12-28 14:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-28 14:40 - 2014-12-28 14:40 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-12-28 14:40 - 2014-12-28 14:40 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-28 14:39 - 2014-12-28 14:39 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-12-28 14:39 - 2014-12-28 14:39 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-12-28 14:39 - 2014-12-28 14:39 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-12-28 14:39 - 2014-12-28 14:39 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-12-28 14:39 - 2014-12-28 14:39 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-12-28 14:33 - 2014-10-02 17:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-28 14:33 - 2014-10-02 17:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-28 14:33 - 2014-10-02 17:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-28 14:33 - 2014-10-02 17:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-28 14:21 - 2014-09-04 15:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-12-28 14:20 - 2012-07-25 19:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-12-28 14:20 - 2012-07-25 19:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-12-28 14:20 - 2012-07-25 19:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-12-28 14:20 - 2012-07-25 19:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-12-28 14:20 - 2012-07-25 19:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-12-28 14:20 - 2012-07-25 19:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-12-28 14:20 - 2012-07-25 18:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-12-28 14:20 - 2012-07-25 18:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-12-28 14:20 - 2012-07-25 18:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-12-28 14:20 - 2012-06-02 06:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-12-28 14:20 - 2009-07-14 04:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2014-12-28 14:12 - 2014-06-02 02:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-12-28 14:12 - 2014-06-02 02:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-12-28 14:12 - 2014-06-02 02:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-12-28 14:12 - 2014-06-02 00:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-12-28 14:12 - 2014-04-04 19:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-12-28 14:12 - 2014-04-04 17:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-12-28 14:12 - 2012-11-02 02:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-12-28 14:12 - 2012-11-02 00:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2014-12-28 14:11 - 2014-04-26 08:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-12-28 14:11 - 2013-10-29 18:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-12-28 14:11 - 2013-10-29 16:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-12-28 14:11 - 2013-06-15 05:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2014-12-28 14:11 - 2013-06-15 03:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-12-28 14:11 - 2012-09-25 08:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-12-28 14:11 - 2012-06-29 08:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-12-28 14:09 - 2013-10-10 18:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-12-28 14:09 - 2013-10-10 18:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-12-28 14:09 - 2013-10-10 18:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2014-12-28 14:09 - 2013-10-10 16:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-12-28 14:09 - 2013-10-10 16:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-12-28 14:09 - 2013-06-28 18:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-12-28 14:09 - 2013-06-28 18:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-12-28 14:09 - 2013-06-28 18:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-12-28 14:09 - 2013-06-28 18:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-12-28 14:09 - 2013-03-03 11:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-12-28 14:09 - 2012-08-21 03:47 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-12-28 14:09 - 2012-03-20 15:28 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-12-28 14:09 - 2011-10-14 08:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-12-28 14:09 - 2011-10-14 08:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2014-12-28 14:09 - 2011-05-05 05:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-12-28 14:09 - 2011-05-05 05:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-12-28 14:09 - 2011-02-22 06:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-12-28 14:08 - 2014-01-29 23:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-12-28 14:08 - 2013-10-21 23:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-12-28 14:08 - 2013-10-10 18:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-12-28 14:08 - 2013-10-10 18:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-12-28 14:08 - 2013-10-10 16:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2014-12-28 14:08 - 2013-10-03 04:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-28 14:08 - 2013-07-15 20:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-12-28 14:08 - 2013-07-02 18:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-12-28 14:08 - 2013-06-26 15:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-12-28 14:08 - 2013-05-01 20:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2014-12-28 14:08 - 2013-04-23 20:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-12-28 14:08 - 2013-04-23 17:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-12-28 14:08 - 2013-04-17 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-12-28 14:08 - 2013-03-07 19:53 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-12-28 14:08 - 2013-02-11 17:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-12-28 14:08 - 2012-11-21 19:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-12-28 14:08 - 2012-05-01 06:03 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-12-28 14:08 - 2012-02-29 07:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-12-28 14:08 - 2012-02-29 05:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-12-28 14:08 - 2011-12-14 08:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-12-28 14:08 - 2011-11-16 06:12 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-12-28 14:08 - 2011-08-25 08:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-12-28 14:08 - 2011-08-25 08:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-12-28 14:08 - 2011-08-25 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2014-12-28 14:08 - 2011-06-15 08:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-12-28 14:08 - 2010-05-04 11:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2014-12-28 14:01 - 2013-07-07 20:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-12-28 14:01 - 2013-07-07 20:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-12-28 14:01 - 2013-07-07 20:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-12-28 13:58 - 2012-01-09 07:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-12-28 13:49 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-28 13:49 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-28 13:49 - 2012-06-02 14:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-28 13:49 - 2012-06-02 14:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-28 13:49 - 2012-06-02 14:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-28 13:49 - 2012-06-02 14:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-28 13:49 - 2012-06-02 14:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-28 13:49 - 2012-06-02 14:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-28 13:49 - 2012-06-02 14:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-28 13:42 - 2014-12-28 13:42 - 00000000 ____D C:\Windows\system32\vi-VN
2014-12-28 13:42 - 2014-12-28 13:42 - 00000000 ____D C:\Windows\system32\eu-ES
2014-12-28 13:42 - 2014-12-28 13:42 - 00000000 ____D C:\Windows\system32\ca-ES
2014-12-28 13:02 - 2014-12-28 13:02 - 00000000 ____D C:\Windows\system32\EventProviders
2014-12-28 13:01 - 2009-04-10 22:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-12-28 13:01 - 2009-04-10 22:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-12-28 13:01 - 2009-04-10 22:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01524736 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01086464 _____ (Microsoft Corporation) C:\Windows\system32\NetProjW.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2014-12-28 13:01 - 2009-04-10 22:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2014-12-28 13:01 - 2009-04-10 22:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2014-12-28 13:01 - 2009-04-10 22:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2014-12-28 13:01 - 2009-04-10 22:27 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-12-28 13:01 - 2009-04-10 22:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2014-12-28 13:01 - 2009-04-10 22:22 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2014-12-28 13:01 - 2009-04-10 21:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2014-12-28 13:01 - 2009-04-10 21:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2014-12-28 13:01 - 2009-04-10 20:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-12-28 13:01 - 2009-04-10 18:52 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2014-12-28 13:01 - 2009-03-06 17:11 - 00130008 _____ C:\Windows\system32\systemsf.ebd
2014-12-28 13:01 - 2009-02-19 16:20 - 00009239 _____ C:\Windows\system32\spcinstrumentation.man
2014-12-28 13:01 - 2009-02-18 10:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-12-28 13:00 - 2009-04-10 22:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-12-28 13:00 - 2009-04-10 22:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-12-28 13:00 - 2009-04-10 22:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-12-28 13:00 - 2009-04-10 22:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2014-12-28 13:00 - 2009-04-10 22:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-12-28 13:00 - 2009-04-10 22:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2014-12-28 13:00 - 2009-04-10 22:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-12-28 13:00 - 2009-04-10 22:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-12-28 13:00 - 2009-04-10 22:32 - 00014312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2014-12-28 13:00 - 2009-04-10 22:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00368640 _____ C:\Windows\system32\msjetoledb40.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-12-28 13:00 - 2009-04-10 22:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2014-12-28 13:00 - 2009-04-10 22:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\SnippingTool.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00117248 _____ C:\Windows\system32\EhStorAuthn.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-12-28 13:00 - 2009-04-10 22:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2014-12-28 13:00 - 2009-04-10 22:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2014-12-28 13:00 - 2009-04-10 22:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2014-12-28 13:00 - 2009-04-10 22:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2014-12-28 13:00 - 2009-04-10 22:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-12-28 13:00 - 2009-04-10 22:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2014-12-28 13:00 - 2009-04-10 22:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-12-28 13:00 - 2009-04-10 22:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-12-28 13:00 - 2009-04-10 22:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-12-28 13:00 - 2009-04-10 22:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2014-12-28 13:00 - 2009-04-10 22:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-12-28 13:00 - 2009-04-10 22:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2014-12-28 13:00 - 2009-04-10 22:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2014-12-28 13:00 - 2009-04-10 22:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2014-12-28 13:00 - 2009-04-10 22:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2014-12-28 13:00 - 2009-04-10 22:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2014-12-28 13:00 - 2009-04-10 22:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2014-12-28 13:00 - 2009-04-10 22:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2014-12-28 13:00 - 2009-04-10 22:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2014-12-28 13:00 - 2009-04-10 22:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2014-12-28 13:00 - 2009-04-10 22:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2014-12-28 13:00 - 2009-04-10 22:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2014-12-28 13:00 - 2009-04-10 22:22 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2014-12-28 13:00 - 2009-04-10 22:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2014-12-28 13:00 - 2009-04-10 22:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2014-12-28 13:00 - 2009-04-10 22:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-12-28 13:00 - 2009-04-10 21:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-12-28 13:00 - 2009-04-10 20:48 - 00344698 _____ C:\Windows\system32\eaphost.tmf
2014-12-28 13:00 - 2009-04-10 20:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2014-12-28 13:00 - 2009-04-10 20:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2014-12-28 13:00 - 2009-04-10 20:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2014-12-28 13:00 - 2009-04-10 20:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-12-28 13:00 - 2009-04-10 20:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2014-12-28 13:00 - 2009-04-10 20:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2014-12-28 13:00 - 2009-04-10 20:43 - 00442788 _____ C:\Windows\system32\dot3.tmf
2014-12-28 13:00 - 2009-04-10 20:43 - 00392170 _____ C:\Windows\system32\onex.tmf
2014-12-28 13:00 - 2009-04-10 20:43 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2014-12-28 13:00 - 2009-04-10 20:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-12-28 13:00 - 2009-04-10 20:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2014-12-28 13:00 - 2009-04-10 20:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-12-28 13:00 - 2009-04-10 20:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2014-12-28 13:00 - 2009-04-10 20:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2014-12-28 13:00 - 2009-04-10 20:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-12-28 13:00 - 2009-04-10 20:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2014-12-28 13:00 - 2009-04-10 20:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-12-28 13:00 - 2009-04-10 20:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2014-12-28 13:00 - 2009-04-10 20:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-12-28 13:00 - 2009-04-10 20:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccid.sys
2014-12-28 13:00 - 2009-04-10 20:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2014-12-28 13:00 - 2009-04-10 20:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2014-12-28 13:00 - 2009-04-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2014-12-28 13:00 - 2009-04-10 20:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2014-12-28 13:00 - 2009-04-10 20:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-12-28 13:00 - 2009-04-10 20:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2014-12-28 13:00 - 2009-04-10 20:13 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-12-28 13:00 - 2009-04-10 20:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2014-12-28 13:00 - 2009-04-10 17:59 - 00107612 _____ C:\Windows\system32\StructuredQuerySchema.bin
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:07 PM

Posted 23 August 2016 - 09:13 AM

2014-12-28 13:00 - 2009-04-10 17:54 - 03662128 _____ C:\Windows\system32\locale.nls
2014-12-28 13:00 - 2009-02-19 16:20 - 00009212 _____ C:\Windows\system32\RacUR.xml
2014-12-28 13:00 - 2009-02-18 10:43 - 00000153 _____ C:\Windows\system32\RacUREx.xml
2014-12-28 13:00 - 2009-02-18 10:39 - 00092918 _____ C:\Windows\system32\slmgr.vbs
2014-12-28 13:00 - 2009-02-18 10:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-12-27 18:19 - 2010-09-06 08:20 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-12-27 18:16 - 2014-12-27 18:16 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-12-27 18:15 - 2009-11-08 10:55 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-12-27 18:15 - 2009-11-08 10:55 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-12-27 18:15 - 2009-11-08 10:55 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-12-27 18:15 - 2009-11-08 10:55 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-12-27 18:03 - 2016-08-19 02:13 - 00000000 ____D C:\Windows\system32\MRT
2014-12-27 17:28 - 2014-12-27 17:28 - 00000000 ____D C:\Windows\system32\WindowsPowerShell
2014-12-27 17:27 - 2016-08-19 02:30 - 01119840 ____H C:\Users\Andrew P Saputo\AppData\Local\IconCache.db
2014-12-27 17:06 - 2016-07-26 13:24 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-27 17:00 - 2008-05-26 20:59 - 00018904 _____ C:\Windows\system32\StructuredQuerySchemaTrivial.bin
2014-12-27 17:00 - 2007-11-08 01:04 - 11967524 _____ C:\Windows\system32\korwbrkr.lex
2014-12-27 16:47 - 2016-08-16 22:28 - 00000000 __SHD C:\Windows\Installer
2014-12-27 16:41 - 2010-02-20 15:06 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2014-12-27 16:41 - 2010-02-20 15:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-12-27 16:41 - 2010-02-20 12:53 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-12-27 16:40 - 2009-10-09 13:56 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-27 16:40 - 2009-10-09 13:56 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-27 16:40 - 2009-10-09 13:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll
2014-12-27 16:40 - 2009-10-09 13:56 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-27 16:40 - 2009-10-09 13:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-27 16:40 - 2009-10-09 13:56 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2014-12-27 16:40 - 2009-10-09 13:56 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe
2014-12-27 16:40 - 2009-10-09 13:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe
2014-12-27 16:40 - 2009-10-09 13:56 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2014-12-27 16:40 - 2009-10-09 13:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2014-12-27 16:40 - 2009-10-09 13:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2014-12-27 16:40 - 2009-10-09 13:56 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll
2014-12-27 16:40 - 2009-10-09 13:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-27 16:40 - 2009-10-09 13:55 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll
2014-12-27 16:40 - 2009-10-09 13:55 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll
2014-12-27 16:40 - 2009-10-09 13:55 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe
2014-12-27 16:40 - 2009-10-09 13:55 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll
2014-12-27 16:40 - 2009-10-09 13:55 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2014-12-27 16:40 - 2009-07-31 22:27 - 00201184 _____ C:\Windows\system32\winrm.vbs
2014-12-27 16:40 - 2009-07-16 09:30 - 00004675 _____ C:\Windows\system32\wsmanconfig_schema.xml
2014-12-27 16:40 - 2009-07-16 09:30 - 00002426 _____ C:\Windows\system32\WsmTxt.xsl
2014-12-27 16:38 - 2016-08-19 09:24 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\LocalLow
2014-12-27 16:38 - 2016-08-19 03:23 - 00524288 ___SH C:\Users\Andrew P Saputo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
2014-12-27 16:38 - 2016-08-19 03:23 - 00065536 ___SH C:\Users\Andrew P Saputo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
2014-12-27 16:38 - 2016-08-18 16:41 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local
2014-12-27 16:38 - 2016-07-29 21:21 - 00000000 ___RD C:\Users\Andrew P Saputo\Pictures
2014-12-27 16:38 - 2016-03-25 14:04 - 00000000 ___RD C:\Users\Andrew P Saputo\Downloads
2014-12-27 16:38 - 2016-03-25 13:58 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming
2014-12-27 16:38 - 2015-10-13 17:17 - 00000000 ____D C:\Users\Andrew P Saputo
2014-12-27 16:38 - 2015-08-13 23:10 - 00000000 ___RD C:\Users\Andrew P Saputo\Documents
2014-12-27 16:38 - 2015-08-13 23:10 - 00000000 ___RD C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2014-12-27 16:38 - 2015-05-11 20:55 - 00000000 ___SD C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft
2014-12-27 16:38 - 2015-05-09 15:48 - 00000000 ___RD C:\Users\Andrew P Saputo\Links
2014-12-27 16:38 - 2015-05-02 12:41 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Microsoft
2014-12-27 16:38 - 2015-04-27 01:22 - 00000000 ___RD C:\Users\Andrew P Saputo\Music
2014-12-27 16:38 - 2014-12-31 02:19 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\VirtualStore
2014-12-27 16:38 - 2014-12-29 15:21 - 00000680 _____ C:\Users\Andrew P Saputo\AppData\Local\d3d9caps.dat
2014-12-27 16:38 - 2014-12-29 13:08 - 00000000 ___SD C:\Users\Andrew P Saputo\AppData\LocalLow\Microsoft
2014-12-27 16:38 - 2014-12-28 17:43 - 00000949 _____ C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-27 16:38 - 2014-12-28 17:43 - 00000592 ___SH C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2014-12-27 16:38 - 2014-12-28 13:50 - 00000915 _____ C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-12-27 16:38 - 2014-12-27 18:02 - 00049168 _____ C:\Users\Andrew P Saputo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-27 16:38 - 2014-12-27 17:27 - 00524288 ___SH C:\Users\Andrew P Saputo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
2014-12-27 16:38 - 2014-12-27 16:38 - 00000944 _____ C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-12-27 16:38 - 2014-12-27 16:38 - 00000402 ___SH C:\Users\Andrew P Saputo\Documents\desktop.ini
2014-12-27 16:38 - 2014-12-27 16:38 - 00000282 ___SH C:\Users\Andrew P Saputo\Downloads\desktop.ini
2014-12-27 16:38 - 2014-12-27 16:38 - 00000282 ___SH C:\Users\Andrew P Saputo\Desktop\desktop.ini
2014-12-27 16:38 - 2014-12-27 16:38 - 00000174 ___SH C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2014-12-27 16:38 - 2014-12-27 16:38 - 00000020 ___SH C:\Users\Andrew P Saputo\ntuser.ini
2014-12-27 16:38 - 2014-12-27 16:38 - 00000006 ___SH C:\Users\Andrew P Saputo\AppData\LocalLow\desktop.ini
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\Templates
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\Start Menu
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\SendTo
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\Recent
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\PrintHood
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\NetHood
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\My Documents
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\Local Settings
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\Documents\My Videos
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\Documents\My Pictures
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\Documents\My Music
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\Cookies
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\Application Data
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\AppData\Local\Temporary Internet Files
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\AppData\Local\History
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 _SHDL C:\Users\Andrew P Saputo\AppData\Local\Application Data
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ___RD C:\Users\Andrew P Saputo\Videos
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ___RD C:\Users\Andrew P Saputo\Searches
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ___RD C:\Users\Andrew P Saputo\Saved Games
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ___RD C:\Users\Andrew P Saputo\Favorites
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ___RD C:\Users\Andrew P Saputo\Contacts
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ___RD C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ___RD C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ___HD C:\Users\Andrew P Saputo\AppData
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ____H C:\Users\Andrew P Saputo\ntuser.dat.LOG2
2014-12-27 16:38 - 2014-12-27 16:38 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\Identities
2014-12-27 16:38 - 2008-01-20 18:42 - 00000000 ___RD C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-27 16:38 - 2008-01-20 18:42 - 00000000 ___RD C:\Users\Andrew P Saputo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-27 16:38 - 2008-01-01 04:48 - 01048576 ___SH C:\Users\Andrew P Saputo\NTUSER.DAT
2014-12-27 16:38 - 2008-01-01 04:48 - 00262144 ____H C:\Users\Andrew P Saputo\ntuser.dat.LOG1
2014-12-27 16:38 - 2008-01-01 04:48 - 00000000 ___RD C:\Users\Andrew P Saputo\Desktop
2014-12-27 16:38 - 2008-01-01 04:48 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Local\Temp
2014-12-27 16:38 - 2006-11-02 04:37 - 00000000 ____D C:\Users\Andrew P Saputo\AppData\Roaming\Media Center Programs
2014-12-27 16:22 - 2010-06-16 07:30 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-12-27 16:22 - 2009-08-14 05:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-12-27 16:22 - 2009-06-15 06:52 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-12-27 16:22 - 2009-06-15 06:51 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-12-27 16:21 - 2011-04-14 06:59 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-12-27 16:21 - 2011-03-10 09:03 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-12-27 16:21 - 2011-03-10 09:03 - 01136640 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-12-27 16:21 - 2011-03-03 07:40 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2014-12-27 16:21 - 2011-03-03 05:35 - 04240384 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2014-12-27 16:21 - 2011-03-02 07:44 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-12-27 16:21 - 2011-03-02 07:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-12-27 16:21 - 2011-02-22 05:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-12-27 16:21 - 2010-12-29 10:26 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-12-27 16:21 - 2010-12-28 07:55 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-12-27 16:21 - 2010-12-14 06:49 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-12-27 16:21 - 2010-08-31 07:46 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2014-12-27 16:21 - 2010-08-31 07:46 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2014-12-27 16:21 - 2010-08-26 08:37 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-12-27 16:21 - 2010-08-26 08:34 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-12-27 16:21 - 2010-08-17 06:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-12-27 16:21 - 2010-06-18 09:31 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-12-27 16:21 - 2010-05-27 12:08 - 00081920 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2014-12-27 16:21 - 2010-02-18 05:30 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-12-27 16:21 - 2010-02-18 03:28 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2014-12-27 16:21 - 2010-01-21 07:05 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2014-12-27 16:21 - 2009-10-23 09:10 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-12-27 16:21 - 2009-08-14 05:49 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE
2014-12-27 16:21 - 2009-08-14 05:49 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE
2014-12-27 16:21 - 2009-08-14 05:49 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2014-12-27 16:21 - 2009-08-14 05:49 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2014-12-27 16:21 - 2009-08-14 05:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2014-12-27 16:21 - 2009-08-14 05:49 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2014-12-27 16:21 - 2009-08-14 05:49 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2014-12-27 16:21 - 2009-07-17 05:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2014-12-27 16:21 - 2009-07-11 11:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-12-27 16:21 - 2009-07-11 11:01 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-12-27 16:21 - 2009-07-11 11:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-12-27 16:21 - 2009-07-11 11:01 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-12-27 16:21 - 2009-07-11 09:03 - 02501921 _____ C:\Windows\system32\wlan.tmf
2014-12-27 16:21 - 2009-07-11 09:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\L2SecHC.dll
2014-12-27 16:21 - 2009-07-10 03:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2014-12-27 16:21 - 2009-06-10 03:42 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2014-12-27 16:21 - 2009-06-10 03:41 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2014-12-27 16:21 - 2009-05-04 01:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-12-27 16:21 - 2009-04-10 22:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-12-27 16:21 - 2009-04-10 22:27 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2014-12-27 16:21 - 2009-04-10 22:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-27 16:21 - 2009-04-10 22:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-27 16:21 - 2009-04-10 20:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-27 16:21 - 2008-02-28 22:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106n.dll
2014-12-27 16:20 - 2011-05-02 09:16 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-27 16:20 - 2010-12-17 05:54 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-27 16:20 - 2010-11-04 10:56 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-12-27 16:20 - 2010-11-04 10:55 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-12-27 16:20 - 2010-11-04 10:55 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-12-27 16:20 - 2010-11-04 08:34 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-12-27 16:20 - 2010-01-25 04:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-12-27 16:20 - 2010-01-25 04:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-12-27 16:20 - 2010-01-25 04:00 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-12-27 16:20 - 2010-01-25 04:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-12-27 16:20 - 2010-01-25 03:58 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-12-27 16:20 - 2010-01-25 00:21 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-12-27 16:20 - 2010-01-25 00:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-12-27 16:20 - 2010-01-25 00:21 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-12-27 16:20 - 2010-01-25 00:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-12-27 16:20 - 2009-12-04 10:30 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-12-27 16:20 - 2009-12-04 10:28 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2014-12-27 16:20 - 2009-12-04 10:28 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-12-27 16:20 - 2009-12-04 10:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-12-27 16:20 - 2009-12-04 10:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-12-27 16:20 - 2009-12-04 10:28 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-12-27 16:20 - 2009-12-04 10:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-12-27 16:20 - 2009-12-04 10:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-12-27 16:20 - 2009-10-07 03:36 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-27 16:20 - 2009-09-10 06:58 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2014-12-27 16:20 - 2009-09-04 03:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-12-27 16:20 - 2009-08-10 04:35 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-12-27 16:20 - 2009-07-15 04:39 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-12-27 16:20 - 2009-07-15 02:21 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb
2014-12-27 16:20 - 2009-07-15 02:21 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb
2014-12-27 16:20 - 2009-04-10 22:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-12-27 16:20 - 2009-04-10 22:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tscupgrd.exe
2014-12-27 16:20 - 2009-04-10 22:28 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-12-27 16:12 - 2010-01-13 09:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-12-27 10:04 - 2008-01-01 01:45 - 00000000 ____D C:\Windows\Debug
2014-12-27 09:59 - 2014-12-27 17:14 - 00000000 ____D C:\Windows\SoftwareDistribution
2014-12-27 09:57 - 2008-01-01 04:48 - 00000000 ____D C:\Windows\Prefetch
2014-12-27 09:57 - 2007-12-31 23:04 - 00000000 __SHD C:\System Volume Information
2014-12-27 09:57 - 2007-12-31 23:02 - 4070129664 ___SH C:\pagefile.sys
2014-12-27 09:56 - 2015-01-10 14:28 - 00000000 ____D C:\Windows\Panther
2014-12-27 09:56 - 2014-12-28 13:45 - 00000000 __SHD C:\Boot
2014-12-27 09:56 - 2014-12-27 09:56 - 00008192 ___RS C:\BOOTSECT.BAK
2014-12-27 09:56 - 2014-12-27 09:56 - 00000000 ____D C:\Windows\system32\OEM
2014-12-27 09:56 - 2009-04-10 22:36 - 00333257 __RSH C:\bootmgr
2014-12-27 09:56 - 2008-05-09 12:50 - 00000024 ___RH C:\Windows\dell_version
2014-04-11 22:08 - 2014-04-11 22:08 - 00028352 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2014-04-11 22:08 - 2014-04-11 22:08 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2014-04-11 22:08 - 2014-04-11 22:08 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2014-04-11 22:08 - 2014-04-11 22:08 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2012-10-03 16:14 - 2012-10-03 15:14 - 00106928 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00178536 _____ (Apple Inc.) C:\Windows\system32\dnssdX.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00083816 _____ (Apple Inc.) C:\Windows\system32\dns-sd.exe
2011-08-30 23:05 - 2011-08-30 23:05 - 00073064 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00050536 _____ (Apple Inc.) C:\Windows\system32\jdns_sd.dll
2011-02-19 23:03 - 2011-02-19 23:03 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2011-02-19 00:40 - 2011-02-19 00:40 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2010-06-23 09:21 - 2010-06-23 09:21 - 00259176 _____ (Realtek ) C:\Windows\system32\Drivers\Rtlh86.sys
2010-06-08 15:33 - 2010-06-08 15:33 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2009-12-03 09:27 - 2009-12-03 09:27 - 00080416 _____ C:\Windows\system32\RtNicProp32.dll
2008-05-06 16:06 - 2008-05-06 16:06 - 00011520 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam.sys
2008-01-20 19:13 - 2008-01-20 18:23 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2008-01-20 19:11 - 2008-01-20 18:23 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys
2008-01-20 19:10 - 2008-01-20 18:23 - 00386616 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys
2008-01-20 18:25 - 2008-01-20 18:25 - 01642496 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\imagesp1.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00415232 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\p2pcollab.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\dsquery.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2008-01-20 18:25 - 2008-01-20 18:25 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\p2phost.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\lltdsvc.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\raserver.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\msrdc.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\wmidx.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\nlmgp.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\wmvdspa.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\rgb9rast.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\p2pnetsh.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWiaCompat.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\sstpsvc.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\loadperf.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\systeminfo.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\wpclsp.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pnrpnsp.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\eapsvc.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\DfsShlEx.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2008-01-20 18:25 - 2008-01-20 18:25 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dssec.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\lodctr.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lltdapi.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\srwmi.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\wmpcm.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\msdtcVSp1res.dll
2008-01-20 18:25 - 2008-01-20 18:25 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00016896 _____ (Microsoft) C:\Windows\system32\grb.rs
2008-01-20 18:25 - 2008-01-20 18:25 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\srdelayed.exe
2008-01-20 18:25 - 2008-01-20 18:25 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\procinst.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 08322048 _____ (Microsoft Corporation) C:\Windows\system32\spwizimg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 05714432 _____ (Microsoft Corporation) C:\Windows\system32\logon.scr
2008-01-20 18:24 - 2008-01-20 18:24 - 04595712 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0049.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0047.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0046.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0045.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0039.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0020.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 02585088 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 02249216 _____ (Microsoft Corporation) C:\Windows\system32\Firewall.cpl
2008-01-20 18:24 - 2008-01-20 18:24 - 01966592 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0027.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0026.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0024.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0022.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0021.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01502208 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01405952 _____ (Microsoft Corporation) C:\Windows\system32\ActiveContentWizard.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm60.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01295360 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\comres.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\ogldrv.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 01039360 _____ (Microsoft Corporation) C:\Windows\system32\d3d8.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\d3dim700.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\unbcl.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00686592 _____ (Microsoft Corporation) C:\Windows\system32\colorui.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\sqlceqp30.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\XPSSHHDR.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2008-01-20 18:24 - 2008-01-20 18:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\clbcatq.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00520704 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWGP.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00498176 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00485376 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\catsrv.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\dmdlgs.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00384512 _____ (Microsoft Corporation) C:\Windows\system32\d3dim.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\msdtckrm.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\msdelta.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\cmipnpinstall.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\xwizards.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\CompatUI.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\adsnt.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\authfwcfg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2008-01-20 18:24 - 2008-01-20 18:24 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\dot3gpui.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\mycomput.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00226816 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\comsnap.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\msoeacct.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\provthrd.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\mlang.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\dsdmo.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00163840 _____ (Microsoft Corp.) C:\Windows\system32\DfrgNtfs.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2008-01-20 18:24 - 2008-01-20 18:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\DpiScaling.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\msdadiag.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\verifier.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00155704 _____ (Microsoft Corporation) C:\Windows\system32\dssenh.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\NAPMONTR.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00145455 _____ C:\Windows\system32\perfmon.msc
2008-01-20 18:24 - 2008-01-20 18:24 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\CompMgmtLauncher.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\SmiInstaller.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\ndfapi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\dbnetlib.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00134656 _____ (Microsoft Corporation) C:\Windows\regedit.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\McxDriv.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\mtstocom.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\mprmsg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dispdiag.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\msaatext.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\verifier.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\activeds.tlb
2008-01-20 18:24 - 2008-01-20 18:24 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\msscript.ocx
2008-01-20 18:24 - 2008-01-20 18:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\SSShim.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\shrink.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\msdtc.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2008-01-20 18:24 - 2008-01-20 18:24 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayApi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\oledlg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\TapiMigPlugin.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\makecab.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\xactsrv.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\diantz.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\vssadmin.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\comrepl.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\msdtclog.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\ntdsapi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\dmview.ocx
2008-01-20 18:24 - 2008-01-20 18:24 - 00087552 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\msoert2.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TpmInit.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\efsadu.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\dskquota.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\usbui.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\olecli32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\trkwks.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\IPBusEnum.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\cmdl32.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rasqec.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\GuidedHelp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\EAPQEC.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\driverquery.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\DHCPQEC.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\getmac.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\dxva2.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\cmicryptinstall.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\winethc.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\colbact.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00060124 _____ C:\Windows\system32\tcpmon.ini
2008-01-20 18:24 - 2008-01-20 18:24 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\alg.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00058936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wscmisetup.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\vga256.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\tbssvc.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\graftabl.com
2008-01-20 18:24 - 2008-01-20 18:24 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\fwcfg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssocPrx.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\msident.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\d3dxof.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\expand.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\NapiNSP.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\gacinstall.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\net.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\dnshc.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\bcdprov.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:07 PM

