Rovot

Members

View Profile See their activity

Posts
10
Joined
February 18, 2012
Last visited
February 27, 2012

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by Rovot

stdrt.exe running in temp folder

Rovot replied to Rovot's topic in Resolved Malware Removal Logs

SystemLook 30.07.11 by jpshortstuff Log created at 22:21 on 23/02/2012 by Guillermo Administrator - Elevation successful ========== filefind ========== Searching for "regsrv.exe" No files found. -= EOF =-
stdrt.exe running in temp folder

Rovot replied to Rovot's topic in Resolved Malware Removal Logs

ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10 # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-02-03 01:15:56 # local_time=2012-02-02 07:15:56 (-0600, Central Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=5893 16776574 66 85 30088203 79774202 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=34450 # found=0 # cleaned=0 # scan_time=1004 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-02-07 09:01:49 # local_time=2012-02-07 03:01:49 (-0600, Central Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 16305 16305 0 0 # compatibility_mode=5893 16776574 66 85 30456133 80142132 0 0 # compatibility_mode=8192 67108863 100 0 285740 285740 0 0 # scanned=212536 # found=5 # cleaned=0 # scan_time=6627 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\40f5675b-4927c0fd Java/TrojanDownloader.Agent.AC trojan (unable to clean) 00000000000000000000000000000000 I C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\40f5675b-4927c0fd Java/TrojanDownloader.Agent.AC trojan (unable to clean) 00000000000000000000000000000000 I D:\Downloads\kimtea.zip PHP/Kryptik.AB trojan (unable to clean) 00000000000000000000000000000000 I D:\Downloads\FL Studio 10.0.9 XXL Bundle\flstudio_10.0.9.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I D:\Downloads\FL Studio 10.0.9 XXL Bundle\XXL_Plugins\deckadance_1.93.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-02-07 08:28:35 # local_time=2012-02-07 02:28:35 (-0600, Central Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 59731 59731 0 0 # compatibility_mode=5893 16776574 66 85 30499559 80185558 0 0 # compatibility_mode=8192 67108863 100 0 329166 329166 0 0 # scanned=213941 # found=4 # cleaned=0 # scan_time=4407 C:\Qoobox\Quarantine\D\av2.zip multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Qoobox\Quarantine\D\Downloads\kimtea.zip.vir PHP/Kryptik.AB trojan (unable to clean) 00000000000000000000000000000000 I C:\Qoobox\Quarantine\D\Downloads\FL Studio 10.0.9 XXL Bundle\flstudio_10.0.9.exe.vir Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I C:\Qoobox\Quarantine\D\Downloads\FL Studio 10.0.9 XXL Bundle\XXL_Plugins\deckadance_1.93.exe.vir Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I esets_scanner_update returned -1 esets_gle=53251 # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10 # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-02-07 10:37:19 # local_time=2012-02-07 04:37:19 (-0600, Central Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 70841 70841 0 0 # compatibility_mode=5893 16776574 66 85 30510669 80196668 0 0 # compatibility_mode=8192 67108863 100 0 340276 340276 0 0 # scanned=35960 # found=0 # cleaned=0 # scan_time=1021 esets_scanner_update returned -1 esets_gle=53251 ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-02-08 01:11:17 # local_time=2012-02-07 07:11:17 (-0600, Central Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 77469 77469 0 0 # compatibility_mode=5893 16776574 66 85 30517297 80203296 0 0 # compatibility_mode=8192 67108863 100 0 346904 346904 0 0 # scanned=212863 # found=0 # cleaned=0 # scan_time=3630 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-02-15 07:43:14 # local_time=2012-02-15 01:43:14 (-0600, Central Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 749519 749519 0 0 # compatibility_mode=3073 16777213 80 71 0 6731310 0 0 # compatibility_mode=5893 16776574 66 85 31189347 80875346 0 0 # compatibility_mode=8192 67108863 100 0 1018954 1018954 0 0 # scanned=212719 # found=0 # cleaned=0 # scan_time=3097 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-02-24 03:29:53 # local_time=2012-02-23 09:29:53 (-0600, Central Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 1468520 1468520 0 0 # compatibility_mode=3073 16777213 80 71 105992 7450311 0 0 # compatibility_mode=5893 16776574 66 85 31908348 81594347 0 0 # compatibility_mode=8192 67108863 100 0 1737955 1737955 0 0 # scanned=224765 # found=0 # cleaned=0 # scan_time=3295
stdrt.exe running in temp folder