Posted 23 August 2016 - 09:14 AM

2008-01-20 18:24 - 2008-01-20 18:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\cmutil.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Sens.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\ucsvc.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2008-01-20 18:24 - 2008-01-20 18:24 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\dot3dlg.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\mmcss.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\regini.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rshx32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\TimeDateMUICallback.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\dot3gpclnt.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\osblprov.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\vdmredir.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\RegCtrl.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\psbase.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\lnkstub.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\rasphone.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\sfc_os.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\xcopy.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\esentprf.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\ComputerDefaults.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\SecEdit.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\mspatcha.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\dispci.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\waitfor.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\RpcPing.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\napipsec.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\cmlua.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\cmcfg32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\shutdown.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\ndfetw.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\odbcbcp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\unattendedjoin.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\olesvr32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\mtxlegih.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\icacls.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\mfcsubs.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\idndl.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\cmpbk32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Nlsdl.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\at.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00024120 _____ (Microsoft Corporation) C:\Windows\system32\BOOTVID.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\amxread.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\sxsstore.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\mtxdm.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\vga64k.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00021048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\RacAgent.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\osbaseln.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\dmutil.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\PlaySndSrv.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\capisp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\convert.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\WINSRPC.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\pots.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\xmlprovi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sfc.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\rasctrs.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\PING.EXE
2008-01-20 18:24 - 2008-01-20 18:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS
2008-01-20 18:24 - 2008-01-20 18:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\hnetmon.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\tsddd.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\cmstplua.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\localui.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\apilogen.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mountvol.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\fdPHost.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\fveupdate.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\batt.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\avrt.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\ktmw32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00012198 _____ C:\Windows\system32\gatherWiredInfo.vbs
2008-01-20 18:24 - 2008-01-20 18:24 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\InfDefaultInstall.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\framebuf.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\usbperf.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\vga.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\txfw32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\pnpts.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\KBDJPN.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\KBDKOR.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\WSHTCPIP.DLL
2008-01-20 18:24 - 2008-01-20 18:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\wship6.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\msidle.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\csrss.exe
2008-01-20 18:24 - 2008-01-20 18:24 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00005504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys
2008-01-20 18:24 - 2008-01-20 18:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\wertargets.wtl
2008-01-20 18:24 - 2008-01-20 18:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\dmdskres2.dll
2008-01-20 18:24 - 2008-01-20 18:24 - 00001820 _____ C:\Windows\system32\rasctrnm.h
2008-01-20 18:23 - 2015-12-05 09:03 - 01304064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2008-01-20 18:23 - 2011-05-05 08:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\hcrstco.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 09847296 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000a.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 08139264 _____ (Microsoft Corporation) C:\Windows\system32\ssBranded.scr
2008-01-20 18:23 - 2008-01-20 18:23 - 04875776 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 04497408 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0019.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 04495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0816.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 04495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0416.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 04495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0414.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 04495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001d.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 04495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0010.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 03466752 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0013.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004e.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004c.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004b.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 03104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004a.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0011.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 02643456 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000c.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 02599936 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0001.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 02588160 _____ (Microsoft Corporation) C:\Windows\system32\UIHub.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 02342912 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000d.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0007.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0c1a.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData081a.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001b.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001a.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0018.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000f.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0003.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData003e.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData002a.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01675264 _____ (Microsoft Corporation) C:\Windows\system32\xpssvcs.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01523712 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0000.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 01370624 _____ (Microsoft Corporation) C:\Windows\system32\Aurora.scr
2008-01-20 18:23 - 2008-01-20 18:23 - 01298432 _____ (Microsoft Corporation) C:\Windows\system32\TMM.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00913408 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00879616 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2008-01-20 18:23 - 2008-01-20 18:23 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2008-01-20 18:23 - 2008-01-20 18:23 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\netprof.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00628224 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00531456 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\wlandlg.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00475648 _____ (Microsoft Corporation) C:\Windows\system32\msidcrl30.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wiashext.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\joy.cpl
2008-01-20 18:23 - 2008-01-20 18:23 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\filemgmt.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\shrpubw.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00383488 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2008-01-20 18:23 - 2008-01-20 18:23 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2008-01-20 18:23 - 2008-01-20 18:23 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2008-01-20 18:23 - 2008-01-20 18:23 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\NAPSTAT.EXE
2008-01-20 18:23 - 2008-01-20 18:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\qwave.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2008-01-20 18:23 - 2008-01-20 18:23 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2008-01-20 18:23 - 2008-01-20 18:23 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\apircl.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\msdt.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\mdminst.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\apss.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\dmime.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2008-01-20 18:23 - 2008-01-20 18:23 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\mssha.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2008-01-20 18:23 - 2008-01-20 18:23 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msdt.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2008-01-20 18:23 - 2008-01-20 18:23 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\keymgr.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00144909 _____ C:\Windows\system32\fsmgmt.msc
2008-01-20 18:23 - 2008-01-20 18:23 - 00142904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\icsfiltr.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\SoundRecorder.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\msdart.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\WLanHC.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00118784 _____ (Intel Corporation) C:\Windows\system32\Drivers\E1G60I32.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\OptionalFeatures.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00096768 _____ (Microsoft Corp.) C:\Windows\system32\dfrgfat.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_scsi.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\xwtpw32.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00094776 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Tabbtn.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\wlancfg.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\btpanui.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\txflog.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\wiascanprofiles.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\dmscript.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\bootcfg.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\ACW.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wlanext.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\wzcdlg.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\loghours.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2008-01-20 18:23 - 2008-01-20 18:23 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\DFDWiz.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\HelpPaneProxy.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\dfrgifc.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\extrac32.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00052792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\brcplsdw.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\TabbtnEx.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2008-01-20 18:23 - 2008-01-20 18:23 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\dmocx.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00041472 _____ (Microsoft) C:\Windows\system32\WlanMmHC.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\dfdts.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\dmloader.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\dimsjob.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00031288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2008-01-20 18:23 - 2008-01-20 18:23 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rdrleakdiag.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AtBroker.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\syskey.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\cofiredm.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Netplwiz.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\cacls.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\svchost.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wsock32.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\serialui.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\nbtstat.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00015288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00015181 _____ C:\Windows\system32\gatherWirelessInfo.vbs
2008-01-20 18:23 - 2008-01-20 18:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\ktmutil.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\setupSNK.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bdasup.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\sbunattend.exe
2008-01-20 18:23 - 2008-01-20 18:23 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parvdm.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\iscsied.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\sdspres.dll
2008-01-20 18:23 - 2008-01-20 18:23 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys
2008-01-20 18:23 - 2008-01-20 18:23 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\bootstr.dll
2008-01-20 18:03 - 2008-01-20 18:27 - 00458752 _____ C:\Windows\system32\InstallPackage_ETW.Log.perf
2008-01-20 18:03 - 2008-01-20 18:27 - 00458752 _____ C:\Windows\system32\InstallPackage_ETW.Log.dpx
2008-01-01 04:48 - 2008-01-01 04:48 - 00011154 _____ C:\Users\Andrew P Saputo\Desktop\FRST.txt
2008-01-01 04:48 - 2008-01-01 04:48 - 00000000 ____D C:\FRST
2008-01-01 04:47 - 2016-08-17 10:24 - 01744896 _____ (Farbar) C:\Users\Andrew P Saputo\Desktop\FRST.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 02:52 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\rescache
2016-08-19 02:35 - 2006-11-02 04:47 - 00228936 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-19 02:30 - 2006-11-02 05:01 - 00028274 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-19 02:30 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\migration
2016-08-19 02:30 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\en-US
2016-08-19 02:30 - 2006-11-02 03:18 - 00000000 ____D C:\Program Files\Internet Explorer
2016-08-19 02:14 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\winsxs
2016-08-19 02:14 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\catroot2
2016-08-19 02:14 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\catroot
2016-08-19 02:03 - 2006-11-02 02:24 - 144884648 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-08-16 22:48 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\drivers
2016-08-16 22:47 - 2006-11-02 03:18 - 00000000 __RHD C:\Users\Public\Desktop
2016-08-16 22:47 - 2006-11-02 03:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-08-16 22:47 - 2006-11-02 03:18 - 00000000 ___RD C:\Program Files
2016-08-16 22:47 - 2006-11-02 03:18 - 00000000 ___HD C:\ProgramData
2016-07-29 16:36 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\Tasks
2016-07-17 02:41 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\Microsoft.NET
2016-07-17 02:40 - 2006-11-02 03:18 - 00000000 __RSD C:\Windows\assembly
2016-05-15 02:34 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 02:01 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\ehome
2016-04-15 02:01 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-03-24 11:18 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\WDI
2016-03-11 03:33 - 2006-11-02 03:18 - 00000000 ____D C:\Program Files\Windows Mail
2016-03-11 03:33 - 2006-11-02 03:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-15 13:01 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2015-11-14 03:28 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-18 02:24 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\CodeIntegrity
2015-10-13 17:16 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\Tasks
2015-08-13 23:10 - 2006-11-02 03:18 - 00000000 ____D C:\Program Files\Common Files
2015-08-11 17:59 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\config\systemprofile
2015-08-05 18:57 - 2006-11-02 04:48 - 00524288 ___SH C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
2015-08-05 18:57 - 2006-11-02 04:48 - 00065536 ___SH C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
2015-08-05 18:57 - 2006-11-02 04:33 - 00062464 ____H C:\Users\Default\ntuser.dat.LOG1
2015-08-05 18:57 - 2006-11-02 02:22 - 00262144 ___SH C:\Users\Default\NTUSER.DAT
2015-08-05 18:55 - 2006-11-02 03:18 - 00000000 ___RD C:\Users\Public
2015-08-05 17:02 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\NDF
2015-06-16 02:01 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Media Player
2015-03-20 16:45 - 2006-11-02 03:18 - 00000000 ___SD C:\ProgramData\Microsoft
2015-03-20 16:45 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\Drivers\UMDF
2014-12-29 15:24 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\Help
2014-12-28 15:34 - 2006-11-02 04:42 - 00000000 ____D C:\Windows\system32\Drivers\en-US
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 __RSD C:\Windows\Fonts
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ___SD C:\Windows\Downloaded Program Files
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\zh-TW
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\zh-HK
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\zh-CN
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\wbem
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\uk-UA
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\tr-TR
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\th-TH
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\sv-SE
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\sl-SI
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\sk-SK
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\ru-RU
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\ro-RO
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\pt-PT
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\pt-BR
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\pl-PL
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\nl-NL
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\nb-NO
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\lv-LV
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\lt-LT
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\ko-KR
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\ja-JP
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\it-IT
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\hu-HU
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\hr-HR
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\he-IL
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\fr-FR
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\fi-FI
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\et-EE
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\es-ES
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\el-GR
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\de-DE
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\da-DK
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\cs-CZ
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\bg-BG
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\ar-SA
2014-12-28 15:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\AppPatch
2014-12-28 14:40 - 2006-11-01 22:32 - 00008798 _____ C:\Windows\system32\icrav03.rat
2014-12-28 14:40 - 2006-11-01 22:32 - 00001988 _____ C:\Windows\system32\ticrf.rat
2014-12-28 13:50 - 2006-11-02 04:50 - 00001661 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2014-12-28 13:50 - 2006-11-02 04:50 - 00000442 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
2014-12-28 13:42 - 2006-11-02 04:42 - 00000000 ____D C:\Windows\system32\en
2014-12-28 13:42 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2014-12-28 13:42 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2014-12-28 13:42 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Defender
2014-12-28 13:42 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Calendar
2014-12-28 13:42 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Movie Maker
2014-12-28 13:42 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\SLUI
2014-12-28 13:42 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\setup
2014-12-28 13:42 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\oobe
2014-12-28 13:42 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\migwiz
2014-12-28 13:42 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\manifeststore
2014-12-28 13:42 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\Boot
2014-12-28 13:42 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2014-12-28 13:42 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\servicing
2014-12-28 13:42 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\IME
2014-12-27 19:11 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\Logs
2014-12-27 17:28 - 2006-11-02 04:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-12-27 17:28 - 2006-11-02 03:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-27 17:28 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\config\TxR
2014-12-27 16:39 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\system32\restore
2014-12-27 16:38 - 2006-11-02 03:18 - 00000000 ___RD C:\Users
2014-12-27 16:38 - 2006-11-02 03:17 - 00000000 __SHD C:\$Recycle.Bin
2014-12-27 16:13 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\LogFiles
2014-12-27 10:00 - 2006-11-02 04:57 - 00047092 _____ C:\Windows\system32\license.rtf
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:07 PM

Posted 23 August 2016 - 09:14 AM

2014-12-27 09:56 - 2006-11-02 04:43 - 00041984 ____H C:\Windows\system32\config\BCD-Template.LOG
2014-12-27 09:56 - 2006-11-02 04:37 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2011-05-05 08:01 - 2006-11-02 00:55 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\hccoin.dll
2009-04-10 22:32 - 2006-11-02 02:25 - 00177128 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2009-04-10 22:32 - 2006-11-02 00:30 - 00177128 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2009-04-10 22:32 - 2006-11-02 00:30 - 00140776 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2008-01-20 19:14 - 2006-11-02 02:22 - 16846848 _____ C:\Windows\system32\config\COMPONENTS.SAV
2008-01-20 19:14 - 2006-11-02 02:22 - 00106496 _____ C:\Windows\system32\config\DEFAULT.SAV
2008-01-20 19:14 - 2006-11-02 02:22 - 00020480 _____ C:\Windows\system32\config\SECURITY.SAV
2008-01-20 18:58 - 2006-11-02 04:47 - 00039936 _____ C:\Windows\system32\umstartup.etl
2008-01-20 18:58 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\sysprep
2008-01-20 18:44 - 2006-11-02 04:47 - 00279552 _____ C:\Windows\system32\umstartup000.etl
2008-01-20 18:43 - 2006-11-02 04:50 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2008-01-20 18:42 - 2006-11-02 04:55 - 00001743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2008-01-20 18:42 - 2006-11-02 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2008-01-20 18:42 - 2006-11-02 03:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
2008-01-20 18:34 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\DigitalLocker
2008-01-20 18:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\ras
2008-01-20 18:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\icsxml
2008-01-20 18:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\ias
2008-01-20 18:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\com
2008-01-20 18:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\MSAgent
2008-01-20 18:34 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\L2Schemas
2008-01-20 18:26 - 2006-11-02 02:32 - 00101888 _____ (Infineon Technologies AG) C:\Windows\system32\ifxcardm.dll
2008-01-20 18:26 - 2006-11-02 02:32 - 00082432 _____ (Gemalto, Inc.) C:\Windows\system32\axaltocm.dll
2008-01-20 18:23 - 2006-11-02 01:04 - 00022632 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2008-01-20 18:23 - 2006-11-02 01:03 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2008-01-20 18:23 - 2006-11-02 00:55 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys
2008-01-20 18:23 - 2006-11-02 00:54 - 00022072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys
2008-01-20 18:23 - 2006-11-02 00:52 - 00105016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2008-01-20 18:23 - 2006-11-02 00:52 - 00094776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2008-01-20 18:23 - 2006-11-02 00:52 - 00024632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys
2008-01-20 18:23 - 2006-11-02 00:52 - 00019000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omgmt.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00030264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omp.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00028728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00020024 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00019000 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00017464 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys
2008-01-20 18:23 - 2006-11-02 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2008-01-20 18:23 - 2006-11-02 00:42 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2008-01-20 18:23 - 2006-11-02 00:38 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106.dll
2008-01-20 18:23 - 2006-11-02 00:35 - 00109112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2008-01-20 18:23 - 2006-11-02 00:35 - 00061496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS
2008-01-20 18:23 - 2006-11-02 00:35 - 00060984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2008-01-20 18:23 - 2006-11-02 00:35 - 00059448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS
2008-01-20 18:23 - 2006-11-02 00:35 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS
2008-01-20 18:23 - 2006-11-02 00:35 - 00056888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS
2008-01-20 18:23 - 2006-11-02 00:35 - 00056376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2008-01-20 18:23 - 2006-11-02 00:35 - 00055864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS
2008-01-20 18:23 - 2006-11-02 00:35 - 00049720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2008-01-20 18:23 - 2006-11-02 00:35 - 00028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2008-01-20 18:23 - 2006-11-02 00:35 - 00020792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys
2008-01-20 18:23 - 2006-11-02 00:35 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2008-01-20 18:23 - 2006-11-02 00:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2008-01-20 18:23 - 2006-11-02 00:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2008-01-20 18:23 - 2006-11-02 00:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk7.sys
2008-01-20 18:23 - 2006-11-02 00:30 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2008-01-20 18:23 - 2006-11-02 00:30 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crusoe.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 01122360 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00422968 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00342584 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00300600 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00238648 _____ (ULi Electronics Inc.) C:\Windows\system32\Drivers\uliahci.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00235064 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00149560 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00130616 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00115816 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata2.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00102968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00101432 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu160m.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_fc.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00089656 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_sas.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00079928 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00079416 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00074808 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00045112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00041016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sisraid2.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00040504 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpCISSs.sys
2008-01-20 18:23 - 2006-11-01 23:36 - 00031288 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys
2008-01-01 01:03 - 2006-11-02 04:47 - 00005280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2008-01-01 01:03 - 2006-11-02 04:47 - 00005280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2007-12-31 23:11 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system32\config\RegBack
2007-12-31 23:11 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32
2007-12-31 23:11 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\inf
2007-12-31 23:11 - 2006-11-02 02:33 - 00758370 _____ C:\Windows\system32\PerfStringBackup.INI
2007-12-31 23:11 - 2006-11-02 02:33 - 00642078 _____ C:\Windows\system32\perfh009.dat
2007-12-31 23:11 - 2006-11-02 02:33 - 00119270 _____ C:\Windows\system32\perfc009.dat
2007-12-31 23:09 - 2006-11-02 04:33 - 00262144 ____H C:\Windows\system32\config\SAM.LOG1
2007-12-31 23:09 - 2006-11-02 02:22 - 00262144 _____ C:\Windows\system32\config\SAM
2007-12-31 23:06 - 2006-11-02 04:33 - 00262144 ____H C:\Windows\system32\config\DEFAULT.LOG1
2007-12-31 23:06 - 2006-11-02 02:22 - 00262144 _____ C:\Windows\system32\config\DEFAULT
2007-12-31 23:04 - 2006-11-02 04:33 - 00262144 ____H C:\Windows\system32\config\SECURITY.LOG1
2007-12-31 23:04 - 2006-11-02 04:33 - 00262144 ____H C:\Windows\system32\config\COMPONENTS.LOG1
2007-12-31 23:04 - 2006-11-02 02:22 - 42205184 _____ C:\Windows\system32\config\COMPONENTS
2007-12-31 23:04 - 2006-11-02 02:22 - 00262144 _____ C:\Windows\system32\config\SECURITY
2007-12-31 23:03 - 2006-11-02 05:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2007-12-31 23:03 - 2006-11-02 04:57 - 00067584 ____S C:\Windows\bootstat.dat

==================== Files in the root of some directories =======

2014-12-27 16:38 - 2014-12-29 15:21 - 0000680 _____ () C:\Users\Andrew P Saputo\AppData\Local\d3d9caps.dat
2014-12-30 12:55 - 2015-09-01 16:50 - 0052736 _____ () C:\Users\Andrew P Saputo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-31 01:34 - 2014-12-31 01:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Andrew P Saputo\AppData\Local\Temp\libeay32.dll
C:\Users\Andrew P Saputo\AppData\Local\Temp\msvcr120.dll
C:\Users\Andrew P Saputo\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2007-12-31 23:09

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-08-2016
Ran by Andrew P Saputo (01-01-2008 04:49:45)
Running from C:\Users\Andrew P Saputo\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2014-12-27 18:00:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2122827531-3946508072-876639715-500 - Administrator - Disabled)
Andrew P Saputo (S-1-5-21-2122827531-3946508072-876639715-1000 - Administrator - Enabled) => C:\Users\Andrew P Saputo
Guest (S-1-5-21-2122827531-3946508072-876639715-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Anti-Virus (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2122827531-3946508072-876639715-1000\...\uTorrent) (Version: 3.4.8.42501 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM\...\7-Zip) (Version: - )
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A75CA58D-DB9C-4D14-9428-E0C7B0F623DC}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Freemake Audio Converter version 1.1.3 (HKLM\...\Freemake Audio Converter_is1) (Version: 1.1.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
iTunes (HKLM\...\{868B9974-4F23-494D-B6BC-4FAB92B2755D}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla)
Mp3tag v2.74a (HKLM\...\Mp3tag) (Version: v2.74a - Florian Heidenreich)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {36909C47-FCF3-41E0-A357-70C5176F4DBC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {788CA5E0-9024-4BAB-9A31-9C00C123BA70} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {D081178B-D5A5-4624-9433-D0DE833AE825} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D53C9FC9-845C-427F-A5A2-6F305D581709} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-08 22:18 - 2015-07-08 22:18 - 00794920 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\kpcengine.2.3.dll
2015-04-21 17:22 - 2015-05-01 08:52 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 02:23 - 2006-09-18 13:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2122827531-3946508072-876639715-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img2.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ProductUpdater => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WindowsWelcomeCenter => rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{A83FA6CC-DB38-40F1-B907-3DDF64690DC8}] => (Allow) LPort=80
FirewallRules: [{467CBAF7-FDE6-4781-887D-E58B19053A0C}] => (Allow) LPort=80
FirewallRules: [{EA9B405A-871A-4DBA-84F9-4012EBE4D275}] => (Allow) LPort=80
FirewallRules: [{DD384E24-1E9D-4E67-9049-9183C4943EF6}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9C0C5450-959D-47DF-8C87-5B5EA8916D11}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C3453F97-D4D1-44E9-9F03-B2849A235AB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4BE03861-CC4E-47C0-BCD2-45E7A609E20E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{672FBF0F-5923-4D11-8A09-DDF1E26B6B49}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A07EA58-D49C-42A7-9C5F-347E3F1F34A7}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2DC6F412-707C-43A7-838A-3A088053F951}] => (Allow) LPort=40233
FirewallRules: [{1030D7B2-9263-4923-A534-CE2539B4AF69}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D9514ADF-2D65-4597-8C7C-BBDDB6076683}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D54BC98F-C9CD-4591-823F-40D15D94CD44}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{5531A6C0-294B-4B4A-AFEE-C9F7EED92A9C}] => (Allow) C:\Users\Andrew P Saputo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA0823AD-0905-4D0F-824A-8D8619321034}] => (Allow) C:\Users\Andrew P Saputo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4B70F29C-2EE6-4B4F-8EE9-6CE08F52D400}] => (Allow) C:\Users\Andrew P Saputo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0073C9AB-094A-4C30-80CA-9C17DFC1C0F4}] => (Allow) C:\Users\Andrew P Saputo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4867DF5C-48AB-433D-B51C-FE8A59078443}] => (Allow) C:\Users\Andrew P Saputo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF7B6BBD-991A-49AA-9463-86E9B7A73CCB}] => (Allow) C:\Users\Andrew P Saputo\AppData\Roaming\uTorrent\uTorrent.exe

==================== Restore Points =========================

22-04-2016 21:15:03 Scheduled Checkpoint
14-05-2016 13:24:37 Windows Update
15-05-2016 02:00:33 Windows Update
16-05-2016 00:26:36 Scheduled Checkpoint
16-05-2016 23:29:42 Scheduled Checkpoint
18-05-2016 00:13:13 Scheduled Checkpoint
19-05-2016 21:04:00 Scheduled Checkpoint
19-05-2016 21:15:27 Windows Update
23-05-2016 19:06:41 First Restore Point
26-05-2016 21:42:53 Windows Update
10-06-2016 18:24:30 Scheduled Checkpoint
20-06-2016 16:58:32 Scheduled Checkpoint
29-06-2016 18:55:08 Windows Update
30-06-2016 02:00:29 Windows Update
02-07-2016 16:22:06 Scheduled Checkpoint
16-07-2016 04:10:39 Windows Update
17-07-2016 02:00:32 Scheduled Checkpoint
17-07-2016 02:00:42 Windows Update
29-07-2016 16:46:54 Windows Update
16-08-2016 22:27:20 Removed Port Forward Network Utilities.
18-08-2016 17:29:01 Windows Update
19-08-2016 02:00:22 Windows Update
19-08-2016 23:00:10 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/31/2007 11:04:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2016 02:36:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2016 02:13:00 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (08/19/2016 02:12:59 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (08/17/2016 10:31:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2016 12:44:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2016 09:54:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iTunes.exe, version 12.1.3.6, time stamp 0x55f3f4a9, faulting module ole32.dll, version 6.0.6002.19623, time stamp 0x56ec3699, exception code 0xc0000005, fault offset 0x000472b7,
process id 0x14b4, application start time 0xiTunes.exe0.

Error: (08/16/2016 06:48:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2016 09:37:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iTunes.exe, version 12.1.3.6, time stamp 0x55f3f4a9, faulting module ole32.dll, version 6.0.6002.19623, time stamp 0x56ec3699, exception code 0xc0000005, fault offset 0x000472b7,
process id 0xef8, application start time 0xiTunes.exe0.

Error: (07/29/2016 08:56:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 20 Andrew\032Saputo’s\032Library._home-sharing._tcp.local. SRV 0 0 3689 Grumpy.local.


System errors:
=============
Error: (01/01/2008 04:43:13 AM) (Source: W32Time) (EventID: 34) (User: )
Description: The time service has detected that the system time needs to be changed by +272545163 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->40.118.103.7:123) is working properly.

Error: (12/31/2007 11:04:25 PM) (Source: W32Time) (EventID: 34) (User: )
Description: The time service has detected that the system time needs to be changed by +272555477 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->40.118.103.7:123) is working properly.

Error: (12/31/2007 11:03:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:49:15 PM on 8/20/2016 was unexpected.

Error: (08/17/2016 10:27:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Presentation Foundation Font Cache 4.0.0.0101Restart the service

Error: (08/17/2016 10:27:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: iPod Service1

Error: (08/17/2016 10:27:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restart the service

Error: (08/17/2016 10:27:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: NVIDIA Network Service1

Error: (08/17/2016 10:27:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: NVIDIA GeForce Experience Service1

Error: (08/17/2016 10:27:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Bonjour Service1

Error: (08/17/2016 10:27:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Apple Mobile Device1600001Restart the service


CodeIntegrity:
===================================
Date: 2008-01-01 04:49:42.591
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-01-01 04:49:42.435
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-01-01 04:49:42.279
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-01-01 04:49:42.107
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-01-01 04:49:41.795
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-01-01 04:49:41.639
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-01-01 04:49:41.483
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-01-01 04:49:41.312
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-01-01 04:49:41.109
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-01-01 04:49:40.953
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E6850 @ 3.00GHz
Percentage of memory in use: 45%
Total physical RAM: 3581.58 MB
Available physical RAM: 1968.51 MB
Total Virtual: 7399.96 MB
Available Virtual: 5938.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.75 GB) (Free:308.36 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Hurley) (Fixed) (Total:222.78 GB) (Free:67.4 GB) NTFS
Drive f: (Larry) (Fixed) (Total:465.76 GB) (Free:48.2 GB) NTFS
Drive g: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.69 GB) NTFS
Drive h: (Curly) (Fixed) (Total:698.64 GB) (Free:73.35 GB) NTFS
Drive i: (Lloyd) (Fixed) (Total:931.51 GB) (Free:89.14 GB) NTFS
Drive k: (Moe) (Fixed) (Total:2794.39 GB) (Free:2606.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 40000000)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=222.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FE740ADB)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: DE96DE96)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002FD9A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.

========================================================
Disk: 5 (Size: 698.6 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:07 PM

Posted 23 August 2016 - 02:26 PM

Greetings.

Thank you again for your patience.

Please consider and do this. If necessary boot into Safe Mode with Networking.

Can you manually change your clock to reflect the correct date/time?

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have evidence of P2P downloads. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure only the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

  • Click Go and once the scan is completed a MTB.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

Running Combofix in Vista/7

--------------------
  • Please download ComboFix and save it to your Desktop <-- Important!!!
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Note: If after disabling Combofix warns you an Antivirus program is still running ignore the warning and run Combofix.
  • Double click on Combofix.exe and follow the prompts. It is important you do not mouse click while the program is running or it may stall.
  • Patiently allow the program to run. At times it may appear nothing is happening
  • Copy and paste the report in your reply
  • If Combofix fails to run completely stop and let me know
===================================================

Run TDSSKiller by Kaspersky

--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop
  • Right-click on TDSSKiller.exe and select Run As Administrator
  • Click Accept on the End User License Agreement
  • Click Accept on the KSN Statement
  • Click Change parameters
  • Place a check mark in the following boxes

Detect TDLFS file system
Verify file digital signatures

  • Click OK
  • Click Start Scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects
  • If an infected file is detected, the default action will be Cure...do not change it
  • Click Continue > Reboot now to finish the cleaning process.<- Important!!
  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now
  • Hit the Windows Key + E at the same time
  • Double click your Local Disk C: drive
  • Locate the file similar to TDSSKiller_version_date_time_log.txt
  • Copy and paste the contents of that file in your reply
===================================================

aswMBR

--------------------
  • Download aswMBR and save it to your desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. For additional help see here and here
  • Double click the aswMBR.exe file to run it. If requested, allow Avast to update the antivirus engine definitions
  • Leave the default settings then click Scan
  • When done, you will see Scan finished successfully. Click on Save log and save the file to your desktop
  • Copy and paste the contents of the log in your reply
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

===================================================

RogueKiller

--------------------
  • Download RogueKiller and save it to your desktop
  • Close all running programs
  • Right click on the setup.exe icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • Click OK on English
  • Select Install 32 and 64 bits versions (Recommended for Technicians), then click Next 2 times
  • Click Install
  • Click Finish
  • Click Start Scan twice
  • When completed click Open Report
  • Click Export Text and save the file on your Desktop as RK.txt
  • Close all open RogueKiller windows
  • Copy and paste the contents of the report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • MTB log
  • Combofix log
  • TDSSKiller log
  • aswMBR log
  • RogueKiller log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 andrewsaputo

andrewsaputo
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eugene Oregon
  • Local time:05:07 PM

Posted 23 August 2016 - 08:10 PM

I am able to change the clock manually. Also, thank you about the P2P information. I will consider this. I use this securely, through a private venue.

 

Kaspersky Anti-virus & antispyware were detected when I ran combofix. With safemode networking on, Kaspersky wasn't in the system try, nor application running in task manager, nor a process running. This happened after it started the scan. I'm supposing that this is what you mentioned about. The comboFix prompt said something about running as an admin. Do I need to do this? Well I didn't for combofix, did for TDSS.

 

TDSS found a suspicious object, medium risk, but the default action is to skip. 

 

Had to redownload roguekiller because combofix deleted the file. 

 

Avast got stuck on an old downloaded file in my downloads folder. I stopped the scan, deleted it, and restarted it. 

 

Rogue killer had a accept or decline of license. I accepted and their webpage popped up with the program. I closed the website, and ran the scan. At the end, another popup saying "remove pum". 

 

Will post logs in next reply. 

Thanks!



#9 andrewsaputo

andrewsaputo
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eugene Oregon
  • Local time:05:07 PM

Posted 23 August 2016 - 08:15 PM

Here are the logs:

MTB.txt

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Andrew P Saputo (administrator) on 04-01-2008 at 02:45:38
Running from "C:\Users\Andrew P Saputo\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Model: P35-DS3L Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=10.0.0.1
add address name="Local Area Connection" address=10.0.0.112


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Grumpy
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 00-1A-4D-54-F6-59
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:1c0:c600:6610::8c7a(Preferred)
   Lease Obtained. . . . . . . . . . : Friday, January 04, 2008 2:40:41 AM
   Lease Expires . . . . . . . . . . : Friday, January 11, 2008 2:40:40 AM
   IPv6 Address. . . . . . . . . . . : 2601:1c0:c600:6610:65d9:b33a:92ee:3432(Preferred)
   Temporary IPv6 Address. . . . . . : 2601:1c0:c600:6610:c5bb:7a10:41f5:3e59(Preferred)
   Link-local IPv6 Address . . . . . : fe80::65d9:b33a:92ee:3432%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.112(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::48f7:c0ff:fec1:dbd3%10
                                       10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 251664973
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-30-AB-EC-00-1A-4D-54-F6-59
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{9F230F35-2E15-4729-84D3-C5DBD3EFC0E1}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Name:    google.com
Addresses:  2607:f8b0:400a:809::200e
      216.58.216.174



Pinging google.com [2607:f8b0:400a:800::200e] from 2601:1c0:c600:6610:c5bb:7a10:41f5:3e59 with 32 bytes of data:

Reply from 2607:f8b0:400a:800::200e: time=23ms

Reply from 2607:f8b0:400a:800::200e: time=25ms



Ping statistics for 2607:f8b0:400a:800::200e:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 23ms, Maximum = 25ms, Average = 24ms

Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      206.190.36.45
      98.139.183.24
      98.138.253.109



Pinging yahoo.com [2001:4998:58:c02::a9] from 2601:1c0:c600:6610:c5bb:7a10:41f5:3e59 with 32 bytes of data:

Reply from 2001:4998:58:c02::a9: time=118ms

Reply from 2001:4998:58:c02::a9: time=116ms



Ping statistics for 2001:4998:58:c02::a9:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 116ms, Maximum = 118ms, Average = 117ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 10 ...00 1a 4d 54 f6 59 ...... Realtek PCIe GBE Family Controller
  1 ........................... Software Loopback Interface 1
 12 ...00 00 00 00 00 00 00 e0  isatap.{9F230F35-2E15-4729-84D3-C5DBD3EFC0E1}
 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1       10.0.0.112    266
         10.0.0.0    255.255.255.0         On-link        10.0.0.112    266
       10.0.0.112  255.255.255.255         On-link        10.0.0.112    266
       10.0.0.255  255.255.255.255         On-link        10.0.0.112    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link        10.0.0.112    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link        10.0.0.112    266
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         10.0.0.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    266 ::/0                     fe80::48f7:c0ff:fec1:dbd3
  1    306 ::1/128                  On-link
 10     18 2601:1c0:c600:6610::/64  On-link
 10    266 2601:1c0:c600:6610::8c7a/128
                                    On-link
 10    266 2601:1c0:c600:6610:65d9:b33a:92ee:3432/128
                                    On-link
 10    266 2601:1c0:c600:6610:c5bb:7a10:41f5:3e59/128
                                    On-link
 10    266 fe80::/64                On-link
 10    266 fe80::65d9:b33a:92ee:3432/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48640] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

**** End of log ****
 

ComboFix.txt

 

ComboFix 16-08-21.02 - Andrew P Saputo 01/04/2008   3:02.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3582.2924 [GMT -8:00]
Running from: c:\users\Andrew P Saputo\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
FW: Kaspersky Anti-Virus *Disabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
SP: Kaspersky Anti-Virus *Enabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Andrew P Saputo\Desktop\Setup.exe
c:\windows\system32\InstallPackage_ETW.Log
K:\Autorun.inf
.
.
(((((((((((((((((((((((((   Files Created from 2007-12-04 to 2008-01-04  )))))))))))))))))))))))))))))))
.
.
2016-08-19 21:07 . 2016-08-02 22:19    9654712    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{0632D776-9D70-46F0-B812-8367173E8E5C}\mpengine.dll
2016-08-19 10:14 . 2016-07-11 05:40    2072064    ----a-w-    c:\windows\system32\win32k.sys
2016-08-19 10:13 . 2016-07-11 07:00    1260032    ----a-w-    c:\windows\system32\lsasrv.dll
2016-08-19 10:02 . 2016-07-11 05:36    2048    ----a-w-    c:\windows\system32\tzres.dll
2016-08-17 18:25 . 2016-08-17 18:27    --------    d-----w-    C:\AdwCleaner
2016-08-17 06:48 . 2008-01-01 09:50    170200    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-08-17 06:47 . 2016-08-17 06:47    --------    d-----w-    c:\program files\Malwarebytes Anti-Malware
2016-08-17 06:47 . 2016-08-17 06:47    --------    d-----w-    c:\programdata\Malwarebytes
2016-08-17 06:47 . 2016-03-10 21:09    53120    ----a-w-    c:\windows\system32\drivers\mwac.sys
2016-08-17 06:47 . 2016-03-10 21:08    126336    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2016-08-17 06:47 . 2016-03-10 21:08    24448    ----a-w-    c:\windows\system32\drivers\mbam.sys
2016-07-17 10:09 . 2016-06-25 15:37    122880    ----a-w-    c:\windows\system32\inetpp.dll
2016-07-17 10:09 . 2016-06-25 14:40    61440    ----a-w-    c:\windows\system32\ntprint.exe
2016-07-17 10:09 . 2016-06-25 15:37    443904    ----a-w-    c:\windows\system32\win32spl.dll
2016-07-17 10:09 . 2016-06-25 15:37    216064    ----a-w-    c:\windows\system32\ntprint.dll
2016-07-17 10:09 . 2016-06-25 15:37    626176    ----a-w-    c:\windows\system32\localspl.dll
2016-06-30 10:09 . 2016-05-18 15:33    299520    ----a-w-    c:\windows\system32\gdi32.dll
2016-06-30 10:08 . 2016-05-10 15:31    179200    ----a-w-    c:\windows\system32\ws2_32.dll
2016-06-30 10:08 . 2016-05-10 15:31    377344    ----a-w-    c:\windows\system32\winhttp.dll
2016-06-30 10:08 . 2016-05-10 15:31    223232    ----a-w-    c:\windows\system32\mswsock.dll
2016-06-30 10:08 . 2016-05-10 14:28    185856    ----a-w-    c:\windows\system32\drivers\netbt.sys
2016-06-30 10:08 . 2016-05-10 14:28    21504    ----a-w-    c:\windows\system32\netbtugc.exe
2016-06-30 10:03 . 2016-05-12 15:34    61440    ----a-w-    c:\windows\system32\winipsec.dll
2016-06-30 10:03 . 2016-05-12 15:34    273920    ----a-w-    c:\windows\system32\polstore.dll
2016-06-30 10:03 . 2016-05-12 15:34    365056    ----a-w-    c:\windows\system32\IPSECSVC.DLL
2016-06-30 10:03 . 2016-05-12 15:34    582144    ----a-w-    c:\windows\system32\gpsvc.dll
2016-06-30 10:03 . 2016-05-12 15:33    75264    ----a-w-    c:\windows\system32\gpapi.dll
2016-06-30 10:03 . 2016-05-12 15:33    28672    ----a-w-    c:\windows\system32\FwRemoteSvr.dll
2016-06-30 10:01 . 2016-05-14 15:41    17920    ----a-w-    c:\windows\system32\netevent.dll
2016-06-30 10:01 . 2016-05-14 14:19    304128    ----a-w-    c:\windows\system32\drivers\srv.sys
2016-06-30 10:01 . 2016-05-14 14:18    146432    ----a-w-    c:\windows\system32\drivers\srv2.sys
2016-06-30 10:01 . 2016-05-14 14:18    103936    ----a-w-    c:\windows\system32\drivers\srvnet.sys
2016-06-30 10:01 . 2016-05-14 15:41    175616    ----a-w-    c:\windows\system32\wdigest.dll
2016-06-30 10:01 . 2016-05-11 13:09    440552    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2016-06-30 10:00 . 2016-05-14 15:47    306408    ----a-w-    c:\windows\system32\atmfd.dll
2016-06-30 10:00 . 2016-05-14 15:41    34304    ----a-w-    c:\windows\system32\atmlib.dll
2016-05-20 10:13 . 2016-05-20 10:13    875712    ----a-w-    c:\windows\system32\msvcr120_clr0400.dll
2016-05-20 10:13 . 2016-05-20 10:13    536768    ----a-w-    c:\windows\system32\msvcp120_clr0400.dll
2016-05-15 10:18 . 2016-04-09 21:17    975360    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2016-05-15 10:08 . 2016-04-09 21:22    638184    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2016-05-15 10:08 . 2016-04-09 21:16    37376    ----a-w-    c:\windows\system32\cdd.dll
2016-05-15 10:07 . 2016-04-07 15:53    1220608    ----a-w-    c:\program files\Windows Journal\NBDoc.DLL
2016-05-15 10:07 . 2016-04-07 15:53    985600    ----a-w-    c:\program files\Windows Journal\JNTFiltr.dll
2016-05-15 10:07 . 2016-04-07 15:53    967680    ----a-w-    c:\program files\Windows Journal\JNWDRV.dll
2016-05-15 10:07 . 2016-04-07 15:53    672768    ----a-w-    c:\program files\Windows Journal\InkSeg.dll
2016-05-15 10:07 . 2016-04-07 14:20    1850880    ----a-w-    c:\program files\Windows Journal\Journal.exe
2016-05-15 10:06 . 2016-03-09 16:57    15872    ----a-w-    c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2016-05-15 10:03 . 2016-04-09 20:37    3608808    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2016-05-15 10:03 . 2016-04-09 20:37    3556584    ----a-w-    c:\windows\system32\ntoskrnl.exe
2016-05-15 10:03 . 2016-03-10 17:07    501760    ----a-w-    c:\windows\system32\kerberos.dll
2016-05-15 10:01 . 2016-04-09 19:07    486912    ----a-w-    c:\windows\system32\d3d10level9.dll
2016-04-15 10:11 . 2016-03-04 16:52    1253376    ----a-w-    c:\windows\system32\msxml3.dll
2016-04-15 10:10 . 2016-03-18 17:10    206336    ----a-w-    c:\windows\system32\ncrypt.dll
2016-04-15 10:10 . 2016-03-18 17:10    72704    ----a-w-    c:\windows\system32\secur32.dll
2016-04-15 10:10 . 2016-03-18 17:10    57344    ----a-w-    c:\windows\system32\samlib.dll
2016-04-15 10:10 . 2016-03-18 17:10    486912    ----a-w-    c:\windows\system32\samsrv.dll
2016-04-15 10:03 . 2016-03-21 22:57    1208568    ----a-w-    c:\windows\system32\ntdll.dll
2016-04-15 10:03 . 2016-03-18 17:10    1316864    ----a-w-    c:\windows\system32\ole32.dll
2016-04-15 10:02 . 2016-03-17 17:45    180224    ----a-w-    c:\windows\system32\msorcl32.dll
2016-04-15 10:02 . 2016-03-17 17:45    290816    ----a-w-    c:\program files\Common Files\System\Ole DB\msdaora.dll
2016-04-15 10:02 . 2016-03-17 17:45    105472    ----a-w-    c:\windows\system32\mtxoci.dll
2016-03-11 11:16 . 2016-02-06 02:11    802304    ----a-w-    c:\windows\system32\advapi32.dll
2016-03-11 11:16 . 2016-02-06 02:12    783872    ----a-w-    c:\windows\system32\rpcrt4.dll
2016-03-11 11:16 . 2016-02-06 02:11    49664    ----a-w-    c:\windows\system32\csrsrv.dll
2016-03-11 11:16 . 2016-02-06 00:32    64000    ----a-w-    c:\windows\system32\smss.exe
2016-03-11 11:14 . 2016-02-06 02:12    707584    ----a-w-    c:\program files\Common Files\System\wab32.dll
2016-03-11 11:14 . 2016-02-06 02:12    41984    ----a-w-    c:\program files\Windows Mail\wabimp.dll
2016-03-11 11:14 . 2016-02-06 02:12    33280    ----a-w-    c:\program files\Windows Mail\wabfind.dll
2016-03-11 11:14 . 2016-02-06 00:37    65536    ----a-w-    c:\program files\Windows Mail\wabmig.exe
2016-03-11 11:14 . 2016-02-06 00:37    515584    ----a-w-    c:\program files\Windows Mail\wab.exe
2016-03-11 11:14 . 2016-02-03 17:06    89600    ----a-w-    c:\windows\system32\olepro32.dll
2016-03-11 11:14 . 2016-02-03 17:06    564736    ----a-w-    c:\windows\system32\oleaut32.dll
2016-03-11 11:14 . 2016-02-03 17:05    67072    ----a-w-    c:\windows\system32\asycfilt.dll
2016-03-11 05:22 . 2016-03-11 05:22    --------    d-----w-    c:\program files\QuickTime
2016-02-26 09:32 . 2016-08-17 18:31    --------    d-----w-    c:\program files\Mozilla Maintenance Service
2016-02-17 08:54 . 2016-02-17 08:54    --------    d-----w-    c:\program files\Mp3tag
2016-02-15 11:03 . 2016-01-07 15:18    115200    ----a-w-    c:\windows\system32\drivers\mrxdav.sys
2016-01-18 11:08 . 2015-11-13 16:56    66560    ----a-w-    c:\windows\system32\mapistub.dll
2016-01-18 11:08 . 2015-11-13 15:27    13824    ----a-w-    c:\windows\system32\fixmapi.exe
2015-12-16 11:14 . 2015-11-06 16:32    219648    ----a-w-    c:\windows\system32\d3d10_1core.dll
2015-12-16 11:14 . 2015-11-06 16:32    189952    ----a-w-    c:\windows\system32\d3d10core.dll
2015-12-16 11:14 . 2015-11-06 16:32    160768    ----a-w-    c:\windows\system32\d3d10_1.dll
2015-12-16 11:14 . 2015-11-06 15:20    682496    ----a-w-    c:\windows\system32\d2d1.dll
2015-12-16 11:14 . 2015-11-06 17:05    627712    ----a-w-    c:\windows\system32\user32.dll
2015-12-16 11:14 . 2015-11-06 16:32    1029120    ----a-w-    c:\windows\system32\d3d10.dll
2015-12-16 11:14 . 2015-11-06 15:27    1172480    ----a-w-    c:\windows\system32\d3d10warp.dll
2015-12-16 11:14 . 2015-11-06 15:20    1073152    ----a-w-    c:\windows\system32\DWrite.dll
2015-12-16 11:14 . 2015-11-06 15:19    802304    ----a-w-    c:\windows\system32\FntCache.dll
2015-12-16 11:12 . 2015-11-02 17:04    179200    ----a-w-    c:\windows\system32\els.dll
2015-12-16 11:10 . 2015-11-10 17:03    1208832    ----a-w-    c:\windows\system32\comsvcs.dll
2015-12-16 11:10 . 2015-11-10 17:03    488448    ----a-w-    c:\windows\system32\catsrvut.dll
2015-12-16 11:10 . 2015-11-05 07:34    113664    ----a-w-    c:\windows\system32\drivers\rmcast.sys
2015-12-09 21:59 . 2015-12-09 21:59    94208    ----a-w-    c:\windows\system32\QuickTimeVR.qtx
2015-12-09 21:59 . 2015-12-09 21:59    69632    ----a-w-    c:\windows\system32\QuickTime.qts
2015-11-14 11:06 . 2015-10-13 14:31    273408    ----a-w-    c:\windows\system32\drivers\afd.sys
2015-11-14 11:06 . 2015-10-13 14:31    72192    ----a-w-    c:\windows\system32\drivers\tdx.sys
2015-11-14 11:03 . 2015-10-10 16:02    526272    ----a-w-    c:\windows\system32\drivers\ndis.sys
2015-11-14 11:01 . 2015-09-26 16:05    281600    ----a-w-    c:\windows\system32\schannel.dll
2015-11-14 11:01 . 2015-09-26 13:21    274432    ----a-w-    c:\windows\system32\bcrypt.dll
2015-10-18 10:02 . 2015-09-01 16:00    1305088    ----a-w-    c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2015-10-18 10:02 . 2015-09-01 16:00    115200    ----a-w-    c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2015-10-14 01:20 . 2015-10-14 01:20    --------    d-----w-    c:\program files\iPod
2015-10-14 01:20 . 2015-10-14 01:21    --------    d-----w-    c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-10-14 01:20 . 2015-10-14 01:21    --------    d-----w-    c:\program files\iTunes
2015-10-14 01:16 . 2015-10-14 01:16    --------    d-----w-    c:\program files\Apple Software Update
2015-09-14 10:20 . 2015-09-02 21:26    1402368    ----a-w-    c:\windows\system32\msxml6.dll
2015-09-14 10:16 . 2015-08-05 15:59    602112    ----a-w-    c:\windows\system32\schedsvc.dll
2015-08-14 07:10 . 2015-08-14 07:10    --------    d-----w-    c:\programdata\Freemake
2015-08-14 07:10 . 2015-08-14 07:10    --------    d-----w-    c:\program files\Common Files\Freemake Shared
2015-08-14 07:09 . 2015-08-14 07:10    --------    d-----w-    c:\program files\Freemake
2015-08-12 10:10 . 2015-07-21 16:07    56256    ----a-w-    c:\windows\system32\drivers\mountmgr.sys
2015-08-12 10:10 . 2015-07-21 16:07    140224    ----a-w-    c:\windows\system32\drivers\ecache.sys
2015-08-12 10:10 . 2015-07-21 16:03    10752    ----a-w-    c:\windows\system32\msmmsp.dll
2015-08-12 10:10 . 2015-07-21 16:03    564224    ----a-w-    c:\windows\system32\emdmgmt.dll
2015-08-12 10:08 . 2015-07-31 19:27    103120    ----a-w-    c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:07 . 2015-07-10 19:37    2067968    ----a-w-    c:\windows\system32\mstscax.dll
2015-08-12 10:02 . 2015-07-18 16:03    68608    ----a-w-    c:\windows\system32\basesrv.dll
2015-08-12 10:01 . 2015-07-01 15:57    199680    ----a-w-    c:\windows\system32\WebClnt.dll
2015-08-12 10:00 . 2015-07-09 14:25    151040    ----a-w-    c:\windows\system32\notepad.exe
2015-08-12 10:00 . 2015-07-09 14:25    151040    ----a-w-    c:\windows\notepad.exe
2015-08-12 01:59 . 2016-01-18 11:28    --------    d-----w-    c:\windows\system32\RTCOM
2015-08-12 01:57 . 2014-05-13 03:11    60636160    ----a-w-    c:\windows\system32\RCoRes.dat
2015-08-12 01:56 . 2014-04-10 19:19    28062296    ----a-w-    c:\windows\system32\MaxxAudioVnA.dll
2015-08-12 01:56 . 2014-04-10 19:19    1691224    ----a-w-    c:\windows\system32\MaxxAudioRealtek2.dll
2015-08-12 01:56 . 2014-04-10 19:19    14585432    ----a-w-    c:\windows\system32\MaxxAudioRealtek.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-28 22:39 . 2014-12-28 22:39    4096    ----a-w-    c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui
2014-10-25 01:00 . 2014-12-28 22:18    53760    ----a-w-    c:\windows\apppatch\iebrshim.dll
2012-07-26 03:26 . 2014-12-28 22:20    2560    ----a-w-    c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2011-05-05 16:01 . 2006-11-02 08:55    8704    ----a-w-    c:\windows\system32\hccoin.dll
2011-03-03 15:40 . 2014-12-28 00:21    173056    ----a-w-    c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2014-12-28 00:21    542720    ----a-w-    c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2014-12-28 00:21    458752    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2014-12-28 00:21    2159616    ----a-w-    c:\windows\apppatch\AcGenral.dll
2009-11-03 21:46 . 2014-12-28 02:19    36864    ----a-w-    c:\windows\system32\drivers\en-US\http.sys.mui
2009-10-01 01:08 . 2014-12-28 23:02    3072    ----a-w-    c:\windows\system32\drivers\UMDF\en-US\wpdmtpdr.dll.mui
2009-04-11 06:32 . 2006-11-02 08:30    177128    ----a-w-    c:\windows\system32\halmacpi.dll
2009-04-11 06:32 . 2006-11-02 08:30    140776    ----a-w-    c:\windows\system32\halacpi.dll
2009-04-11 06:28 . 2014-12-28 21:00    40960    ----a-w-    c:\windows\apppatch\apihex86.dll
2009-04-11 06:24 . 2014-12-28 21:00    4096    ----a-w-    c:\windows\system32\drivers\en-US\hdaudbus.sys.mui
2009-04-11 06:22 . 2014-12-28 21:00    8192    ----a-w-    c:\windows\system32\drivers\en-US\bthport.sys.mui
2008-01-21 02:26 . 2006-11-02 10:32    101888    ----a-w-    c:\windows\system32\ifxcardm.dll
2008-01-21 02:26 . 2006-11-02 10:32    82432    ----a-w-    c:\windows\system32\axaltocm.dll
2008-01-21 02:25 . 2008-01-21 02:25    20480    ----a-w-    c:\windows\system32\drivers\en-US\mpio.sys.mui
2008-01-21 02:25 . 2008-01-21 02:25    32768    ----a-w-    c:\windows\system32\drivers\en-US\volsnap.sys.mui
2008-01-21 02:25 . 2008-01-21 02:25    5120    ----a-w-    c:\windows\system32\drivers\en-US\tpm.sys.mui
2008-01-21 02:25 . 2008-01-21 02:25    6656    ----a-w-    c:\windows\system32\drivers\en-US\luafv.sys.mui
2008-01-21 02:25 . 2008-01-21 02:25    19968    ----a-w-    c:\windows\system32\drivers\en-US\e1e6032.sys.mui
2008-01-21 02:25 . 2008-01-21 02:25    5120    ----a-w-    c:\windows\system32\drivers\en-US\b57nd60x.sys.mui
2008-01-21 02:25 . 2008-01-21 02:25    16896    ----a-w-    c:\windows\system32\drivers\en-US\E1G60I32.sys.mui
2008-01-21 02:24 . 2008-01-21 02:24    237568    ----a-w-    c:\windows\apppatch\AcRedir.dll
2008-01-21 02:23 . 2006-11-02 07:36    31288    ----a-w-    c:\windows\system32\drivers\megasas.sys
2008-01-21 02:23 . 2006-11-02 07:36    149560    ----a-w-    c:\windows\system32\drivers\adpu320.sys
2008-01-21 02:23 . 2006-11-02 08:55    35328    ----a-w-    c:\windows\system32\drivers\circlass.sys
2008-01-21 02:23 . 2006-11-02 07:36    74808    ----a-w-    c:\windows\system32\drivers\sisraid4.sys
2008-01-21 02:23 . 2006-11-02 07:36    41016    ----a-w-    c:\windows\system32\drivers\sisraid2.sys
2008-01-21 02:23 . 2006-11-02 07:36    40504    ----a-w-    c:\windows\system32\drivers\HpCISSs.sys
2008-01-21 02:23 . 2006-11-02 07:36    101432    ----a-w-    c:\windows\system32\drivers\adpu160m.sys
2008-01-21 02:23 . 2006-11-02 07:36    89656    ----a-w-    c:\windows\system32\drivers\lsi_sas.sys
2008-01-21 02:23 . 2006-11-02 07:36    300600    ----a-w-    c:\windows\system32\drivers\adpahci.sys
2008-01-21 02:23 . 2006-11-02 08:54    22072    ----a-w-    c:\windows\system32\drivers\wd.sys
2008-01-21 02:23 . 2006-11-02 07:36    1122360    ----a-w-    c:\windows\system32\drivers\ql2300.sys
2008-01-21 02:23 . 2006-11-02 07:36    79928    ----a-w-    c:\windows\system32\drivers\arcsas.sys
2008-01-21 02:23 . 2006-11-02 08:51    12288    ----a-w-    c:\windows\system32\drivers\sffp_mmc.sys
2008-01-21 02:23 . 2006-11-02 08:51    11776    ----a-w-    c:\windows\system32\drivers\sffp_sd.sys
2008-01-21 02:23 . 2006-11-02 08:51    13312    ----a-w-    c:\windows\system32\drivers\sffdisk.sys
2008-01-21 02:23 . 2006-11-02 08:38    6656    ----a-w-    c:\windows\system32\kbd106.dll
2008-01-21 02:23 . 2006-11-02 07:36    130616    ----a-w-    c:\windows\system32\drivers\vsmraid.sys
2008-01-21 02:23 . 2006-11-02 07:36    96312    ----a-w-    c:\windows\system32\drivers\lsi_fc.sys
2008-01-21 02:23 . 2006-11-02 07:36    115816    ----a-w-    c:\windows\system32\drivers\ulsata2.sys
2008-01-21 02:23 . 2006-11-02 07:36    79416    ----a-w-    c:\windows\system32\drivers\arc.sys
2008-01-21 02:23 . 2006-11-02 07:36    235064    ----a-w-    c:\windows\system32\drivers\iaStorV.sys
2008-01-21 02:23 . 2006-11-02 08:52    24632    ----a-w-    c:\windows\system32\drivers\crcdisk.sys
2008-01-21 02:23 . 2006-11-02 08:42    64512    ----a-w-    c:\windows\system32\drivers\IPMIDrv.sys
2008-01-21 02:23 . 2006-11-02 08:35    61496    ----a-w-    c:\windows\system32\drivers\GAGP30KX.SYS
2008-01-21 02:23 . 2006-11-02 08:35    59448    ----a-w-    c:\windows\system32\drivers\UAGP35.SYS
2008-01-21 02:23 . 2006-11-02 07:36    342584    ----a-w-    c:\windows\system32\drivers\elxstor.sys
2008-01-21 02:23 . 2006-11-02 08:52    94776    ----a-w-    c:\windows\system32\drivers\msdsm.sys
2008-01-21 02:23 . 2006-11-02 07:36    45112    ----a-w-    c:\windows\system32\drivers\nvstor.sys
2008-01-21 02:23 . 2006-11-02 07:36    102968    ----a-w-    c:\windows\system32\drivers\nvraid.sys
2008-01-21 02:23 . 2006-11-02 07:36    422968    ----a-w-    c:\windows\system32\drivers\adp94xx.sys
2008-01-21 02:23 . 2006-11-02 08:52    105016    ----a-w-    c:\windows\system32\drivers\mpio.sys
2008-01-21 02:23 . 2006-11-02 08:51    15872    ----a-w-    c:\windows\system32\drivers\mouhid.sys
2008-01-21 02:23 . 2006-11-02 07:36    238648    ----a-w-    c:\windows\system32\drivers\uliahci.sys
2008-01-21 02:23 . 2006-11-02 08:52    19000    ----a-w-    c:\windows\system32\drivers\i2omgmt.sys
2008-01-21 02:23 . 2006-11-02 08:51    30264    ----a-w-    c:\windows\system32\drivers\i2omp.sys
2008-01-21 02:23 . 2006-11-02 09:04    22632    ----a-w-    c:\windows\system32\streamci.dll
2008-01-21 02:23 . 2006-11-02 09:03    248832    ----a-w-    c:\windows\system32\drivers\rdpdr.sys
2008-01-21 02:23 . 2006-11-02 08:35    49720    ----a-w-    c:\windows\system32\drivers\isapnp.sys
2008-01-21 02:23 . 2006-11-02 08:35    60984    ----a-w-    c:\windows\system32\drivers\ULIAGPKX.SYS
2008-01-21 02:23 . 2006-11-02 08:35    109112    ----a-w-    c:\windows\system32\drivers\NV_AGP.SYS
2008-01-21 02:23 . 2006-11-02 08:35    56888    ----a-w-    c:\windows\system32\drivers\VIAAGP.SYS
2008-01-21 02:23 . 2006-11-02 08:35    57400    ----a-w-    c:\windows\system32\drivers\AMDAGP.SYS
2008-01-21 02:23 . 2006-11-02 08:35    56376    ----a-w-    c:\windows\system32\drivers\AGP440.sys
2008-01-21 02:23 . 2006-11-02 08:35    55864    ----a-w-    c:\windows\system32\drivers\SISAGP.SYS
2008-01-21 02:23 . 2006-11-02 08:51    28728    ----a-w-    c:\windows\system32\drivers\msahci.sys
2008-01-21 02:23 . 2006-11-02 08:51    20024    ----a-w-    c:\windows\system32\drivers\viaide.sys
2008-01-21 02:23 . 2006-11-02 08:51    17976    ----a-w-    c:\windows\system32\drivers\amdide.sys
2008-01-21 02:23 . 2006-11-02 08:51    19000    ----a-w-    c:\windows\system32\drivers\cmdide.sys
2008-01-21 02:23 . 2006-11-02 08:51    17464    ----a-w-    c:\windows\system32\drivers\aliide.sys
2008-01-21 02:23 . 2006-11-02 08:35    20792    ----a-w-    c:\windows\system32\drivers\compbatt.sys
2008-01-21 02:23 . 2006-11-02 08:35    11264    ----a-w-    c:\windows\system32\drivers\wmiacpi.sys
2008-01-21 02:23 . 2006-11-02 08:35    28216    ----a-w-    c:\windows\system32\drivers\battc.sys
2008-01-21 02:23 . 2006-11-02 08:30    41472    ----a-w-    c:\windows\system32\drivers\viac7.sys
2008-01-21 02:23 . 2006-11-02 08:30    44032    ----a-w-    c:\windows\system32\drivers\amdk8.sys
2008-01-21 02:23 . 2006-11-02 08:30    41472    ----a-w-    c:\windows\system32\drivers\amdk7.sys
2008-01-21 02:23 . 2006-11-02 08:30    40960    ----a-w-    c:\windows\system32\drivers\processr.sys
2008-01-21 02:23 . 2006-11-02 08:30    40960    ----a-w-    c:\windows\system32\drivers\crusoe.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-05-10 12021464]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-09-12 157456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-05-08 13:48    959904    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2014-12-12 17:21    5489944    ----a-w-    c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
2015-05-01 16:52    2685072    ----a-w-    c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductUpdater]
2015-06-17 15:44    62464    ----a-w-    c:\program files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-10-07 23:39    507776    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23    1008184    ----a-w-    c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2009-04-11 06:28    2153472    ----a-w-    c:\windows\System32\oobefldr.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-04-15 03:39    1106072    ----a-w-    c:\program files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2008-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-12-30 12:58]
.
2016-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-12-30 12:58]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
TCP: Interfaces\{9F230F35-2E15-4729-84D3-C5DBD3EFC0E1}: NameServer = 75.75.75.75,75.75.76.76
FF - ProfilePath - c:\users\Andrew P Saputo\AppData\Roaming\Mozilla\Firefox\Profiles\e5vq89j0.default\
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
.
.
.
**************************************************************************
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files:
.
**************************************************************************
.
Completion time: 2008-01-04  03:10:54
ComboFix-quarantined-files.txt  2008-01-04 11:10
.
Pre-Run: 340,327,714,816 bytes free
Post-Run: 340,258,062,336 bytes free
.
- - End Of File - - 68744B4C5B5334917EDB141708B6336D
5C616939100B85E558DA92B899A0FC36
 

TDSSkiller.txt

 

03:26:50.0572 0x0194  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
03:27:01.0383 0x0194  ============================================================
03:27:01.0383 0x0194  Current date / time: 2008/01/04 03:27:01.0383
03:27:01.0383 0x0194  SystemInfo:
03:27:01.0383 0x0194  
03:27:01.0383 0x0194  OS Version: 6.0.6002 ServicePack: 2.0
03:27:01.0383 0x0194  Product type: Workstation
03:27:01.0383 0x0194  ComputerName: GRUMPY
03:27:01.0383 0x0194  UserName: Andrew P Saputo
03:27:01.0383 0x0194  Windows directory: C:\Windows
03:27:01.0383 0x0194  System windows directory: C:\Windows
03:27:01.0383 0x0194  Processor architecture: Intel x86
03:27:01.0383 0x0194  Number of processors: 2
03:27:01.0383 0x0194  Page size: 0x1000
03:27:01.0383 0x0194  Boot type: Safe boot with network
03:27:01.0383 0x0194  CodeIntegrityOptions = 0x00000000
03:27:01.0383 0x0194  ============================================================
03:27:03.0006 0x0194  KLMD registered as C:\Windows\system32\drivers\25690931.sys
03:27:03.0006 0x0194  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 6002.19636, osProperties = 0x0
03:27:03.0084 0x0194  System UUID: {942B5A4E-4048-FDDC-5AD5-528F6E6B0C1C}
03:27:03.0474 0x0194  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 ( 232.83 Gb ), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
03:27:03.0505 0x0194  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
03:27:03.0505 0x0194  Drive \Device\Harddisk2\DR2 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
03:27:03.0505 0x0194  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0B00000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
03:27:03.0988 0x0194  Drive \Device\Harddisk4\DR4 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
03:27:12.0459 0x0194  Drive \Device\Harddisk5\DR5 - Size: 0x2BAA1475000 ( 2794.52 Gb ), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
03:27:12.0693 0x0194  ============================================================
03:27:12.0693 0x0194  \Device\Harddisk0\DR0:
03:27:12.0693 0x0194  MBR partitions:
03:27:12.0693 0x0194  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
03:27:12.0693 0x0194  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x1BD8D000
03:27:12.0693 0x0194  \Device\Harddisk1\DR1:
03:27:12.0693 0x0194  MBR partitions:
03:27:12.0693 0x0194  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
03:27:12.0693 0x0194  \Device\Harddisk2\DR2:
03:27:12.0693 0x0194  MBR partitions:
03:27:12.0693 0x0194  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
03:27:12.0693 0x0194  \Device\Harddisk3\DR3:
03:27:12.0693 0x0194  MBR partitions:
03:27:12.0693 0x0194  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
03:27:12.0693 0x0194  \Device\Harddisk4\DR4:
03:27:12.0693 0x0194  MBR partitions:
03:27:12.0693 0x0194  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
03:27:12.0693 0x0194  \Device\Harddisk5\DR5:
03:27:12.0709 0x0194  GPT partitions:
03:27:12.0709 0x0194  \Device\Harddisk5\DR5\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {14E5CA0E-9EEE-4780-B95C-7FB4779656F8}, Name: Microsoft reserved partition, StartLBA 0x6, BlocksNum 0x8000
03:27:12.0709 0x0194  \Device\Harddisk5\DR5\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CF489BB2-2D48-46F7-9942-819588DB90AE}, Name: Basic data partition, StartLBA 0x8100, BlocksNum 0x2BA99300
03:27:12.0709 0x0194  MBR partitions:
03:27:12.0709 0x0194  ============================================================
03:27:12.0724 0x0194  C: <-> \Device\Harddisk2\DR2\Partition1
03:27:12.0740 0x0194  D: <-> \Device\Harddisk0\DR0\Partition2
03:27:12.0756 0x0194  F: <-> \Device\Harddisk1\DR1\Partition1
03:27:12.0787 0x0194  G: <-> \Device\Harddisk0\DR0\Partition1
03:27:12.0849 0x0194  K: <-> \Device\Harddisk5\DR5\Partition2
03:27:12.0865 0x0194  H: <-> \Device\Harddisk4\DR4\Partition1
03:27:13.0426 0x0194  I: <-> \Device\Harddisk3\DR3\Partition1
03:27:13.0426 0x0194  ============================================================
03:27:13.0426 0x0194  Initialize success
03:27:13.0426 0x0194  ============================================================
03:27:48.0402 0x0628  ============================================================
03:27:48.0402 0x0628  Scan started
03:27:48.0402 0x0628  Mode: Manual; SigCheck; TDLFS;
03:27:48.0402 0x0628  ============================================================
03:27:48.0402 0x0628  KSN ping started
03:27:48.0558 0x0628  KSN ping finished: true
03:27:49.0525 0x0628  ================ Scan system memory ========================
03:27:49.0525 0x0628  System memory - ok
03:27:49.0525 0x0628  ================ Scan services =============================
03:27:49.0696 0x0628  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
03:27:49.0759 0x0628  ACPI - ok
03:27:49.0852 0x0628  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
03:27:49.0868 0x0628  AdobeARMservice - ok
03:27:49.0946 0x0628  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
03:27:49.0962 0x0628  adp94xx - ok
03:27:50.0040 0x0628  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
03:27:50.0040 0x0628  adpahci - ok
03:27:50.0055 0x0628  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
03:27:50.0071 0x0628  adpu160m - ok
03:27:50.0086 0x0628  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
03:27:50.0086 0x0628  adpu320 - ok
03:27:50.0164 0x0628  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
03:27:50.0180 0x0628  AeLookupSvc - ok
03:27:50.0258 0x0628  [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD             C:\Windows\system32\drivers\afd.sys
03:27:50.0274 0x0628  AFD - ok
03:27:50.0336 0x0628  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
03:27:50.0336 0x0628  agp440 - ok
03:27:50.0398 0x0628  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
03:27:50.0398 0x0628  aic78xx - ok
03:27:50.0414 0x0628  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
03:27:50.0461 0x0628  ALG - ok
03:27:50.0476 0x0628  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
03:27:50.0476 0x0628  aliide - ok
03:27:50.0492 0x0628  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
03:27:50.0492 0x0628  amdagp - ok
03:27:50.0508 0x0628  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
03:27:50.0523 0x0628  amdide - ok
03:27:50.0570 0x0628  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
03:27:50.0586 0x0628  AmdK7 - ok
03:27:50.0601 0x0628  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
03:27:50.0617 0x0628  AmdK8 - ok
03:27:50.0679 0x0628  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
03:27:50.0695 0x0628  Appinfo - ok
03:27:50.0788 0x0628  [ A9AE03362A846898368653E94B6DB1AA, EF6EE35E85C75561C1E6D38D0005C8E31FF492F0B2CDEB914ACA4E026759511D ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:27:50.0804 0x0628  Apple Mobile Device - ok
03:27:50.0866 0x0628  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
03:27:50.0882 0x0628  arc - ok
03:27:50.0944 0x0628  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
03:27:50.0944 0x0628  arcsas - ok
03:27:51.0069 0x0628  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
03:27:51.0069 0x0628  aspnet_state - ok
03:27:51.0132 0x0628  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
03:27:51.0147 0x0628  AsyncMac - ok
03:27:51.0163 0x0628  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
03:27:51.0178 0x0628  atapi - ok
03:27:51.0210 0x0628  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:27:51.0225 0x0628  AudioEndpointBuilder - ok
03:27:51.0241 0x0628  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
03:27:51.0256 0x0628  Audiosrv - ok
03:27:51.0366 0x0628  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
03:27:51.0381 0x0628  AVP16.0.0 - ok
03:27:51.0381 0x0628  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
03:27:51.0397 0x0628  Beep - ok
03:27:51.0490 0x0628  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
03:27:51.0506 0x0628  BFE - ok
03:27:51.0553 0x0628  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
03:27:51.0584 0x0628  BITS - ok
03:27:51.0662 0x0628  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
03:27:51.0693 0x0628  blbdrive - ok
03:27:51.0756 0x0628  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
03:27:51.0771 0x0628  Bonjour Service - ok
03:27:51.0834 0x0628  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
03:27:51.0849 0x0628  bowser - ok
03:27:51.0896 0x0628  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
03:27:51.0927 0x0628  BrFiltLo - ok
03:27:51.0943 0x0628  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
03:27:51.0943 0x0628  BrFiltUp - ok
03:27:51.0974 0x0628  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
03:27:51.0990 0x0628  Browser - ok
03:27:52.0036 0x0628  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
03:27:52.0068 0x0628  Brserid - ok
03:27:52.0083 0x0628  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
03:27:52.0114 0x0628  BrSerWdm - ok
03:27:52.0130 0x0628  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
03:27:52.0161 0x0628  BrUsbMdm - ok
03:27:52.0161 0x0628  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
03:27:52.0192 0x0628  BrUsbSer - ok
03:27:52.0239 0x0628  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
03:27:52.0270 0x0628  BTHMODEM - ok
03:27:52.0395 0x0628  catchme - ok
03:27:52.0458 0x0628  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
03:27:52.0473 0x0628  cdfs - ok
03:27:52.0536 0x0628  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
03:27:52.0551 0x0628  cdrom - ok
03:27:52.0629 0x0628  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
03:27:52.0645 0x0628  CertPropSvc - ok
03:27:52.0660 0x0628  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
03:27:52.0676 0x0628  circlass - ok
03:27:52.0707 0x0628  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
03:27:52.0707 0x0628  CLFS - ok
03:27:52.0754 0x0628  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:27:52.0770 0x0628  clr_optimization_v2.0.50727_32 - ok
03:27:52.0832 0x0628  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:27:52.0832 0x0628  clr_optimization_v4.0.30319_32 - ok
03:27:52.0848 0x0628  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
03:27:52.0848 0x0628  cmdide - ok
03:27:52.0879 0x0628  [ 1769C8644A974367C0F4F5C5215143AD, 9FE01BF2366848D67D2D3380C13F5BB544A5BB1D4C390BF9D58E36A0D8D18D91 ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
03:27:52.0894 0x0628  cm_km - ok
03:27:52.0910 0x0628  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
03:27:52.0910 0x0628  Compbatt - ok
03:27:52.0910 0x0628  COMSysApp - ok
03:27:52.0926 0x0628  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
03:27:52.0941 0x0628  crcdisk - ok
03:27:52.0957 0x0628  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
03:27:52.0972 0x0628  Crusoe - ok
03:27:53.0004 0x0628  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
03:27:53.0019 0x0628  CryptSvc - ok
03:27:53.0050 0x0628  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
03:27:53.0082 0x0628  DcomLaunch - ok
03:27:53.0128 0x0628  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
03:27:53.0128 0x0628  DfsC - ok
03:27:53.0206 0x0628  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
03:27:53.0284 0x0628  DFSR - ok
03:27:53.0394 0x0628  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
03:27:53.0409 0x0628  Dhcp - ok
03:27:53.0472 0x0628  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
03:27:53.0472 0x0628  disk - ok
03:27:53.0565 0x0628  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
03:27:53.0581 0x0628  Dnscache - ok
03:27:53.0643 0x0628  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
03:27:53.0659 0x0628  dot3svc - ok
03:27:53.0690 0x0628  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
03:27:53.0706 0x0628  DPS - ok
03:27:53.0784 0x0628  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
03:27:53.0784 0x0628  drmkaud - ok
03:27:53.0830 0x0628  [ 6D2A164686B15F590DF012ABA4735888, 8A7A2656571FCFE0B56F64E5FDF48B37D101C0D3CE50A8A22481DC440CAB46D9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
03:27:53.0877 0x0628  DXGKrnl - ok
03:27:53.0971 0x0628  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
03:27:53.0986 0x0628  E1G60 - ok
03:27:54.0064 0x0628  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
03:27:54.0096 0x0628  EapHost - ok
03:27:54.0158 0x0628  [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache          C:\Windows\system32\drivers\ecache.sys
03:27:54.0158 0x0628  Ecache - ok
03:27:54.0220 0x0628  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
03:27:54.0220 0x0628  ehRecvr - ok
03:27:54.0236 0x0628  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
03:27:54.0252 0x0628  ehSched - ok
03:27:54.0267 0x0628  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
03:27:54.0267 0x0628  ehstart - ok
03:27:54.0330 0x0628  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
03:27:54.0345 0x0628  elxstor - ok
03:27:54.0392 0x0628  [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
03:27:54.0408 0x0628  EMDMgmt - ok
03:27:54.0470 0x0628  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
03:27:54.0486 0x0628  ErrDev - ok
03:27:54.0517 0x0628  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
03:27:54.0532 0x0628  EventSystem - ok
03:27:54.0610 0x0628  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
03:27:54.0626 0x0628  exfat - ok
03:27:54.0673 0x0628  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
03:27:54.0673 0x0628  fastfat - ok
03:27:54.0688 0x0628  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
03:27:54.0720 0x0628  fdc - ok
03:27:54.0720 0x0628  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
03:27:54.0735 0x0628  fdPHost - ok
03:27:54.0751 0x0628  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
03:27:54.0798 0x0628  FDResPub - ok
03:27:54.0829 0x0628  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
03:27:54.0844 0x0628  FileInfo - ok
03:27:54.0860 0x0628  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
03:27:54.0876 0x0628  Filetrace - ok
03:27:54.0876 0x0628  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
03:27:54.0891 0x0628  flpydisk - ok
03:27:54.0907 0x0628  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
03:27:54.0922 0x0628  FltMgr - ok
03:27:55.0016 0x0628  [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache       C:\Windows\system32\FntCache.dll
03:27:55.0047 0x0628  FontCache - ok
03:27:55.0078 0x0628  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
03:27:55.0078 0x0628  FontCache3.0.0.0 - ok
03:27:55.0110 0x0628  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
03:27:55.0141 0x0628  Fs_Rec - ok
03:27:55.0156 0x0628  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
03:27:55.0156 0x0628  gagp30kx - ok
03:27:55.0188 0x0628  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:27:55.0188 0x0628  GEARAspiWDM - ok
03:27:55.0328 0x0628  [ AC6831C5D4D6A70A15B8963E8A1CD894, B1792907D7F31B4F648757DF347F619F824D1148B8B48A0297A256D704EDD829 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
03:27:55.0344 0x0628  GfExperienceService - ok
03:27:55.0437 0x0628  [ 1E74AA0D84B3AF74B39D63142DB0D2AA, EFA23EA053FB2CF2A374201F662680712F475C2461A84643755E9BC2E066E0A2 ] gpsvc           C:\Windows\System32\gpsvc.dll
03:27:55.0453 0x0628  gpsvc - ok
03:27:55.0500 0x0628  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
03:27:55.0500 0x0628  gupdate - ok
03:27:55.0515 0x0628  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
03:27:55.0515 0x0628  gupdatem - ok
03:27:55.0593 0x0628  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:27:55.0609 0x0628  HdAudAddService - ok
03:27:55.0640 0x0628  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
03:27:55.0671 0x0628  HDAudBus - ok
03:27:55.0702 0x0628  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
03:27:55.0749 0x0628  HidBth - ok
03:27:55.0765 0x0628  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
03:27:55.0796 0x0628  HidIr - ok
03:27:55.0796 0x0628  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
03:27:55.0812 0x0628  hidserv - ok
03:27:55.0827 0x0628  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
03:27:55.0843 0x0628  HidUsb - ok
03:27:55.0858 0x0628  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
03:27:55.0874 0x0628  hkmsvc - ok
03:27:55.0890 0x0628  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
03:27:55.0890 0x0628  HpCISSs - ok
03:27:55.0921 0x0628  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
03:27:55.0936 0x0628  HTTP - ok
03:27:55.0983 0x0628  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
03:27:55.0999 0x0628  i2omp - ok
03:27:56.0061 0x0628  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
03:27:56.0077 0x0628  i8042prt - ok
03:27:56.0092 0x0628  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
03:27:56.0092 0x0628  iaStorV - ok
03:27:56.0139 0x0628  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
03:27:56.0170 0x0628  idsvc - ok
03:27:56.0233 0x0628  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
03:27:56.0233 0x0628  iirsp - ok
03:27:56.0280 0x0628  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
03:27:56.0295 0x0628  IKEEXT - ok
03:27:56.0420 0x0628  [ 19B572DD46F038509846589DCB702B19, C887F184665F04AC3C02CB154D428E47917BBAD50295166C53BA03265092ABAB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
03:27:56.0560 0x0628  IntcAzAudAddService - ok
03:27:56.0592 0x0628  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
03:27:56.0607 0x0628  intelide - ok
03:27:56.0654 0x0628  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
03:27:56.0670 0x0628  intelppm - ok
03:27:56.0701 0x0628  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
03:27:56.0716 0x0628  IPBusEnum - ok
03:27:56.0748 0x0628  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:27:56.0763 0x0628  IpFilterDriver - ok
03:27:56.0779 0x0628  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
03:27:56.0810 0x0628  iphlpsvc - ok
03:27:56.0810 0x0628  IpInIp - ok
03:27:56.0841 0x0628  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
03:27:56.0857 0x0628  IPMIDRV - ok
03:27:56.0872 0x0628  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
03:27:56.0888 0x0628  IPNAT - ok
03:27:56.0966 0x0628  [ C23748B33D431E4CD5CA2E62500545FF, C62BDF433F50536BCDBC574D2F3B12D470C3B0FD950A553BB3921BB3195E41AA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
03:27:56.0982 0x0628  iPod Service - ok
03:27:57.0028 0x0628  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
03:27:57.0044 0x0628  IRENUM - ok
03:27:57.0060 0x0628  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
03:27:57.0060 0x0628  isapnp - ok
03:27:57.0091 0x0628  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
03:27:57.0106 0x0628  iScsiPrt - ok
03:27:57.0122 0x0628  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
03:27:57.0122 0x0628  iteatapi - ok
03:27:57.0138 0x0628  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
03:27:57.0138 0x0628  iteraid - ok
03:27:57.0153 0x0628  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
03:27:57.0153 0x0628  kbdclass - ok
03:27:57.0184 0x0628  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
03:27:57.0200 0x0628  kbdhid - ok
03:27:57.0278 0x0628  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
03:27:57.0294 0x0628  KeyIso - ok
03:27:57.0372 0x0628  [ 10003EB659D2EA81AC5222009834CB0D, 5E822B5CB52E4206E949DBB6BF8B3CA92EE06ED712C498FA54B86FA7B65DB2A4 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
03:27:57.0387 0x0628  kl1 - ok
03:27:57.0434 0x0628  [ 4C6908A4E14CE84C45FFF92F3C55793C, 798DC2D58D1688599869F3E2D550EF24AB8EAA8B90FE663168E4AF3D79E3C69B ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
03:27:57.0434 0x0628  klbackupdisk - ok
03:27:57.0465 0x0628  [ 9B2811697E00E59A3536380BB6333170, CFB23C5B9F1A8BC29A3318AE3D225C3FD46B386774EBD23F7C8A50C64690B692 ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
03:27:57.0465 0x0628  klbackupflt - ok
03:27:57.0512 0x0628  [ 01AAAA5927AC064D9A517406192DAC40, 654CD3EA9BBEDD0EEB1373F4DEF118A5C85173BC9BF3F75672DAEB9FD34F3D5B ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
03:27:57.0512 0x0628  kldisk - ok
03:27:57.0559 0x0628  [ A46E47921CD4D62A1834A7468142BFC4, 9D186172DD8525E5F0E99711633BFC65DC9033E6EA42317330580EF51D52A155 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
03:27:57.0559 0x0628  klflt - ok
03:27:57.0606 0x0628  [ 8C641F65085BE228CDB0ACDF49751162, 1E5F17E922DA556507077B5EB19EEB48B8E2D0A79307AB2735EA4B7C6724EDB1 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
03:27:57.0606 0x0628  klhk - ok
03:27:57.0684 0x0628  [ B21D371BB4FC56A89ACA1C1CB8DAD4F5, BFCCFEB44A23DD36DD3065FCA5E0D33B1869FCD68A985C61AD4078E2175CF746 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
03:27:57.0699 0x0628  KLIF - ok
03:27:57.0730 0x0628  [ B5E8BADD1B7904C04726EDB5BA32A19D, 36FFF3E65C9959DB9135DAC1BF84A0FCC0615FB35B9D85EFB87F3AE90B48C71C ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
03:27:57.0746 0x0628  KLIM6 - ok
03:27:57.0793 0x0628  [ 956B752A298D1BC88122CD75D63C1B1E, A64D4DBEB40B4081C676E159AAEFC8D28A2159E7CF4008900BFC898759668C04 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
03:27:57.0808 0x0628  klkbdflt - ok
03:27:57.0808 0x0628  [ B87153536ADE581E4874EE0F8AD09315, 7570BEF2455F1F51CA0FC5969C3046F8D20DF947DF3E71170ACB003D1C8972EE ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
03:27:57.0824 0x0628  klmouflt - ok
03:27:57.0840 0x0628  [ FB7425A738F6041D6AA7BB2211BD4D05, 5F6AD74B425EE374877E7E6AF11B650D40737FA51CE4171BFB513766CFA4C677 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
03:27:57.0855 0x0628  klpd - ok
03:27:57.0871 0x0628  [ 0EB799F1E13DABB97F580A4203BAD012, E2822D607062D9A2A7CEEE38AA85439909C93FBB65DD032D58711DB822D0EE1B ] kltdf           C:\Windows\system32\DRIVERS\kltdf.sys
03:27:57.0886 0x0628  kltdf - ok
03:27:57.0902 0x0628  [ 8E682FBB727A3A3C3B7FAF986FF4EA54, 7AA1A8E71D665B33E00E36BD076C0AA4450769D6F51A70C932CEB02108690A0D ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
03:27:57.0902 0x0628  kltdi - ok
03:27:57.0933 0x0628  [ E90ED53B73CBCD4DFE397AC7272FE3F3, CE2CA9823FA30927F919D6759696DEBDD22898BC62BA9B3A4D8162BAAFB2408E ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
03:27:57.0949 0x0628  kneps - ok
03:27:57.0980 0x0628  [ FBBC2D3579E6CF8279D46B44C89C49FF, C7188643CDB7DADAD944241F554266BEFA2239ED4AD7E85F4D37319D3FAC4FFE ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
03:27:57.0996 0x0628  KSecDD - ok
03:27:58.0027 0x0628  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
03:27:58.0058 0x0628  KtmRm - ok
03:27:58.0074 0x0628  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
03:27:58.0089 0x0628  LanmanServer - ok
03:27:58.0152 0x0628  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:27:58.0152 0x0628  LanmanWorkstation - ok
03:27:58.0183 0x0628  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
03:27:58.0198 0x0628  lltdio - ok
03:27:58.0230 0x0628  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
03:27:58.0261 0x0628  lltdsvc - ok
03:27:58.0276 0x0628  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
03:27:58.0308 0x0628  lmhosts - ok
03:27:58.0323 0x0628  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
03:27:58.0323 0x0628  LSI_FC - ok
03:27:58.0339 0x0628  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
03:27:58.0339 0x0628  LSI_SAS - ok
03:27:58.0339 0x0628  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
03:27:58.0354 0x0628  LSI_SCSI - ok
03:27:58.0370 0x0628  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
03:27:58.0386 0x0628  luafv - ok
03:27:58.0386 0x0628  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
03:27:58.0401 0x0628  Mcx2Svc - ok
03:27:58.0417 0x0628  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
03:27:58.0417 0x0628  megasas - ok
03:27:58.0479 0x0628  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
03:27:58.0495 0x0628  MegaSR - ok
03:27:58.0510 0x0628  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
03:27:58.0526 0x0628  MMCSS - ok
03:27:58.0542 0x0628  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
03:27:58.0573 0x0628  Modem - ok
03:27:58.0620 0x0628  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
03:27:58.0635 0x0628  monitor - ok
03:27:58.0682 0x0628  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
03:27:58.0682 0x0628  mouclass - ok
03:27:58.0698 0x0628  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
03:27:58.0713 0x0628  mouhid - ok
03:27:58.0729 0x0628  [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
03:27:58.0744 0x0628  MountMgr - ok
03:27:58.0822 0x0628  [ 69E23C730974BAC8C11DF2B7C4C9D37B, 8DC4448EC9C9647381952D7822B39C89E0997B4B964A785AE274144FADEE3C02 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
03:27:58.0838 0x0628  MozillaMaintenance - ok
03:27:58.0885 0x0628  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
03:27:58.0900 0x0628  mpio - ok
03:27:58.0947 0x0628  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
03:27:58.0963 0x0628  mpsdrv - ok
03:27:58.0994 0x0628  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
03:27:59.0010 0x0628  MpsSvc - ok
03:27:59.0025 0x0628  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
03:27:59.0041 0x0628  Mraid35x - ok
03:27:59.0072 0x0628  [ DADF6D90942C198CD15D345A9F6CF4CD, 993240684DA9EC5B45B28EEEB36B4676A0ADE5CA385C231DF7F94B81F6A69DD3 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
03:27:59.0088 0x0628  MRxDAV - ok
03:27:59.0103 0x0628  [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
03:27:59.0119 0x0628  mrxsmb - ok
03:27:59.0150 0x0628  [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:27:59.0166 0x0628  mrxsmb10 - ok
03:27:59.0166 0x0628  [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:27:59.0181 0x0628  mrxsmb20 - ok
03:27:59.0181 0x0628  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
03:27:59.0197 0x0628  msahci - ok
03:27:59.0212 0x0628  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
03:27:59.0212 0x0628  msdsm - ok
03:27:59.0244 0x0628  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
03:27:59.0259 0x0628  MSDTC - ok
03:27:59.0275 0x0628  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
03:27:59.0290 0x0628  Msfs - ok
03:27:59.0337 0x0628  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
03:27:59.0353 0x0628  msisadrv - ok
03:27:59.0384 0x0628  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
03:27:59.0400 0x0628  MSiSCSI - ok
03:27:59.0400 0x0628  msiserver - ok
03:27:59.0462 0x0628  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
03:27:59.0478 0x0628  MSKSSRV - ok
03:27:59.0509 0x0628  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
03:27:59.0524 0x0628  MSPCLOCK - ok
03:27:59.0556 0x0628  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
03:27:59.0571 0x0628  MSPQM - ok
03:27:59.0602 0x0628  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
03:27:59.0618 0x0628  MsRPC - ok
03:27:59.0618 0x0628  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
03:27:59.0634 0x0628  mssmbios - ok
03:27:59.0665 0x0628  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
03:27:59.0680 0x0628  MSTEE - ok
03:27:59.0712 0x0628  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
03:27:59.0712 0x0628  Mup - ok
03:27:59.0743 0x0628  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
03:27:59.0758 0x0628  napagent - ok
03:27:59.0821 0x0628  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
03:27:59.0836 0x0628  NativeWifiP - ok
03:27:59.0914 0x0628  [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS            C:\Windows\system32\drivers\ndis.sys
03:27:59.0930 0x0628  NDIS - ok
03:27:59.0977 0x0628  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
03:27:59.0992 0x0628  NdisTapi - ok
03:28:00.0008 0x0628  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
03:28:00.0024 0x0628  Ndisuio - ok
03:28:00.0039 0x0628  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
03:28:00.0055 0x0628  NdisWan - ok
03:28:00.0070 0x0628  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
03:28:00.0070 0x0628  NDProxy - ok
03:28:00.0148 0x0628  [ 9213AA35BCA94EB79D366DA254E4BDF5, 5E1C71BEB6CFFF5A6F149E9FE6E169D087A6CBE63A504FEE8D42170284952F85 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
03:28:00.0164 0x0628  Netaapl - ok
03:28:00.0180 0x0628  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
03:28:00.0195 0x0628  NetBIOS - ok
03:28:00.0242 0x0628  [ BF84E55A9B3AD3CBAB4AAE3BE043E579, A01D03836E67C6B434687FF3388DB0BD935BCF81A611728C32E7392694E7689C ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
03:28:00.0258 0x0628  netbt - ok
03:28:00.0273 0x0628  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
03:28:00.0273 0x0628  Netlogon - ok
03:28:00.0304 0x0628  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
03:28:00.0320 0x0628  Netman - ok
03:28:00.0351 0x0628  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
03:28:00.0351 0x0628  NetMsmqActivator - ok
03:28:00.0367 0x0628  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
03:28:00.0382 0x0628  NetPipeActivator - ok
03:28:00.0398 0x0628  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
03:28:00.0414 0x0628  netprofm - ok
03:28:00.0429 0x0628  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
03:28:00.0429 0x0628  NetTcpActivator - ok
03:28:00.0445 0x0628  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
03:28:00.0445 0x0628  NetTcpPortSharing - ok
03:28:00.0460 0x0628  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
03:28:00.0460 0x0628  nfrd960 - ok
03:28:00.0492 0x0628  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
03:28:00.0523 0x0628  NlaSvc - ok
03:28:00.0554 0x0628  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
03:28:00.0570 0x0628  Npfs - ok
03:28:00.0632 0x0628  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
03:28:00.0648 0x0628  nsi - ok
03:28:00.0648 0x0628  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
03:28:00.0663 0x0628  nsiproxy - ok
03:28:00.0710 0x0628  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
03:28:00.0741 0x0628  Ntfs - ok
03:28:00.0772 0x0628  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
03:28:00.0804 0x0628  ntrigdigi - ok
03:28:00.0850 0x0628  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
03:28:00.0866 0x0628  Null - ok
03:28:00.0960 0x0628  [ F69FD161BD904778E1D6EBE9EEBBC2B5, 463887665C45639E87D7371CB59032193FFC1A2E18D0E21E1709D40D03048AE9 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
03:28:00.0960 0x0628  NVHDA - ok
03:28:01.0256 0x0628  [ FCEA6786A7222DF6C26B008279139952, 9E96776417B45DC1ABDA5DE0CD36913FC6E6A38486D470BCBE01D09CE7388C4A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:28:01.0568 0x0628  nvlddmkm - ok
03:28:01.0693 0x0628  [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
03:28:01.0786 0x0628  NvNetworkService - ok
03:28:01.0833 0x0628  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
03:28:01.0849 0x0628  nvraid - ok
03:28:01.0927 0x0628  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
03:28:01.0927 0x0628  nvstor - ok
03:28:02.0020 0x0628  [ F4B2AAFDB72CC6A54A14A0D6DC82657A, CBC6F3E8BEE4920886A4A3F3269132719E520898590104BCD3391D77F435FD13 ] nvsvc           C:\Windows\system32\nvvsvc.exe
03:28:02.0083 0x0628  nvsvc - ok
03:28:02.0145 0x0628  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
03:28:02.0145 0x0628  nv_agp - ok
03:28:02.0161 0x0628  NwlnkFlt - ok
03:28:02.0161 0x0628  NwlnkFwd - ok
03:28:02.0239 0x0628  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
03:28:02.0254 0x0628  ohci1394 - ok
03:28:02.0301 0x0628  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
03:28:02.0332 0x0628  p2pimsvc - ok
03:28:02.0364 0x0628  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
03:28:02.0379 0x0628  p2psvc - ok
03:28:02.0473 0x0628  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
03:28:02.0488 0x0628  Parport - ok
03:28:02.0520 0x0628  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
03:28:02.0520 0x0628  partmgr - ok
03:28:02.0582 0x0628  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
03:28:02.0598 0x0628  Parvdm - ok
03:28:02.0629 0x0628  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
03:28:02.0644 0x0628  PcaSvc - ok
03:28:02.0676 0x0628  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
03:28:02.0676 0x0628  pci - ok
03:28:02.0722 0x0628  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
03:28:02.0738 0x0628  pciide - ok
03:28:02.0754 0x0628  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
03:28:02.0754 0x0628  pcmcia - ok
03:28:02.0800 0x0628  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
03:28:02.0878 0x0628  PEAUTH - ok
03:28:02.0956 0x0628  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
03:28:03.0097 0x0628  pla - ok
03:28:03.0175 0x0628  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
03:28:03.0190 0x0628  PlugPlay - ok
03:28:03.0206 0x0628  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
03:28:03.0222 0x0628  PNRPAutoReg - ok
03:28:03.0253 0x0628  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
03:28:03.0268 0x0628  PNRPsvc - ok
03:28:03.0346 0x0628  [ E16D328D6C5382916C1F7925E2A20662, D904E886614E9C18B1FE0FDE884777F01FAE7CD1688C5DB3CEE772E6BDEF1516 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
03:28:03.0362 0x0628  PolicyAgent - ok
03:28:03.0393 0x0628  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
03:28:03.0409 0x0628  PptpMiniport - ok
03:28:03.0440 0x0628  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
03:28:03.0456 0x0628  Processor - ok
03:28:03.0487 0x0628  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
03:28:03.0502 0x0628  ProfSvc - ok
03:28:03.0502 0x0628  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
03:28:03.0518 0x0628  ProtectedStorage - ok
03:28:03.0534 0x0628  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
03:28:03.0549 0x0628  PSched - ok
03:28:03.0580 0x0628  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
03:28:03.0627 0x0628  ql2300 - ok
03:28:03.0690 0x0628  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
03:28:03.0690 0x0628  ql40xx - ok
03:28:03.0752 0x0628  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
03:28:03.0783 0x0628  QWAVE - ok
03:28:03.0799 0x0628  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
03:28:03.0799 0x0628  QWAVEdrv - ok
03:28:03.0830 0x0628  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
03:28:03.0861 0x0628  RasAcd - ok
03:28:03.0877 0x0628  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
03:28:03.0892 0x0628  RasAuto - ok
03:28:03.0908 0x0628  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
03:28:03.0924 0x0628  Rasl2tp - ok
03:28:03.0955 0x0628  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
03:28:03.0970 0x0628  RasMan - ok
03:28:04.0002 0x0628  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
03:28:04.0017 0x0628  RasPppoe - ok
03:28:04.0033 0x0628  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
03:28:04.0048 0x0628  RasSstp - ok
03:28:04.0080 0x0628  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
03:28:04.0095 0x0628  rdbss - ok
03:28:04.0111 0x0628  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
03:28:04.0142 0x0628  RDPCDD - ok
03:28:04.0158 0x0628  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
03:28:04.0173 0x0628  rdpdr - ok
03:28:04.0189 0x0628  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
03:28:04.0204 0x0628  RDPENCDD - ok
03:28:04.0236 0x0628  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
03:28:04.0251 0x0628  RDPWD - ok
03:28:04.0314 0x0628  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
03:28:04.0329 0x0628  RemoteAccess - ok
03:28:04.0345 0x0628  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
03:28:04.0360 0x0628  RemoteRegistry - ok
03:28:04.0376 0x0628  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
03:28:04.0392 0x0628  RpcLocator - ok
03:28:04.0423 0x0628  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
03:28:04.0454 0x0628  RpcSs - ok
03:28:04.0501 0x0628  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
03:28:04.0516 0x0628  rspndr - ok
03:28:04.0594 0x0628  [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
03:28:04.0594 0x0628  RTL8169 - ok
03:28:04.0610 0x0628  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
03:28:04.0626 0x0628  SamSs - ok
03:28:04.0641 0x0628  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
03:28:04.0641 0x0628  sbp2port - ok
03:28:04.0704 0x0628  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
03:28:04.0719 0x0628  SCardSvr - ok
03:28:04.0766 0x0628  [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule        C:\Windows\system32\schedsvc.dll
03:28:04.0782 0x0628  Schedule - ok
03:28:04.0844 0x0628  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
03:28:04.0860 0x0628  SCPolicySvc - ok
03:28:04.0875 0x0628  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
03:28:04.0891 0x0628  SDRSVC - ok
03:28:04.0906 0x0628  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
03:28:04.0906 0x0628  secdrv - ok
03:28:04.0922 0x0628  [ 7D7A5D3CB5AB4B394E03BDE27E6114E8, 590644469036B9C2DF3D6E56D41FD7D09D0AE5021B0FA96A8CBA873F923865C8 ] seclogon        C:\Windows\system32\seclogon.dll
03:28:04.0953 0x0628  seclogon - ok
03:28:05.0000 0x0628  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
03:28:05.0016 0x0628  SENS - ok
03:28:05.0031 0x0628  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
03:28:05.0047 0x0628  Serenum - ok
03:28:05.0109 0x0628  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
03:28:05.0125 0x0628  Serial - ok
03:28:05.0125 0x0628  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
03:28:05.0140 0x0628  sermouse - ok
03:28:05.0156 0x0628  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
03:28:05.0187 0x0628  SessionEnv - ok
03:28:05.0187 0x0628  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
03:28:05.0203 0x0628  sffdisk - ok
03:28:05.0203 0x0628  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
03:28:05.0234 0x0628  sffp_mmc - ok
03:28:05.0250 0x0628  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
03:28:05.0281 0x0628  sffp_sd - ok
03:28:05.0296 0x0628  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
03:28:05.0328 0x0628  sfloppy - ok
03:28:05.0359 0x0628  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
03:28:05.0374 0x0628  SharedAccess - ok
03:28:05.0406 0x0628  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:28:05.0421 0x0628  ShellHWDetection - ok
03:28:05.0437 0x0628  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
03:28:05.0437 0x0628  sisagp - ok
03:28:05.0452 0x0628  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
03:28:05.0468 0x0628  SiSRaid2 - ok
03:28:05.0484 0x0628  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
03:28:05.0484 0x0628  SiSRaid4 - ok
03:28:05.0608 0x0628  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
03:28:05.0718 0x0628  slsvc - ok
03:28:05.0780 0x0628  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
03:28:05.0796 0x0628  SLUINotify - ok
03:28:05.0827 0x0628  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
03:28:05.0842 0x0628  Smb - ok
03:28:05.0858 0x0628  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
03:28:05.0874 0x0628  SNMPTRAP - ok
03:28:05.0889 0x0628  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
03:28:05.0889 0x0628  spldr - ok
03:28:05.0905 0x0628  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
03:28:05.0920 0x0628  Spooler - ok
03:28:05.0983 0x0628  [ E822F009416F6CC21C6545D58E8F9B62, 8536F4386303137BF3618E640F66EE2DA272BA3E7CDCD68C761BA74204A29608 ] srv             C:\Windows\system32\DRIVERS\srv.sys
03:28:05.0998 0x0628  srv - ok
03:28:06.0014 0x0628  [ 37DBD18CDC429690F34862F39BFEBDA5, 43EA2A23A36271CDFED93823822D7DDE550EC7492412ECBE8931ED6D2BEC632B ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
03:28:06.0030 0x0628  srv2 - ok
03:28:06.0045 0x0628  [ 40CD9883E862BF84A35D58A10652C0E0, B4205536ADC4BE98F076751DFC8F86EC070F03A4B15EE133391498A3FDEC2798 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
03:28:06.0045 0x0628  srvnet - ok
03:28:06.0061 0x0628  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
03:28:06.0092 0x0628  SSDPSRV - ok
03:28:06.0139 0x0628  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
03:28:06.0154 0x0628  SstpSvc - ok
03:28:06.0201 0x0628  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
03:28:06.0217 0x0628  stisvc - ok
03:28:06.0232 0x0628  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
03:28:06.0232 0x0628  swenum - ok
03:28:06.0264 0x0628  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
03:28:06.0295 0x0628  swprv - ok
03:28:06.0295 0x0628  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
03:28:06.0310 0x0628  Symc8xx - ok
03:28:06.0310 0x0628  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
03:28:06.0326 0x0628  Sym_hi - ok
03:28:06.0342 0x0628  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
03:28:06.0342 0x0628  Sym_u3 - ok
03:28:06.0373 0x0628  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
03:28:06.0404 0x0628  SysMain - ok
03:28:06.0466 0x0628  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:28:06.0482 0x0628  TabletInputService - ok
03:28:06.0513 0x0628  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
03:28:06.0529 0x0628  TapiSrv - ok
03:28:06.0544 0x0628  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
03:28:06.0560 0x0628  TBS - ok
03:28:06.0607 0x0628  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
03:28:06.0638 0x0628  Tcpip - ok
03:28:06.0685 0x0628  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
03:28:06.0716 0x0628  Tcpip6 - ok
03:28:06.0778 0x0628  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
03:28:06.0810 0x0628  tcpipreg - ok
03:28:06.0810 0x0628  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
03:28:06.0825 0x0628  TDPIPE - ok
03:28:06.0856 0x0628  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
03:28:06.0872 0x0628  TDTCP - ok
03:28:06.0903 0x0628  [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
03:28:06.0903 0x0628  tdx - ok
03:28:06.0919 0x0628  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
03:28:06.0934 0x0628  TermDD - ok
03:28:06.0950 0x0628  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
03:28:06.0966 0x0628  TermService - ok
03:28:07.0028 0x0628  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
03:28:07.0044 0x0628  Themes - ok
03:28:07.0059 0x0628  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
03:28:07.0075 0x0628  THREADORDER - ok
03:28:07.0090 0x0628  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
03:28:07.0106 0x0628  TrkWks - ok
03:28:07.0153 0x0628  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:28:07.0168 0x0628  TrustedInstaller - ok
03:28:07.0200 0x0628  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
03:28:07.0215 0x0628  tssecsrv - ok
03:28:07.0278 0x0628  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
03:28:07.0278 0x0628  tunmp - ok
03:28:07.0293 0x0628  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
03:28:07.0324 0x0628  tunnel - ok
03:28:07.0340 0x0628  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
03:28:07.0340 0x0628  uagp35 - ok
03:28:07.0371 0x0628  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
03:28:07.0387 0x0628  udfs - ok
03:28:07.0402 0x0628  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
03:28:07.0418 0x0628  UI0Detect - ok
03:28:07.0434 0x0628  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
03:28:07.0434 0x0628  uliagpkx - ok
03:28:07.0449 0x0628  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
03:28:07.0465 0x0628  uliahci - ok
03:28:07.0480 0x0628  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
03:28:07.0480 0x0628  UlSata - ok
03:28:07.0496 0x0628  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
03:28:07.0512 0x0628  ulsata2 - ok
03:28:07.0512 0x0628  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
03:28:07.0543 0x0628  umbus - ok
03:28:07.0558 0x0628  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
03:28:07.0590 0x0628  upnphost - ok
03:28:07.0605 0x0628  [ A176718F0DF45F60F545CF3E14F4D108, 5E767CB0B51B3BA05B6F99A7E46BEC275489DCFE874343C9B992843AA1F2334E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
03:28:07.0621 0x0628  USBAAPL - ok
03:28:07.0636 0x0628  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
03:28:07.0652 0x0628  usbccgp - ok
03:28:07.0730 0x0628  [ 32C068EAF37C92D7194EEE1FAA1E7853, 166D8C0BEF0C5231DC1A0104F9C54E79EFB0FF209188EC66158071BF129A10BE ] USBCCID         C:\Windows\system32\DRIVERS\usbccid.sys
03:28:07.0730 0x0628  USBCCID - ok
03:28:07.0746 0x0628  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
03:28:07.0777 0x0628  usbcir - ok
03:28:07.0839 0x0628  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
03:28:07.0855 0x0628  usbehci - ok
03:28:07.0886 0x0628  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
03:28:07.0902 0x0628  usbhub - ok
03:28:07.0917 0x0628  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
03:28:07.0948 0x0628  usbohci - ok
03:28:07.0948 0x0628  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
03:28:07.0980 0x0628  usbprint - ok
03:28:07.0995 0x0628  [ 234F76D9337BBD25D849C3860418723A, 8AC74D4FFFDEF5CCAA34BA185B45D252BAC15FE37E00515F9365878325764E7F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:28:08.0011 0x0628  USBSTOR - ok
03:28:08.0042 0x0628  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
03:28:08.0042 0x0628  usbuhci - ok
03:28:08.0073 0x0628  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
03:28:08.0089 0x0628  UxSms - ok
03:28:08.0120 0x0628  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
03:28:08.0151 0x0628  vds - ok
03:28:08.0151 0x0628  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
03:28:08.0167 0x0628  vga - ok
03:28:08.0182 0x0628  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
03:28:08.0198 0x0628  VgaSave - ok
03:28:08.0214 0x0628  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
03:28:08.0214 0x0628  viaagp - ok
03:28:08.0229 0x0628  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
03:28:08.0245 0x0628  ViaC7 - ok
03:28:08.0260 0x0628  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
03:28:08.0260 0x0628  viaide - ok
03:28:08.0276 0x0628  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
03:28:08.0292 0x0628  volmgr - ok
03:28:08.0323 0x0628  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
03:28:08.0323 0x0628  volmgrx - ok
03:28:08.0354 0x0628  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
03:28:08.0370 0x0628  volsnap - ok
03:28:08.0385 0x0628  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
03:28:08.0401 0x0628  vsmraid - ok
03:28:08.0432 0x0628  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
03:28:08.0479 0x0628  VSS - ok
03:28:08.0526 0x0628  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
03:28:08.0541 0x0628  W32Time - ok
03:28:08.0557 0x0628  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
03:28:08.0604 0x0628  WacomPen - ok
03:28:08.0619 0x0628  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
03:28:08.0635 0x0628  Wanarp - ok
03:28:08.0635 0x0628  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
03:28:08.0650 0x0628  Wanarpv6 - ok
03:28:08.0666 0x0628  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
03:28:08.0697 0x0628  wcncsvc - ok
03:28:08.0744 0x0628  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:28:08.0760 0x0628  WcsPlugInService - ok
03:28:08.0775 0x0628  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
03:28:08.0775 0x0628  Wd - ok
03:28:08.0853 0x0628  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
03:28:08.0853 0x0628  WDC_SAM - ok
03:28:08.0900 0x0628  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
03:28:08.0916 0x0628  Wdf01000 - ok
03:28:08.0962 0x0628  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
03:28:08.0978 0x0628  WdiServiceHost - ok
03:28:08.0978 0x0628  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
03:28:09.0009 0x0628  WdiSystemHost - ok
03:28:09.0025 0x0628  [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient       C:\Windows\System32\webclnt.dll
03:28:09.0040 0x0628  WebClient - ok
03:28:09.0056 0x0628  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
03:28:09.0087 0x0628  Wecsvc - ok
03:28:09.0103 0x0628  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
03:28:09.0118 0x0628  wercplsupport - ok
03:28:09.0150 0x0628  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
03:28:09.0165 0x0628  WerSvc - ok
03:28:09.0212 0x0628  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
03:28:09.0228 0x0628  WinDefend - ok
03:28:09.0228 0x0628  WinHttpAutoProxySvc - ok
03:28:09.0259 0x0628  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
03:28:09.0274 0x0628  Winmgmt - ok
03:28:09.0321 0x0628  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
03:28:09.0399 0x0628  WinRM - ok
03:28:09.0462 0x0628  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
03:28:09.0477 0x0628  Wlansvc - ok
03:28:09.0524 0x0628  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
03:28:09.0555 0x0628  WmiAcpi - ok
03:28:09.0602 0x0628  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
03:28:09.0618 0x0628  wmiApSrv - ok
03:28:09.0649 0x0628  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
03:28:09.0742 0x0628  WMPNetworkSvc - ok
03:28:09.0774 0x0628  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
03:28:09.0789 0x0628  WPCSvc - ok
03:28:09.0820 0x0628  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
03:28:09.0836 0x0628  WPDBusEnum - ok
03:28:09.0867 0x0628  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
03:28:09.0867 0x0628  WpdUsb - ok
03:28:09.0976 0x0628  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
03:28:10.0008 0x0628  WPFFontCache_v0400 - ok
03:28:10.0039 0x0628  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
03:28:10.0054 0x0628  ws2ifsl - ok
03:28:10.0117 0x0628  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
03:28:10.0132 0x0628  wscsvc - ok
03:28:10.0132 0x0628  WSearch - ok
03:28:10.0210 0x0628  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
03:28:10.0304 0x0628  wuauserv - ok
03:28:10.0382 0x0628  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
03:28:10.0382 0x0628  WudfPf - ok
03:28:10.0398 0x0628  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
03:28:10.0413 0x0628  WUDFRd - ok
03:28:10.0444 0x0628  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
03:28:10.0460 0x0628  wudfsvc - ok
03:28:10.0491 0x0628  ================ Scan global ===============================
03:28:10.0522 0x0628  [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
03:28:10.0554 0x0628  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
03:28:10.0585 0x0628  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
03:28:10.0632 0x0628  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
03:28:10.0632 0x0628  [ Global ] - ok
03:28:10.0632 0x0628  ================ Scan MBR ==================================
03:28:10.0632 0x0628  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:28:10.0819 0x0628  \Device\Harddisk0\DR0 - ok
03:28:10.0834 0x0628  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
03:28:10.0897 0x0628  \Device\Harddisk1\DR1 - ok
03:28:10.0912 0x0628  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
03:28:11.0178 0x0628  \Device\Harddisk2\DR2 - detected TDSS File System ( 1 )
03:28:11.0178 0x0628  \Device\Harddisk2\DR2 ( TDSS File System ) - warning
03:28:11.0443 0x0628  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
03:28:11.0989 0x0628  \Device\Harddisk3\DR3 - ok
03:28:12.0004 0x0628  [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk4\DR4
03:28:12.0098 0x0628  \Device\Harddisk4\DR4 - ok
03:28:12.0129 0x0628  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk5\DR5
03:28:12.0254 0x0628  \Device\Harddisk5\DR5 - ok
03:28:12.0254 0x0628  ================ Scan VBR ==================================
03:28:12.0270 0x0628  [ C39116F593AD5D5EE397814CEE4C2484 ] \Device\Harddisk0\DR0\Partition1
03:28:12.0270 0x0628  \Device\Harddisk0\DR0\Partition1 - ok
03:28:12.0270 0x0628  [ F6DD308943F74635E4347A13E9BEAB2B ] \Device\Harddisk0\DR0\Partition2
03:28:12.0270 0x0628  \Device\Harddisk0\DR0\Partition2 - ok
03:28:12.0270 0x0628  [ D42F8AF7051A81CFCAE71EDDF91BED5D ] \Device\Harddisk1\DR1\Partition1
03:28:12.0270 0x0628  \Device\Harddisk1\DR1\Partition1 - ok
03:28:12.0270 0x0628  [ 6F960D9FAAFE78A6A1A22CF6687F33F7 ] \Device\Harddisk2\DR2\Partition1
03:28:12.0270 0x0628  \Device\Harddisk2\DR2\Partition1 - ok
03:28:12.0270 0x0628  [ BEC5A26923A467A5A2ED44F76683B480 ] \Device\Harddisk3\DR3\Partition1
03:28:12.0285 0x0628  \Device\Harddisk3\DR3\Partition1 - ok
03:28:12.0285 0x0628  [ D210E3D1F7A17BEF8E6B692F6BC47595 ] \Device\Harddisk4\DR4\Partition1
03:28:12.0285 0x0628  \Device\Harddisk4\DR4\Partition1 - ok
03:28:12.0285 0x0628  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk5\DR5\Partition1
03:28:12.0285 0x0628  \Device\Harddisk5\DR5\Partition1 - ok
03:28:12.0285 0x0628  [ 1BAC6D0A562F0DA55A4046E5280A94D7 ] \Device\Harddisk5\DR5\Partition2
03:28:12.0285 0x0628  \Device\Harddisk5\DR5\Partition2 - ok
03:28:12.0285 0x0628  ================ Scan generic autorun ======================
03:28:12.0722 0x0628  [ F00A74241943E58F3795291BC3AF0853, DFB6E450A0198E1AC600107D79E8A8301B1F413CC93FCCCFB2A511D249F264D0 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
03:28:13.0128 0x0628  RTHDVCPL - ok
03:28:13.0206 0x0628  [ 627201AE01E87E730C70C6E256937E8D, 7F839397133344B0626E0ECC39AD12679182BEA10CCA2DF26AB80E43B17F3232 ] C:\Program Files\iTunes\iTunesHelper.exe
03:28:13.0206 0x0628  iTunesHelper - ok
03:28:13.0206 0x0628  Waiting for KSN requests completion. In queue: 35
03:28:14.0251 0x0628  AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
03:28:14.0251 0x0628  FW detected via SS2: Kaspersky Anti-Virus, C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x40010 ( disabled )
03:28:14.0251 0x0628  Win FW state via NFP2: enabled ( trusted )
03:28:14.0594 0x0628  ============================================================
03:28:14.0594 0x0628  Scan finished
03:28:14.0594 0x0628  ============================================================
03:28:14.0594 0x03a4  Detected object count: 1
03:28:14.0594 0x03a4  Actual detected object count: 1
03:31:33.0322 0x03a4  \Device\Harddisk2\DR2 ( TDSS File System ) - skipped by user
03:31:33.0322 0x03a4  \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Skip
03:31:40.0873 0x0634  Deinitialize success
 

aswMBR.txt

 

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2008-01-04 04:12:23
-----------------------------
04:12:23.318    OS Version: Windows 6.0.6002 Service Pack 2
04:12:23.318    Number of processors: 2 586 0xF0B
04:12:23.318    ComputerName: GRUMPY  UserName:
04:12:25.174    Initialize success
04:13:47.168    AVAST engine defs: 16082301
04:14:02.316    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
04:14:02.316    Disk 0 Vendor: Hitachi_HDP725025GLA380 GM2OA5BA Size: 238418MB BusType: 3
04:14:02.316    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-6
04:14:02.316    Disk 1 Vendor: ST3500320AS SD1A Size: 476940MB BusType: 3
04:14:02.316    Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP5T0L0-a
04:14:02.316    Disk 2 Vendor: WDC_WD5000AAKS-00TMA0 12.01C01 Size: 476938MB BusType: 3
04:14:02.628    Disk 2 MBR read successfully
04:14:02.628    Disk 2 MBR scan
04:14:02.628    Disk 2 Windows VISTA default MBR code
04:14:02.659    Disk 2 Partition 1 80 (A) 07    HPFS/NTFS NTFS       476929 MB offset 63
04:14:02.690    Disk 2 scanning sectors +976752000
04:14:03.018    Disk 2 scanning C:\Windows\system32\drivers
04:14:24.343    Service scanning
04:14:40.614    Modules scanning
04:14:40.614    Disk 2 trace - called modules:
04:14:40.629    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
04:14:40.629    1 nt!IofCallDriver -> \Device\Harddisk2\DR2[0x8ba59a20]
04:14:40.629    3 CLASSPNP.SYS[91ba48b3] -> nt!IofCallDriver -> [0x8b90e950]
04:14:40.645    5 acpi.sys[9172e6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-a[0x8aaedb98]
04:14:43.156    AVAST engine scan C:\Windows
04:16:38.050    AVAST engine scan C:\Windows\system32
04:22:56.959    AVAST engine scan C:\Windows\system32\drivers
04:24:24.412    AVAST engine scan C:\Users\Andrew P Saputo
05:41:01.405    AVAST engine scan C:\ProgramData
05:42:49.684    Disk 2 statistics 3214261/0/0 @ 0.31 MB/s
05:42:49.684    Scan finished successfully
05:43:36.438    Disk 2 MBR has been saved successfully to "C:\Users\Andrew P Saputo\Desktop\MBR.dat"
05:43:36.469    The log file has been saved successfully to "C:\Users\Andrew P Saputo\Desktop\aswMBR.txt"


RK.txt

 

RogueKiller V12.5.1.0 [Aug 22 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Safe mode with network support
User : Andrew P Saputo [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Scan -- Date : 01/04/2008 05:48:56 (Duration : 00:18:33)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[Hj.RegVal] HKEY_LOCAL_MACHINE\RK_Software_ON_G_79E2\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe  -> Found
[Suspicious.Path|Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\Users\ANDREW~1\AppData\Local\Temp\catchme.sys) -> Found
[Suspicious.Path|Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswMBR (\??\C:\Users\ANDREW~1\AppData\Local\Temp\aswMBR.sys) -> Found
[Suspicious.Path|Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswVmm (\??\C:\Users\ANDREW~1\AppData\Local\Temp\aswVmm.sys) -> Found
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mbr (\??\C:\ComboFix\mbr.sys) -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme (\??\C:\Users\ANDREW~1\AppData\Local\Temp\catchme.sys) -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMBR (\??\C:\Users\ANDREW~1\AppData\Local\Temp\aswMBR.sys) -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswVmm (\??\C:\Users\ANDREW~1\AppData\Local\Temp\aswVmm.sys) -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ACFD004C-DA54-483A-AB5E-936FC72232CD} | DhcpNameServer : 172.20.10.1 ([])  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ACFD004C-DA54-483A-AB5E-936FC72232CD} | DhcpNameServer : 172.20.10.1 ([])  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDP725025GLA380 ATA Device +++++
--- User ---
[MBR] bcda33850a8065e5eff58bb8fcb442f4
[BSP] b7986a247bf948dd1ad3dc756b531f19 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 112640 | Size: 10240 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 21084160 | Size: 228122 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST3500320AS ATA Device +++++
--- User ---
[MBR] 1ddc0bbffaab1b3645b0a37d68dd9747
[BSP] 363381e69afb75c5beb005393984f152 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD5000AAKS-00TMA0 ATA Device +++++
--- User ---
[MBR] 73681dfd5050ec78ffaa87f76a1ffead
[BSP] 7572515eeae7fa4287e3d71144b65811 : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476929 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: WD Ext HDD 1021 USB Device +++++
--- User ---
[MBR] 763f73409e2afd89da0fbcc44bd88ba8
[BSP] 34527a27a5fc9f9df077db946f73712f : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953866 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: WD 7500AAK External USB Device +++++
--- User ---
[MBR] b344ad4fffbd5ff14986be42d0845730
[BSP] 1343860dbef73a961735f1522ff55311 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 715402 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: Seagate Backup+  Desk USB Device +++++
Error reading User MBR! ([57] The parameter is incorrect. )
Error reading LL1 MBR! ([79] The semaphore timeout period has expired. )
Error reading LL2 MBR! ([32] The request is not supported. )
 

Thanks!!



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:07 PM

Posted 23 August 2016 - 09:20 PM

Thank you for all the information.

Please rerun TDSSKiller and select delete on \Device\Harddisk2\DR2 - detected TDSS File System

Please do this.

===================================================

RogueKiller Selecting Deletions

--------------------
  • Close any open programs
  • Please disconnect any USB or external drives from the computer before you run the scan
  • Right click on the RogueKiller icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • Click Scan
  • When the Status box shows Scan Finished place a check mark in the following and select Delete

[Hj.RegVal] HKEY_LOCAL_MACHINE\RK_Software_ON_G_79E2\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> Found

  • Click Report
  • Copy and paste the contents of the report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • TDSSKiller report
  • RogueKiller report
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 andrewsaputo

andrewsaputo
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eugene Oregon
  • Local time:05:07 PM

Posted 25 August 2016 - 02:35 PM

Sorry for the delay. Ran TDSSkiller again, assuming the same way as i did before and deleted DR2.

 

Did the roguekiller without the external HDs plugged in and deleted the reg key. 



#12 andrewsaputo

andrewsaputo
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eugene Oregon
  • Local time:05:07 PM

Posted 25 August 2016 - 02:38 PM

Here are the logs. By the way, Should I manually change the clock?

 

TDSSKiller log

 

00:09:03.0023 0x00f8  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
00:09:06.0783 0x00f8  ============================================================
00:09:06.0783 0x00f8  Current date / time: 2008/01/06 00:09:06.0783
00:09:06.0783 0x00f8  SystemInfo:
00:09:06.0814 0x00f8  
00:09:06.0814 0x00f8  OS Version: 6.0.6002 ServicePack: 2.0
00:09:06.0814 0x00f8  Product type: Workstation
00:09:06.0814 0x00f8  ComputerName: GRUMPY
00:09:06.0814 0x00f8  UserName: Andrew P Saputo
00:09:06.0814 0x00f8  Windows directory: C:\Windows
00:09:06.0814 0x00f8  System windows directory: C:\Windows
00:09:06.0814 0x00f8  Processor architecture: Intel x86
00:09:06.0814 0x00f8  Number of processors: 2
00:09:06.0814 0x00f8  Page size: 0x1000
00:09:06.0814 0x00f8  Boot type: Safe boot with network
00:09:06.0814 0x00f8  CodeIntegrityOptions = 0x00000000
00:09:06.0814 0x00f8  ============================================================
00:09:08.0764 0x00f8  KLMD registered as C:\Windows\system32\drivers\08575839.sys
00:09:08.0764 0x00f8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 6002.19636, osProperties = 0x0
00:09:08.0998 0x00f8  System UUID: {942B5A4E-4048-FDDC-5AD5-528F6E6B0C1C}
00:09:09.0606 0x00f8  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 ( 232.83 Gb ), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:09:09.0622 0x00f8  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:09:09.0622 0x00f8  Drive \Device\Harddisk2\DR2 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:09:09.0622 0x00f8  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0B00000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:09:16.0704 0x00f8  Drive \Device\Harddisk4\DR4 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:09:25.0144 0x00f8  Drive \Device\Harddisk5\DR5 - Size: 0x2BAA1475000 ( 2794.52 Gb ), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:09:25.0362 0x00f8  ============================================================
00:09:25.0362 0x00f8  \Device\Harddisk0\DR0:
00:09:25.0362 0x00f8  MBR partitions:
00:09:25.0362 0x00f8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
00:09:25.0362 0x00f8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x1BD8D000
00:09:25.0362 0x00f8  \Device\Harddisk1\DR1:
00:09:25.0362 0x00f8  MBR partitions:
00:09:25.0362 0x00f8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
00:09:25.0362 0x00f8  \Device\Harddisk2\DR2:
00:09:25.0362 0x00f8  MBR partitions:
00:09:25.0362 0x00f8  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
00:09:25.0362 0x00f8  \Device\Harddisk3\DR3:
00:09:25.0362 0x00f8  MBR partitions:
00:09:25.0362 0x00f8  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
00:09:25.0362 0x00f8  \Device\Harddisk4\DR4:
00:09:25.0362 0x00f8  MBR partitions:
00:09:25.0362 0x00f8  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
00:09:25.0362 0x00f8  \Device\Harddisk5\DR5:
00:09:25.0362 0x00f8  GPT partitions:
00:09:25.0362 0x00f8  \Device\Harddisk5\DR5\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {14E5CA0E-9EEE-4780-B95C-7FB4779656F8}, Name: Microsoft reserved partition, StartLBA 0x6, BlocksNum 0x8000
00:09:25.0362 0x00f8  \Device\Harddisk5\DR5\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CF489BB2-2D48-46F7-9942-819588DB90AE}, Name: Basic data partition, StartLBA 0x8100, BlocksNum 0x2BA99300
00:09:25.0362 0x00f8  MBR partitions:
00:09:25.0362 0x00f8  ============================================================
00:09:25.0394 0x00f8  C: <-> \Device\Harddisk2\DR2\Partition1
00:09:25.0394 0x00f8  D: <-> \Device\Harddisk0\DR0\Partition2
00:09:25.0394 0x00f8  F: <-> \Device\Harddisk1\DR1\Partition1
00:09:25.0425 0x00f8  G: <-> \Device\Harddisk0\DR0\Partition1
00:09:25.0456 0x00f8  K: <-> \Device\Harddisk5\DR5\Partition2
00:09:25.0472 0x00f8  H: <-> \Device\Harddisk4\DR4\Partition1
00:09:26.0002 0x00f8  I: <-> \Device\Harddisk3\DR3\Partition1
00:09:26.0002 0x00f8  ============================================================
00:09:26.0002 0x00f8  Initialize success
00:09:26.0002 0x00f8  ============================================================
00:10:02.0350 0x075c  ============================================================
00:10:02.0350 0x075c  Scan started
00:10:02.0350 0x075c  Mode: Manual; SigCheck; TDLFS;
00:10:02.0350 0x075c  ============================================================
00:10:02.0350 0x075c  KSN ping started
00:10:02.0522 0x075c  KSN ping finished: true
00:10:04.0706 0x075c  ================ Scan system memory ========================
00:10:04.0706 0x075c  System memory - ok
00:10:04.0706 0x075c  ================ Scan services =============================
00:10:04.0846 0x075c  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
00:10:05.0267 0x075c  ACPI - ok
00:10:05.0392 0x075c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:10:05.0392 0x075c  AdobeARMservice - ok
00:10:05.0501 0x075c  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:10:05.0532 0x075c  adp94xx - ok
00:10:05.0610 0x075c  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:10:05.0626 0x075c  adpahci - ok
00:10:05.0642 0x075c  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
00:10:05.0673 0x075c  adpu160m - ok
00:10:05.0704 0x075c  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:10:05.0720 0x075c  adpu320 - ok
00:10:05.0782 0x075c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:10:06.0000 0x075c  AeLookupSvc - ok
00:10:06.0078 0x075c  [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD             C:\Windows\system32\drivers\afd.sys
00:10:06.0141 0x075c  AFD - ok
00:10:06.0188 0x075c  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
00:10:06.0203 0x075c  agp440 - ok
00:10:06.0250 0x075c  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
00:10:06.0266 0x075c  aic78xx - ok
00:10:06.0281 0x075c  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
00:10:06.0359 0x075c  ALG - ok
00:10:06.0375 0x075c  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
00:10:06.0375 0x075c  aliide - ok
00:10:06.0390 0x075c  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
00:10:06.0422 0x075c  amdagp - ok
00:10:06.0453 0x075c  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
00:10:06.0453 0x075c  amdide - ok
00:10:06.0515 0x075c  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
00:10:06.0546 0x075c  AmdK7 - ok
00:10:06.0546 0x075c  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
00:10:06.0578 0x075c  AmdK8 - ok
00:10:06.0640 0x075c  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
00:10:06.0718 0x075c  Appinfo - ok
00:10:06.0827 0x075c  [ A9AE03362A846898368653E94B6DB1AA, EF6EE35E85C75561C1E6D38D0005C8E31FF492F0B2CDEB914ACA4E026759511D ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:10:06.0843 0x075c  Apple Mobile Device - ok
00:10:06.0905 0x075c  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
00:10:06.0936 0x075c  arc - ok
00:10:06.0983 0x075c  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:10:06.0999 0x075c  arcsas - ok
00:10:07.0108 0x075c  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:10:07.0170 0x075c  aspnet_state - ok
00:10:07.0233 0x075c  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:10:07.0295 0x075c  AsyncMac - ok
00:10:07.0326 0x075c  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
00:10:07.0326 0x075c  atapi - ok
00:10:07.0404 0x075c  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:10:07.0498 0x075c  AudioEndpointBuilder - ok
00:10:07.0514 0x075c  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
00:10:07.0514 0x075c  Audiosrv - ok
00:10:07.0638 0x075c  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
00:10:07.0732 0x075c  AVP16.0.0 - ok
00:10:07.0794 0x075c  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:10:07.0810 0x075c  Beep - ok
00:10:07.0888 0x075c  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
00:10:08.0013 0x075c  BFE - ok
00:10:08.0060 0x075c  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
00:10:08.0216 0x075c  BITS - ok
00:10:08.0231 0x075c  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
00:10:08.0262 0x075c  blbdrive - ok
00:10:08.0356 0x075c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:10:08.0403 0x075c  Bonjour Service - ok
00:10:08.0496 0x075c  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:10:08.0528 0x075c  bowser - ok
00:10:08.0590 0x075c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
00:10:08.0606 0x075c  BrFiltLo - ok
00:10:08.0621 0x075c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
00:10:08.0637 0x075c  BrFiltUp - ok
00:10:08.0652 0x075c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
00:10:08.0715 0x075c  Browser - ok
00:10:08.0762 0x075c  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
00:10:08.0933 0x075c  Brserid - ok
00:10:08.0949 0x075c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
00:10:08.0996 0x075c  BrSerWdm - ok
00:10:09.0011 0x075c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
00:10:09.0042 0x075c  BrUsbMdm - ok
00:10:09.0042 0x075c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
00:10:09.0074 0x075c  BrUsbSer - ok
00:10:09.0136 0x075c  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:10:09.0152 0x075c  BTHMODEM - ok
00:10:09.0276 0x075c  catchme - ok
00:10:09.0323 0x075c  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:10:09.0354 0x075c  cdfs - ok
00:10:09.0417 0x075c  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:10:09.0448 0x075c  cdrom - ok
00:10:09.0526 0x075c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
00:10:09.0542 0x075c  CertPropSvc - ok
00:10:09.0557 0x075c  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
00:10:09.0573 0x075c  circlass - ok
00:10:09.0604 0x075c  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
00:10:09.0620 0x075c  CLFS - ok
00:10:09.0666 0x075c  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:10:09.0682 0x075c  clr_optimization_v2.0.50727_32 - ok
00:10:09.0744 0x075c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:10:09.0885 0x075c  clr_optimization_v4.0.30319_32 - ok
00:10:09.0900 0x075c  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:10:09.0900 0x075c  cmdide - ok
00:10:09.0947 0x075c  [ 1769C8644A974367C0F4F5C5215143AD, 9FE01BF2366848D67D2D3380C13F5BB544A5BB1D4C390BF9D58E36A0D8D18D91 ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
00:10:09.0947 0x075c  cm_km - ok
00:10:09.0963 0x075c  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
00:10:09.0978 0x075c  Compbatt - ok
00:10:09.0978 0x075c  COMSysApp - ok
00:10:09.0994 0x075c  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:10:09.0994 0x075c  crcdisk - ok
00:10:10.0010 0x075c  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
00:10:10.0041 0x075c  Crusoe - ok
00:10:10.0072 0x075c  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:10:10.0103 0x075c  CryptSvc - ok
00:10:10.0150 0x075c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:10:10.0244 0x075c  DcomLaunch - ok
00:10:10.0275 0x075c  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:10:10.0322 0x075c  DfsC - ok
00:10:10.0431 0x075c  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
00:10:10.0665 0x075c  DFSR - ok
00:10:10.0743 0x075c  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
00:10:10.0774 0x075c  Dhcp - ok
00:10:10.0821 0x075c  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
00:10:10.0821 0x075c  disk - ok
00:10:10.0883 0x075c  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:10:10.0930 0x075c  Dnscache - ok
00:10:10.0992 0x075c  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
00:10:11.0024 0x075c  dot3svc - ok
00:10:11.0039 0x075c  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
00:10:11.0070 0x075c  DPS - ok
00:10:11.0133 0x075c  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:10:11.0211 0x075c  drmkaud - ok
00:10:11.0242 0x075c  [ 6D2A164686B15F590DF012ABA4735888, 8A7A2656571FCFE0B56F64E5FDF48B37D101C0D3CE50A8A22481DC440CAB46D9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:10:11.0289 0x075c  DXGKrnl - ok
00:10:11.0382 0x075c  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
00:10:11.0398 0x075c  E1G60 - ok
00:10:11.0460 0x075c  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
00:10:11.0523 0x075c  EapHost - ok
00:10:11.0585 0x075c  [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache          C:\Windows\system32\drivers\ecache.sys
00:10:11.0601 0x075c  Ecache - ok
00:10:11.0663 0x075c  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:10:11.0726 0x075c  ehRecvr - ok
00:10:11.0741 0x075c  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
00:10:11.0819 0x075c  ehSched - ok
00:10:11.0835 0x075c  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
00:10:11.0835 0x075c  ehstart - ok
00:10:11.0866 0x075c  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:10:11.0882 0x075c  elxstor - ok
00:10:11.0975 0x075c  [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
00:10:12.0084 0x075c  EMDMgmt - ok
00:10:12.0147 0x075c  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:10:12.0162 0x075c  ErrDev - ok
00:10:12.0194 0x075c  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
00:10:12.0225 0x075c  EventSystem - ok
00:10:12.0303 0x075c  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
00:10:12.0459 0x075c  exfat - ok
00:10:12.0490 0x075c  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:10:12.0521 0x075c  fastfat - ok
00:10:12.0521 0x075c  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
00:10:12.0537 0x075c  fdc - ok
00:10:12.0615 0x075c  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
00:10:12.0677 0x075c  fdPHost - ok
00:10:12.0724 0x075c  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:10:12.0786 0x075c  FDResPub - ok
00:10:12.0833 0x075c  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:10:12.0849 0x075c  FileInfo - ok
00:10:12.0911 0x075c  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:10:12.0942 0x075c  Filetrace - ok
00:10:12.0942 0x075c  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
00:10:12.0974 0x075c  flpydisk - ok
00:10:12.0989 0x075c  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:10:13.0005 0x075c  FltMgr - ok
00:10:13.0083 0x075c  [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache       C:\Windows\system32\FntCache.dll
00:10:13.0286 0x075c  FontCache - ok
00:10:13.0317 0x075c  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:10:13.0317 0x075c  FontCache3.0.0.0 - ok
00:10:13.0348 0x075c  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:10:13.0410 0x075c  Fs_Rec - ok
00:10:13.0426 0x075c  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:10:13.0442 0x075c  gagp30kx - ok
00:10:13.0473 0x075c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:10:13.0504 0x075c  GEARAspiWDM - ok
00:10:13.0644 0x075c  [ AC6831C5D4D6A70A15B8963E8A1CD894, B1792907D7F31B4F648757DF347F619F824D1148B8B48A0297A256D704EDD829 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
00:10:13.0707 0x075c  GfExperienceService - ok
00:10:13.0785 0x075c  [ 1E74AA0D84B3AF74B39D63142DB0D2AA, EFA23EA053FB2CF2A374201F662680712F475C2461A84643755E9BC2E066E0A2 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:10:13.0941 0x075c  gpsvc - ok
00:10:13.0972 0x075c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
00:10:13.0972 0x075c  gupdate - ok
00:10:14.0050 0x075c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
00:10:14.0066 0x075c  gupdatem - ok
00:10:14.0128 0x075c  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:10:14.0175 0x075c  HdAudAddService - ok
00:10:14.0222 0x075c  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:10:14.0253 0x075c  HDAudBus - ok
00:10:14.0315 0x075c  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:10:14.0346 0x075c  HidBth - ok
00:10:14.0362 0x075c  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:10:14.0393 0x075c  HidIr - ok
00:10:14.0424 0x075c  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
00:10:14.0440 0x075c  hidserv - ok
00:10:14.0456 0x075c  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:10:14.0487 0x075c  HidUsb - ok
00:10:14.0502 0x075c  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:10:14.0534 0x075c  hkmsvc - ok
00:10:14.0565 0x075c  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
00:10:14.0580 0x075c  HpCISSs - ok
00:10:14.0596 0x075c  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:10:14.0752 0x075c  HTTP - ok
00:10:14.0768 0x075c  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
00:10:14.0768 0x075c  i2omp - ok
00:10:14.0830 0x075c  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:10:14.0861 0x075c  i8042prt - ok
00:10:14.0877 0x075c  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
00:10:14.0892 0x075c  iaStorV - ok
00:10:14.0939 0x075c  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:10:14.0986 0x075c  idsvc - ok
00:10:15.0048 0x075c  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:10:15.0048 0x075c  iirsp - ok
00:10:15.0126 0x075c  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
00:10:15.0142 0x075c  IKEEXT - ok
00:10:15.0298 0x075c  [ 19B572DD46F038509846589DCB702B19, C887F184665F04AC3C02CB154D428E47917BBAD50295166C53BA03265092ABAB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
00:10:15.0470 0x075c  IntcAzAudAddService - ok
00:10:15.0501 0x075c  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
00:10:15.0501 0x075c  intelide - ok
00:10:15.0516 0x075c  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:10:15.0548 0x075c  intelppm - ok
00:10:15.0563 0x075c  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:10:15.0594 0x075c  IPBusEnum - ok
00:10:15.0610 0x075c  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:10:15.0626 0x075c  IpFilterDriver - ok
00:10:15.0657 0x075c  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:10:15.0704 0x075c  iphlpsvc - ok
00:10:15.0704 0x075c  IpInIp - ok
00:10:15.0719 0x075c  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
00:10:15.0750 0x075c  IPMIDRV - ok
00:10:15.0766 0x075c  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
00:10:15.0782 0x075c  IPNAT - ok
00:10:15.0860 0x075c  [ C23748B33D431E4CD5CA2E62500545FF, C62BDF433F50536BCDBC574D2F3B12D470C3B0FD950A553BB3921BB3195E41AA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:10:15.0891 0x075c  iPod Service - ok
00:10:15.0953 0x075c  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:10:15.0969 0x075c  IRENUM - ok
00:10:15.0969 0x075c  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:10:16.0016 0x075c  isapnp - ok
00:10:16.0047 0x075c  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
00:10:16.0062 0x075c  iScsiPrt - ok
00:10:16.0078 0x075c  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
00:10:16.0094 0x075c  iteatapi - ok
00:10:16.0140 0x075c  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
00:10:16.0156 0x075c  iteraid - ok
00:10:16.0156 0x075c  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:10:16.0172 0x075c  kbdclass - ok
00:10:16.0203 0x075c  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
00:10:16.0218 0x075c  kbdhid - ok
00:10:16.0296 0x075c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
00:10:16.0484 0x075c  KeyIso - ok
00:10:16.0562 0x075c  [ 10003EB659D2EA81AC5222009834CB0D, 5E822B5CB52E4206E949DBB6BF8B3CA92EE06ED712C498FA54B86FA7B65DB2A4 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
00:10:16.0577 0x075c  kl1 - ok
00:10:16.0624 0x075c  [ 4C6908A4E14CE84C45FFF92F3C55793C, 798DC2D58D1688599869F3E2D550EF24AB8EAA8B90FE663168E4AF3D79E3C69B ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
00:10:16.0640 0x075c  klbackupdisk - ok
00:10:16.0671 0x075c  [ 9B2811697E00E59A3536380BB6333170, CFB23C5B9F1A8BC29A3318AE3D225C3FD46B386774EBD23F7C8A50C64690B692 ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
00:10:16.0671 0x075c  klbackupflt - ok
00:10:16.0702 0x075c  [ 01AAAA5927AC064D9A517406192DAC40, 654CD3EA9BBEDD0EEB1373F4DEF118A5C85173BC9BF3F75672DAEB9FD34F3D5B ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
00:10:16.0718 0x075c  kldisk - ok
00:10:16.0749 0x075c  [ A46E47921CD4D62A1834A7468142BFC4, 9D186172DD8525E5F0E99711633BFC65DC9033E6EA42317330580EF51D52A155 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
00:10:16.0764 0x075c  klflt - ok
00:10:16.0811 0x075c  [ 8C641F65085BE228CDB0ACDF49751162, 1E5F17E922DA556507077B5EB19EEB48B8E2D0A79307AB2735EA4B7C6724EDB1 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
00:10:16.0827 0x075c  klhk - ok
00:10:16.0889 0x075c  [ B21D371BB4FC56A89ACA1C1CB8DAD4F5, BFCCFEB44A23DD36DD3065FCA5E0D33B1869FCD68A985C61AD4078E2175CF746 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
00:10:16.0936 0x075c  KLIF - ok
00:10:16.0952 0x075c  [ B5E8BADD1B7904C04726EDB5BA32A19D, 36FFF3E65C9959DB9135DAC1BF84A0FCC0615FB35B9D85EFB87F3AE90B48C71C ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
00:10:16.0967 0x075c  KLIM6 - ok
00:10:17.0014 0x075c  [ 956B752A298D1BC88122CD75D63C1B1E, A64D4DBEB40B4081C676E159AAEFC8D28A2159E7CF4008900BFC898759668C04 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
00:10:17.0030 0x075c  klkbdflt - ok
00:10:17.0045 0x075c  [ B87153536ADE581E4874EE0F8AD09315, 7570BEF2455F1F51CA0FC5969C3046F8D20DF947DF3E71170ACB003D1C8972EE ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
00:10:17.0045 0x075c  klmouflt - ok
00:10:17.0061 0x075c  [ FB7425A738F6041D6AA7BB2211BD4D05, 5F6AD74B425EE374877E7E6AF11B650D40737FA51CE4171BFB513766CFA4C677 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
00:10:17.0076 0x075c  klpd - ok
00:10:17.0108 0x075c  [ 0EB799F1E13DABB97F580A4203BAD012, E2822D607062D9A2A7CEEE38AA85439909C93FBB65DD032D58711DB822D0EE1B ] kltdf           C:\Windows\system32\DRIVERS\kltdf.sys
00:10:17.0108 0x075c  kltdf - ok
00:10:17.0123 0x075c  [ 8E682FBB727A3A3C3B7FAF986FF4EA54, 7AA1A8E71D665B33E00E36BD076C0AA4450769D6F51A70C932CEB02108690A0D ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
00:10:17.0139 0x075c  kltdi - ok
00:10:17.0154 0x075c  [ E90ED53B73CBCD4DFE397AC7272FE3F3, CE2CA9823FA30927F919D6759696DEBDD22898BC62BA9B3A4D8162BAAFB2408E ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
00:10:17.0170 0x075c  kneps - ok
00:10:17.0201 0x075c  [ FBBC2D3579E6CF8279D46B44C89C49FF, C7188643CDB7DADAD944241F554266BEFA2239ED4AD7E85F4D37319D3FAC4FFE ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:10:17.0232 0x075c  KSecDD - ok
00:10:17.0310 0x075c  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:10:17.0342 0x075c  KtmRm - ok
00:10:17.0388 0x075c  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
00:10:17.0498 0x075c  LanmanServer - ok
00:10:17.0560 0x075c  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:10:17.0638 0x075c  LanmanWorkstation - ok
00:10:17.0669 0x075c  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:10:17.0716 0x075c  lltdio - ok
00:10:17.0747 0x075c  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:10:17.0778 0x075c  lltdsvc - ok
00:10:17.0794 0x075c  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:10:17.0825 0x075c  lmhosts - ok
00:10:17.0841 0x075c  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:10:17.0841 0x075c  LSI_FC - ok
00:10:17.0856 0x075c  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:10:17.0872 0x075c  LSI_SAS - ok
00:10:17.0872 0x075c  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:10:17.0888 0x075c  LSI_SCSI - ok
00:10:17.0903 0x075c  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
00:10:17.0934 0x075c  luafv - ok
00:10:17.0950 0x075c  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:10:17.0966 0x075c  Mcx2Svc - ok
00:10:18.0012 0x075c  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
00:10:18.0028 0x075c  megasas - ok
00:10:18.0090 0x075c  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
00:10:18.0122 0x075c  MegaSR - ok
00:10:18.0168 0x075c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
00:10:18.0184 0x075c  MMCSS - ok
00:10:18.0200 0x075c  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
00:10:18.0231 0x075c  Modem - ok
00:10:18.0278 0x075c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:10:18.0293 0x075c  monitor - ok
00:10:18.0309 0x075c  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:10:18.0324 0x075c  mouclass - ok
00:10:18.0324 0x075c  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:10:18.0371 0x075c  mouhid - ok
00:10:18.0418 0x075c  [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
00:10:18.0418 0x075c  MountMgr - ok
00:10:18.0496 0x075c  [ 69E23C730974BAC8C11DF2B7C4C9D37B, 8DC4448EC9C9647381952D7822B39C89E0997B4B964A785AE274144FADEE3C02 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:10:18.0512 0x075c  MozillaMaintenance - ok
00:10:18.0574 0x075c  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:10:18.0574 0x075c  mpio - ok
00:10:18.0590 0x075c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:10:18.0605 0x075c  mpsdrv - ok
00:10:18.0652 0x075c  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:10:18.0746 0x075c  MpsSvc - ok
00:10:18.0761 0x075c  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
00:10:18.0777 0x075c  Mraid35x - ok
00:10:18.0808 0x075c  [ DADF6D90942C198CD15D345A9F6CF4CD, 993240684DA9EC5B45B28EEEB36B4676A0ADE5CA385C231DF7F94B81F6A69DD3 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:10:18.0839 0x075c  MRxDAV - ok
00:10:18.0855 0x075c  [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:10:18.0917 0x075c  mrxsmb - ok
00:10:18.0964 0x075c  [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:10:18.0980 0x075c  mrxsmb10 - ok
00:10:18.0980 0x075c  [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:10:18.0995 0x075c  mrxsmb20 - ok
00:10:19.0011 0x075c  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:10:19.0011 0x075c  msahci - ok
00:10:19.0026 0x075c  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:10:19.0042 0x075c  msdsm - ok
00:10:19.0058 0x075c  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
00:10:19.0089 0x075c  MSDTC - ok
00:10:19.0104 0x075c  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:10:19.0120 0x075c  Msfs - ok
00:10:19.0167 0x075c  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:10:19.0182 0x075c  msisadrv - ok
00:10:19.0198 0x075c  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:10:19.0245 0x075c  MSiSCSI - ok
00:10:19.0245 0x075c  msiserver - ok
00:10:19.0292 0x075c  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:10:19.0323 0x075c  MSKSSRV - ok
00:10:19.0354 0x075c  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:10:19.0401 0x075c  MSPCLOCK - ok
00:10:19.0401 0x075c  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:10:19.0416 0x075c  MSPQM - ok
00:10:19.0448 0x075c  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:10:19.0463 0x075c  MsRPC - ok
00:10:19.0479 0x075c  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:10:19.0494 0x075c  mssmbios - ok
00:10:19.0526 0x075c  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:10:19.0557 0x075c  MSTEE - ok
00:10:19.0604 0x075c  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
00:10:19.0604 0x075c  Mup - ok
00:10:19.0635 0x075c  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
00:10:19.0666 0x075c  napagent - ok
00:10:19.0744 0x075c  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:10:19.0760 0x075c  NativeWifiP - ok
00:10:19.0838 0x075c  [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:10:19.0884 0x075c  NDIS - ok
00:10:19.0931 0x075c  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:10:19.0962 0x075c  NdisTapi - ok
00:10:19.0978 0x075c  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:10:19.0994 0x075c  Ndisuio - ok
00:10:20.0009 0x075c  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:10:20.0040 0x075c  NdisWan - ok
00:10:20.0056 0x075c  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:10:20.0056 0x075c  NDProxy - ok
00:10:20.0134 0x075c  [ 9213AA35BCA94EB79D366DA254E4BDF5, 5E1C71BEB6CFFF5A6F149E9FE6E169D087A6CBE63A504FEE8D42170284952F85 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
00:10:20.0165 0x075c  Netaapl - ok
00:10:20.0181 0x075c  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:10:20.0196 0x075c  NetBIOS - ok
00:10:20.0259 0x075c  [ BF84E55A9B3AD3CBAB4AAE3BE043E579, A01D03836E67C6B434687FF3388DB0BD935BCF81A611728C32E7392694E7689C ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
00:10:20.0321 0x075c  netbt - ok
00:10:20.0337 0x075c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
00:10:20.0337 0x075c  Netlogon - ok
00:10:20.0368 0x075c  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
00:10:20.0399 0x075c  Netman - ok
00:10:20.0415 0x075c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:10:20.0462 0x075c  NetMsmqActivator - ok
00:10:20.0477 0x075c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:10:20.0493 0x075c  NetPipeActivator - ok
00:10:20.0508 0x075c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
00:10:20.0540 0x075c  netprofm - ok
00:10:20.0555 0x075c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:10:20.0555 0x075c  NetTcpActivator - ok
00:10:20.0571 0x075c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:10:20.0586 0x075c  NetTcpPortSharing - ok
00:10:20.0602 0x075c  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:10:20.0618 0x075c  nfrd960 - ok
00:10:20.0649 0x075c  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:10:20.0711 0x075c  NlaSvc - ok
00:10:20.0727 0x075c  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:10:20.0742 0x075c  Npfs - ok
00:10:20.0758 0x075c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
00:10:20.0789 0x075c  nsi - ok
00:10:20.0789 0x075c  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:10:20.0805 0x075c  nsiproxy - ok
00:10:20.0883 0x075c  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:10:20.0992 0x075c  Ntfs - ok
00:10:21.0023 0x075c  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
00:10:21.0054 0x075c  ntrigdigi - ok
00:10:21.0117 0x075c  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
00:10:21.0148 0x075c  Null - ok
00:10:21.0242 0x075c  [ F69FD161BD904778E1D6EBE9EEBBC2B5, 463887665C45639E87D7371CB59032193FFC1A2E18D0E21E1709D40D03048AE9 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
00:10:21.0242 0x075c  NVHDA - ok
00:10:21.0538 0x075c  [ FCEA6786A7222DF6C26B008279139952, 9E96776417B45DC1ABDA5DE0CD36913FC6E6A38486D470BCBE01D09CE7388C4A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:10:21.0928 0x075c  nvlddmkm - ok
00:10:22.0053 0x075c  [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
00:10:22.0115 0x075c  NvNetworkService - ok
00:10:22.0193 0x075c  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:10:22.0209 0x075c  nvraid - ok
00:10:22.0224 0x075c  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:10:22.0224 0x075c  nvstor - ok
00:10:22.0318 0x075c  [ F4B2AAFDB72CC6A54A14A0D6DC82657A, CBC6F3E8BEE4920886A4A3F3269132719E520898590104BCD3391D77F435FD13 ] nvsvc           C:\Windows\system32\nvvsvc.exe
00:10:22.0349 0x075c  nvsvc - ok
00:10:22.0427 0x075c  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:10:22.0427 0x075c  nv_agp - ok
00:10:22.0427 0x075c  NwlnkFlt - ok
00:10:22.0443 0x075c  NwlnkFwd - ok
00:10:22.0505 0x075c  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:10:22.0552 0x075c  ohci1394 - ok
00:10:22.0614 0x075c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
00:10:22.0692 0x075c  p2pimsvc - ok
00:10:22.0708 0x075c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
00:10:22.0739 0x075c  p2psvc - ok
00:10:22.0817 0x075c  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
00:10:22.0848 0x075c  Parport - ok
00:10:22.0880 0x075c  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:10:22.0880 0x075c  partmgr - ok
00:10:22.0942 0x075c  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
00:10:22.0973 0x075c  Parvdm - ok
00:10:23.0004 0x075c  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:10:23.0036 0x075c  PcaSvc - ok
00:10:23.0067 0x075c  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
00:10:23.0082 0x075c  pci - ok
00:10:23.0145 0x075c  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
00:10:23.0145 0x075c  pciide - ok
00:10:23.0160 0x075c  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:10:23.0176 0x075c  pcmcia - ok
00:10:23.0207 0x075c  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:10:23.0270 0x075c  PEAUTH - ok
00:10:23.0348 0x075c  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
00:10:23.0488 0x075c  pla - ok
00:10:23.0519 0x075c  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:10:23.0566 0x075c  PlugPlay - ok
00:10:23.0582 0x075c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
00:10:23.0613 0x075c  PNRPAutoReg - ok
00:10:23.0628 0x075c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
00:10:23.0644 0x075c  PNRPsvc - ok
00:10:23.0722 0x075c  [ E16D328D6C5382916C1F7925E2A20662, D904E886614E9C18B1FE0FDE884777F01FAE7CD1688C5DB3CEE772E6BDEF1516 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:10:23.0753 0x075c  PolicyAgent - ok
00:10:23.0816 0x075c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:10:23.0847 0x075c  PptpMiniport - ok
00:10:23.0909 0x075c  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
00:10:23.0940 0x075c  Processor - ok
00:10:23.0956 0x075c  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:10:24.0003 0x075c  ProfSvc - ok
00:10:24.0003 0x075c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
00:10:24.0018 0x075c  ProtectedStorage - ok
00:10:24.0034 0x075c  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
00:10:24.0065 0x075c  PSched - ok
00:10:24.0143 0x075c  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:10:24.0237 0x075c  ql2300 - ok
00:10:24.0284 0x075c  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:10:24.0284 0x075c  ql40xx - ok
00:10:24.0362 0x075c  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
00:10:24.0377 0x075c  QWAVE - ok
00:10:24.0393 0x075c  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:10:24.0393 0x075c  QWAVEdrv - ok
00:10:24.0408 0x075c  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:10:24.0424 0x075c  RasAcd - ok
00:10:24.0440 0x075c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
00:10:24.0471 0x075c  RasAuto - ok
00:10:24.0486 0x075c  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:10:24.0502 0x075c  Rasl2tp - ok
00:10:24.0533 0x075c  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
00:10:24.0549 0x075c  RasMan - ok
00:10:24.0580 0x075c  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:10:24.0611 0x075c  RasPppoe - ok
00:10:24.0627 0x075c  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:10:24.0674 0x075c  RasSstp - ok
00:10:24.0720 0x075c  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:10:24.0736 0x075c  rdbss - ok
00:10:24.0752 0x075c  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:10:24.0783 0x075c  RDPCDD - ok
00:10:24.0814 0x075c  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
00:10:24.0845 0x075c  rdpdr - ok
00:10:24.0845 0x075c  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:10:24.0861 0x075c  RDPENCDD - ok
00:10:24.0908 0x075c  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:10:24.0954 0x075c  RDPWD - ok
00:10:25.0001 0x075c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:10:25.0032 0x075c  RemoteAccess - ok
00:10:25.0048 0x075c  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:10:25.0095 0x075c  RemoteRegistry - ok
00:10:25.0126 0x075c  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
00:10:25.0173 0x075c  RpcLocator - ok
00:10:25.0188 0x075c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
00:10:25.0220 0x075c  RpcSs - ok
00:10:25.0266 0x075c  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:10:25.0298 0x075c  rspndr - ok
00:10:25.0360 0x075c  [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
00:10:25.0376 0x075c  RTL8169 - ok
00:10:25.0391 0x075c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
00:10:25.0391 0x075c  SamSs - ok
00:10:25.0407 0x075c  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:10:25.0438 0x075c  sbp2port - ok
00:10:25.0516 0x075c  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:10:25.0532 0x075c  SCardSvr - ok
00:10:25.0578 0x075c  [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule        C:\Windows\system32\schedsvc.dll
00:10:25.0734 0x075c  Schedule - ok
00:10:25.0750 0x075c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:10:25.0750 0x075c  SCPolicySvc - ok
00:10:25.0828 0x075c  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:10:25.0922 0x075c  SDRSVC - ok
00:10:25.0937 0x075c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:10:25.0984 0x075c  secdrv - ok
00:10:26.0000 0x075c  [ 7D7A5D3CB5AB4B394E03BDE27E6114E8, 590644469036B9C2DF3D6E56D41FD7D09D0AE5021B0FA96A8CBA873F923865C8 ] seclogon        C:\Windows\system32\seclogon.dll
00:10:26.0031 0x075c  seclogon - ok
00:10:26.0046 0x075c  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
00:10:26.0078 0x075c  SENS - ok
00:10:26.0109 0x075c  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:10:26.0124 0x075c  Serenum - ok
00:10:26.0187 0x075c  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
00:10:26.0234 0x075c  Serial - ok
00:10:26.0265 0x075c  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:10:26.0280 0x075c  sermouse - ok
00:10:26.0296 0x075c  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:10:26.0312 0x075c  SessionEnv - ok
00:10:26.0327 0x075c  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:10:26.0343 0x075c  sffdisk - ok
00:10:26.0358 0x075c  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:10:26.0374 0x075c  sffp_mmc - ok
00:10:26.0390 0x075c  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:10:26.0421 0x075c  sffp_sd - ok
00:10:26.0436 0x075c  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:10:26.0468 0x075c  sfloppy - ok
00:10:26.0499 0x075c  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:10:26.0530 0x075c  SharedAccess - ok
00:10:26.0561 0x075c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:10:26.0608 0x075c  ShellHWDetection - ok
00:10:26.0608 0x075c  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
00:10:26.0624 0x075c  sisagp - ok
00:10:26.0639 0x075c  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
00:10:26.0639 0x075c  SiSRaid2 - ok
00:10:26.0655 0x075c  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:10:26.0670 0x075c  SiSRaid4 - ok
00:10:26.0780 0x075c  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
00:10:26.0998 0x075c  slsvc - ok
00:10:27.0060 0x075c  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
00:10:27.0092 0x075c  SLUINotify - ok
00:10:27.0107 0x075c  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:10:27.0154 0x075c  Smb - ok
00:10:27.0185 0x075c  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:10:27.0201 0x075c  SNMPTRAP - ok
00:10:27.0216 0x075c  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:10:27.0216 0x075c  spldr - ok
00:10:27.0232 0x075c  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
00:10:27.0263 0x075c  Spooler - ok
00:10:27.0326 0x075c  [ E822F009416F6CC21C6545D58E8F9B62, 8536F4386303137BF3618E640F66EE2DA272BA3E7CDCD68C761BA74204A29608 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:10:27.0372 0x075c  srv - ok
00:10:27.0388 0x075c  [ 37DBD18CDC429690F34862F39BFEBDA5, 43EA2A23A36271CDFED93823822D7DDE550EC7492412ECBE8931ED6D2BEC632B ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:10:27.0404 0x075c  srv2 - ok
00:10:27.0404 0x075c  [ 40CD9883E862BF84A35D58A10652C0E0, B4205536ADC4BE98F076751DFC8F86EC070F03A4B15EE133391498A3FDEC2798 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:10:27.0419 0x075c  srvnet - ok
00:10:27.0435 0x075c  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:10:27.0482 0x075c  SSDPSRV - ok
00:10:27.0544 0x075c  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:10:27.0560 0x075c  SstpSvc - ok
00:10:27.0591 0x075c  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
00:10:27.0622 0x075c  stisvc - ok
00:10:27.0669 0x075c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:10:27.0684 0x075c  swenum - ok
00:10:27.0731 0x075c  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
00:10:27.0778 0x075c  swprv - ok
00:10:27.0794 0x075c  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
00:10:27.0794 0x075c  Symc8xx - ok
00:10:27.0809 0x075c  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
00:10:27.0825 0x075c  Sym_hi - ok
00:10:27.0825 0x075c  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
00:10:27.0840 0x075c  Sym_u3 - ok
00:10:27.0872 0x075c  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
00:10:27.0934 0x075c  SysMain - ok
00:10:27.0996 0x075c  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:10:28.0012 0x075c  TabletInputService - ok
00:10:28.0043 0x075c  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:10:28.0074 0x075c  TapiSrv - ok
00:10:28.0090 0x075c  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
00:10:28.0106 0x075c  TBS - ok
00:10:28.0168 0x075c  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:10:28.0199 0x075c  Tcpip - ok
00:10:28.0277 0x075c  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
00:10:28.0308 0x075c  Tcpip6 - ok
00:10:28.0386 0x075c  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:10:28.0433 0x075c  tcpipreg - ok
00:10:28.0449 0x075c  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:10:28.0480 0x075c  TDPIPE - ok
00:10:28.0480 0x075c  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:10:28.0511 0x075c  TDTCP - ok
00:10:28.0527 0x075c  [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:10:28.0542 0x075c  tdx - ok
00:10:28.0542 0x075c  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:10:28.0558 0x075c  TermDD - ok
00:10:28.0589 0x075c  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
00:10:28.0667 0x075c  TermService - ok
00:10:28.0667 0x075c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
00:10:28.0683 0x075c  Themes - ok
00:10:28.0698 0x075c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
00:10:28.0714 0x075c  THREADORDER - ok
00:10:28.0730 0x075c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
00:10:28.0761 0x075c  TrkWks - ok
00:10:28.0792 0x075c  [ 0C997B061E3C66BD9E927C1288EB1CC7, 3807E9A1BC159B9E8FC0C7CAAD10D7213FF8ED8AD1CEA9EA552B093C81BF624B ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
00:10:28.0808 0x075c  TrueSight - ok
00:10:28.0839 0x075c  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:10:28.0870 0x075c  TrustedInstaller - ok
00:10:28.0901 0x075c  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:10:28.0948 0x075c  tssecsrv - ok
00:10:29.0010 0x075c  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
00:10:29.0042 0x075c  tunmp - ok
00:10:29.0057 0x075c  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:10:29.0073 0x075c  tunnel - ok
00:10:29.0088 0x075c  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:10:29.0088 0x075c  uagp35 - ok
00:10:29.0120 0x075c  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:10:29.0151 0x075c  udfs - ok
00:10:29.0166 0x075c  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:10:29.0182 0x075c  UI0Detect - ok
00:10:29.0198 0x075c  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:10:29.0213 0x075c  uliagpkx - ok
00:10:29.0229 0x075c  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
00:10:29.0244 0x075c  uliahci - ok
00:10:29.0260 0x075c  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
00:10:29.0260 0x075c  UlSata - ok
00:10:29.0276 0x075c  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
00:10:29.0276 0x075c  ulsata2 - ok
00:10:29.0291 0x075c  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:10:29.0322 0x075c  umbus - ok
00:10:29.0338 0x075c  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
00:10:29.0369 0x075c  upnphost - ok
00:10:29.0385 0x075c  [ A176718F0DF45F60F545CF3E14F4D108, 5E767CB0B51B3BA05B6F99A7E46BEC275489DCFE874343C9B992843AA1F2334E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
00:10:29.0416 0x075c  USBAAPL - ok
00:10:29.0478 0x075c  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:10:29.0510 0x075c  usbccgp - ok
00:10:29.0572 0x075c  [ 32C068EAF37C92D7194EEE1FAA1E7853, 166D8C0BEF0C5231DC1A0104F9C54E79EFB0FF209188EC66158071BF129A10BE ] USBCCID         C:\Windows\system32\DRIVERS\usbccid.sys
00:10:29.0588 0x075c  USBCCID - ok
00:10:29.0603 0x075c  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:10:29.0634 0x075c  usbcir - ok
00:10:29.0666 0x075c  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
00:10:29.0681 0x075c  usbehci - ok
00:10:29.0712 0x075c  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:10:29.0744 0x075c  usbhub - ok
00:10:29.0759 0x075c  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:10:29.0790 0x075c  usbohci - ok
00:10:29.0790 0x075c  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
00:10:29.0822 0x075c  usbprint - ok
00:10:29.0837 0x075c  [ 234F76D9337BBD25D849C3860418723A, 8AC74D4FFFDEF5CCAA34BA185B45D252BAC15FE37E00515F9365878325764E7F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:10:29.0884 0x075c  USBSTOR - ok
00:10:29.0915 0x075c  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
00:10:29.0931 0x075c  usbuhci - ok
00:10:29.0946 0x075c  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
00:10:29.0962 0x075c  UxSms - ok
00:10:29.0993 0x075c  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
00:10:30.0024 0x075c  vds - ok
00:10:30.0071 0x075c  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:10:30.0134 0x075c  vga - ok
00:10:30.0149 0x075c  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:10:30.0165 0x075c  VgaSave - ok
00:10:30.0180 0x075c  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
00:10:30.0196 0x075c  viaagp - ok
00:10:30.0212 0x075c  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
00:10:30.0227 0x075c  ViaC7 - ok
00:10:30.0243 0x075c  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
00:10:30.0243 0x075c  viaide - ok
00:10:30.0258 0x075c  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:10:30.0258 0x075c  volmgr - ok
00:10:30.0305 0x075c  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:10:30.0321 0x075c  volmgrx - ok
00:10:30.0336 0x075c  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:10:30.0336 0x075c  volsnap - ok
00:10:30.0368 0x075c  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:10:30.0383 0x075c  vsmraid - ok
00:10:30.0414 0x075c  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
00:10:30.0524 0x075c  VSS - ok
00:10:30.0570 0x075c  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
00:10:30.0617 0x075c  W32Time - ok
00:10:30.0648 0x075c  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:10:30.0680 0x075c  WacomPen - ok
00:10:30.0711 0x075c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
00:10:30.0726 0x075c  Wanarp - ok
00:10:30.0742 0x075c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:10:30.0758 0x075c  Wanarpv6 - ok
00:10:30.0773 0x075c  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:10:30.0804 0x075c  wcncsvc - ok
00:10:30.0867 0x075c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:10:30.0898 0x075c  WcsPlugInService - ok
00:10:30.0914 0x075c  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
00:10:30.0914 0x075c  Wd - ok
00:10:30.0992 0x075c  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
00:10:31.0023 0x075c  WDC_SAM - ok
00:10:31.0070 0x075c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:10:31.0116 0x075c  Wdf01000 - ok
00:10:31.0179 0x075c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:10:31.0194 0x075c  WdiServiceHost - ok
00:10:31.0194 0x075c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:10:31.0210 0x075c  WdiSystemHost - ok
00:10:31.0241 0x075c  [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient       C:\Windows\System32\webclnt.dll
00:10:31.0288 0x075c  WebClient - ok
00:10:31.0319 0x075c  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:10:31.0382 0x075c  Wecsvc - ok
00:10:31.0397 0x075c  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:10:31.0413 0x075c  wercplsupport - ok
00:10:31.0444 0x075c  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:10:31.0475 0x075c  WerSvc - ok
00:10:31.0553 0x075c  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
00:10:31.0569 0x075c  WinDefend - ok
00:10:31.0569 0x075c  WinHttpAutoProxySvc - ok
00:10:31.0616 0x075c  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:10:31.0631 0x075c  Winmgmt - ok
00:10:31.0694 0x075c  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:10:31.0772 0x075c  WinRM - ok
00:10:31.0865 0x075c  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:10:31.0943 0x075c  Wlansvc - ok
00:10:31.0974 0x075c  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
00:10:31.0974 0x075c  WmiAcpi - ok
00:10:32.0006 0x075c  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:10:32.0021 0x075c  wmiApSrv - ok
00:10:32.0068 0x075c  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
00:10:32.0208 0x075c  WMPNetworkSvc - ok
00:10:32.0224 0x075c  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:10:32.0255 0x075c  WPCSvc - ok
00:10:32.0286 0x075c  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:10:32.0333 0x075c  WPDBusEnum - ok
00:10:32.0364 0x075c  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
00:10:32.0364 0x075c  WpdUsb - ok
00:10:32.0458 0x075c  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:10:32.0505 0x075c  WPFFontCache_v0400 - ok
00:10:32.0552 0x075c  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:10:32.0614 0x075c  ws2ifsl - ok
00:10:32.0692 0x075c  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
00:10:32.0708 0x075c  wscsvc - ok
00:10:32.0708 0x075c  WSearch - ok
00:10:32.0786 0x075c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:10:32.0879 0x075c  wuauserv - ok
00:10:32.0957 0x075c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:10:33.0020 0x075c  WudfPf - ok
00:10:33.0035 0x075c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:10:33.0066 0x075c  WUDFRd - ok
00:10:33.0082 0x075c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:10:33.0098 0x075c  wudfsvc - ok
00:10:33.0129 0x075c  ================ Scan global ===============================
00:10:33.0176 0x075c  [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
00:10:33.0207 0x075c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
00:10:33.0238 0x075c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
00:10:33.0269 0x075c  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
00:10:33.0285 0x075c  [ Global ] - ok
00:10:33.0285 0x075c  ================ Scan MBR ==================================
00:10:33.0300 0x075c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:10:33.0534 0x075c  \Device\Harddisk0\DR0 - ok
00:10:33.0550 0x075c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
00:10:33.0597 0x075c  \Device\Harddisk1\DR1 - ok
00:10:33.0612 0x075c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
00:10:33.0940 0x075c  \Device\Harddisk2\DR2 - detected TDSS File System ( 1 )
00:10:33.0940 0x075c  \Device\Harddisk2\DR2 ( TDSS File System ) - warning
00:10:34.0205 0x075c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
00:10:34.0767 0x075c  \Device\Harddisk3\DR3 - ok
00:10:34.0767 0x075c  [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk4\DR4
00:10:34.0845 0x075c  \Device\Harddisk4\DR4 - ok
00:10:35.0126 0x075c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk5\DR5
00:10:35.0718 0x075c  \Device\Harddisk5\DR5 - ok
00:10:35.0718 0x075c  ================ Scan VBR ==================================
00:10:35.0750 0x075c  [ C39116F593AD5D5EE397814CEE4C2484 ] \Device\Harddisk0\DR0\Partition1
00:10:35.0750 0x075c  \Device\Harddisk0\DR0\Partition1 - ok
00:10:35.0750 0x075c  [ F6DD308943F74635E4347A13E9BEAB2B ] \Device\Harddisk0\DR0\Partition2
00:10:35.0765 0x075c  \Device\Harddisk0\DR0\Partition2 - ok
00:10:35.0765 0x075c  [ D42F8AF7051A81CFCAE71EDDF91BED5D ] \Device\Harddisk1\DR1\Partition1
00:10:35.0765 0x075c  \Device\Harddisk1\DR1\Partition1 - ok
00:10:35.0765 0x075c  [ 6F960D9FAAFE78A6A1A22CF6687F33F7 ] \Device\Harddisk2\DR2\Partition1
00:10:35.0765 0x075c  \Device\Harddisk2\DR2\Partition1 - ok
00:10:35.0765 0x075c  [ BEC5A26923A467A5A2ED44F76683B480 ] \Device\Harddisk3\DR3\Partition1
00:10:35.0781 0x075c  \Device\Harddisk3\DR3\Partition1 - ok
00:10:35.0781 0x075c  [ D210E3D1F7A17BEF8E6B692F6BC47595 ] \Device\Harddisk4\DR4\Partition1
00:10:35.0781 0x075c  \Device\Harddisk4\DR4\Partition1 - ok
00:10:35.0781 0x075c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk5\DR5\Partition1
00:10:35.0781 0x075c  \Device\Harddisk5\DR5\Partition1 - ok
00:10:35.0781 0x075c  [ 1BAC6D0A562F0DA55A4046E5280A94D7 ] \Device\Harddisk5\DR5\Partition2
00:10:35.0781 0x075c  \Device\Harddisk5\DR5\Partition2 - ok
00:10:35.0781 0x075c  ================ Scan generic autorun ======================
00:10:36.0218 0x075c  [ F00A74241943E58F3795291BC3AF0853, DFB6E450A0198E1AC600107D79E8A8301B1F413CC93FCCCFB2A511D249F264D0 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
00:10:36.0779 0x075c  RTHDVCPL - ok
00:10:36.0873 0x075c  [ 627201AE01E87E730C70C6E256937E8D, 7F839397133344B0626E0ECC39AD12679182BEA10CCA2DF26AB80E43B17F3232 ] C:\Program Files\iTunes\iTunesHelper.exe
00:10:36.0888 0x075c  iTunesHelper - ok
00:10:36.0888 0x075c  Waiting for KSN requests completion. In queue: 2
00:10:38.0324 0x075c  AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
00:10:38.0355 0x075c  FW detected via SS2: Kaspersky Anti-Virus, C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x40010 ( disabled )
00:10:38.0448 0x075c  Win FW state via NFP2: enabled ( trusted )
00:10:38.0729 0x075c  ============================================================
00:10:38.0729 0x075c  Scan finished
00:10:38.0729 0x075c  ============================================================
00:10:38.0729 0x04fc  Detected object count: 1
00:10:38.0729 0x04fc  Actual detected object count: 1
00:11:03.0642 0x04fc  \Device\Harddisk2\DR2\TDLFS\ldrm - copied to quarantine
00:11:03.0658 0x04fc  \Device\Harddisk2\DR2\TDLFS\cmd.dll - copied to quarantine
00:11:03.0658 0x04fc  \Device\Harddisk2\DR2\TDLFS\cmd64.dll - copied to quarantine
00:11:03.0674 0x04fc  \Device\Harddisk2\DR2\TDLFS\drv32 - copied to quarantine
00:11:03.0689 0x04fc  \Device\Harddisk2\DR2\TDLFS\drv64 - copied to quarantine
00:11:03.0689 0x04fc  \Device\Harddisk2\DR2\TDLFS\servers.dat - copied to quarantine
00:11:03.0689 0x04fc  \Device\Harddisk2\DR2\TDLFS\config.ini - copied to quarantine
00:11:03.0736 0x04fc  \Device\Harddisk2\DR2\TDLFS\ldr16 - copied to quarantine
00:11:03.0736 0x04fc  \Device\Harddisk2\DR2\TDLFS\ldr32 - copied to quarantine
00:11:03.0736 0x04fc  \Device\Harddisk2\DR2\TDLFS\ldr64 - copied to quarantine
00:11:03.0752 0x04fc  \Device\Harddisk2\DR2\TDLFS\s - copied to quarantine
00:11:03.0752 0x04fc  \Device\Harddisk2\DR2\TDLFS\u - copied to quarantine
00:11:03.0752 0x04fc  \Device\Harddisk2\DR2\TDLFS - deleted
00:11:03.0752 0x04fc  \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Delete
00:12:00.0801 0x0690  Deinitialize success
 

RK Log

 

RogueKiller V12.5.1.0 [Aug 22 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Safe mode with network support
User : Andrew P Saputo [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Delete -- Date : 01/06/2008 00:14:35 (Duration : 00:17:38)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[Hj.RegVal] HKEY_LOCAL_MACHINE\RK_Software_ON_G_A923\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe  -> Replaced (explorer.exe)
[Suspicious.Path|Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\Users\ANDREW~1\AppData\Local\Temp\catchme.sys) -> Not selected
[Suspicious.Path|Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswMBR (\??\C:\Users\ANDREW~1\AppData\Local\Temp\aswMBR.sys) -> Not selected
[Suspicious.Path|Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswVmm (\??\C:\Users\ANDREW~1\AppData\Local\Temp\aswVmm.sys) -> Not selected
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mbr (\??\C:\ComboFix\mbr.sys) -> Not selected
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme (\??\C:\Users\ANDREW~1\AppData\Local\Temp\catchme.sys) -> Not selected
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMBR (\??\C:\Users\ANDREW~1\AppData\Local\Temp\aswMBR.sys) -> Not selected
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswVmm (\??\C:\Users\ANDREW~1\AppData\Local\Temp\aswVmm.sys) -> Not selected
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ACFD004C-DA54-483A-AB5E-936FC72232CD} | DhcpNameServer : 172.20.10.1 ([])  -> Not selected
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ACFD004C-DA54-483A-AB5E-936FC72232CD} | DhcpNameServer : 172.20.10.1 ([])  -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDP725025GLA380 ATA Device +++++
--- User ---
[MBR] bcda33850a8065e5eff58bb8fcb442f4
[BSP] b7986a247bf948dd1ad3dc756b531f19 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 112640 | Size: 10240 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 21084160 | Size: 228122 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST3500320AS ATA Device +++++
--- User ---
[MBR] 1ddc0bbffaab1b3645b0a37d68dd9747
[BSP] 363381e69afb75c5beb005393984f152 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD5000AAKS-00TMA0 ATA Device +++++
--- User ---
[MBR] 73681dfd5050ec78ffaa87f76a1ffead
[BSP] 7572515eeae7fa4287e3d71144b65811 : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476929 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive4: WD 7500AAK External USB Device +++++
--- User ---
[MBR] b344ad4fffbd5ff14986be42d0845730
[BSP] 1343860dbef73a961735f1522ff55311 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 715402 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

 

I'm still in safe mode, but I'll let you know the status of the computer in a little bit.

 

Thanks!
 



#13 andrewsaputo

andrewsaputo
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eugene Oregon
  • Local time:05:07 PM

Posted 25 August 2016 - 02:55 PM

Looking at the system performance, overall, it seems good. I opened a browser (firefox) and most sites were fine. soundcloud wouldn't work, but that was because of the clock. I decided to manually change it, and now the site is good. I also went to another site, that sent me to shrink.in, which was quite buggy (hidden clicks over buttons and such). that is where I'm at. I am not messing with that computer until you respond. thanks!



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:07 PM

Posted 25 August 2016 - 05:19 PM

Thank you.

Regarding shrink.in I am assuming you did not intend to end up there. What site did you initially navigate to and which browser did this happen with?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 andrewsaputo

andrewsaputo
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eugene Oregon
  • Local time:05:07 PM

Posted 26 August 2016 - 08:40 PM

I was using a site, lets say dlmetal.org, which had a link to a particular item I was looking to acquire.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users