Rovot replied to Rovot's topic in Resolved Malware Removal Logs

tried that program and it's a mess. didn't get rid of it either.
stdrt.exe running in temp folder

Rovot replied to Rovot's topic in Resolved Malware Removal Logs

https://www.virustotal.com/file/7d471caa3e868232fcfd75f0d32611e2b3047a47ca9c96722bf6f58918788afe/analysis/1330030514/
stdrt.exe running in temp folder

Rovot replied to Rovot's topic in Resolved Malware Removal Logs

Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.22.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Guillermo :: LAPPY [administrator] 2/22/2012 10:55:47 AM mbam-log-2012-02-22 (10-55-47).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 192429 Time elapsed: 5 minute(s), 51 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) strangely enough, MBAM doesnt detect, even when I continued to be infected
stdrt.exe running in temp folder

Rovot replied to Rovot's topic in Resolved Malware Removal Logs

. ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616] "PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2010-11-07 2646128] "F.lux"="c:\users\Guillermo\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2011-09-27 646232] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2011-07-25 3058304] "googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536] . c:\users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Guillermo\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-1-18 24246216] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-11 548528] CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2011-3-16 217088] Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R1 MpKsl4854c672;MpKsl4854c672;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7C9EA47A-C174-409B-B79A-A91071ADB998}\MpKsl4854c672.sys [x] R2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\SysWOW64\adbcnsl.exe [2012-01-07 689492] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AMPPALP;Intel® Centrino® Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x] R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x] R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x] R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x] R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x] R3 BlackBox;BlackBox SR2; [x] R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x] R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x] R3 DIRECTIO;DIRECTIO;c:\bit_temp\DirectIo.sys [x] R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536] S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928] S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2011-03-16 222720] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-02-09 531328] S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504] S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160] S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] S3 AMPPAL;Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x] S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 71503573 *Deregistered* - 71503573 . Contents of the 'Scheduled Tasks' folder . 2012-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2075945034-679189341-3693907279-1000Core.job - c:\users\Guillermo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-06 17:46] . 2012-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2075945034-679189341-3693907279-1000UA.job - c:\users\Guillermo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-06 17:46] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368] "snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-26 11775592] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 9454920] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\guard64.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://asus.msn.com mLocal Page = c:\windows\system32\blank.htm Trusted Zone: intuit.com\ttlc TCP: DhcpNameServer = 192.168.1.254 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:87,41,89,b1,7e,d1,cc,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,a0,f1,03,a9,de,94,44,ae,54,2b,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c8,02,88,90,34,52,3f,47,b5,1a,21,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,a0,f1,03,a9,de,94,44,ae,54,2b,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,a0,f1,03,a9,de,94,44,ae,54,2b,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,a0,f1,03,a9,de,94,44,ae,54,2b,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-02-21 18:22:44 ComboFix-quarantined-files.txt 2012-02-22 00:22 ComboFix2.txt 2012-02-15 17:57 ComboFix3.txt 2012-02-12 23:02 ComboFix4.txt 2012-02-08 12:53 ComboFix5.txt 2012-02-22 00:13 . Pre-Run: 30,436,642,816 bytes free Post-Run: 30,354,219,008 bytes free . - - End Of File - - B8681B6BD797B74B896599C545E46C94
stdrt.exe running in temp folder

Rovot replied to Rovot's topic in Resolved Malware Removal Logs

ComboFix 12-02-21.02 - Guillermo 02/21/2012 18:15:49.8.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.2701 [GMT -6:00] Running from: c:\users\Guillermo\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A} SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-01-22 to 2012-02-22 ))))))))))))))))))))))))))))))) . . 2012-02-22 00:21 . 2012-02-22 00:21 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-21 12:14 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C0863DCB-A285-4054-88B5-4196B7205E18}\mpengine.dll 2012-02-18 20:59 . 2012-02-18 20:59 39184 ----a-w- c:\windows\system32\Partizan.exe 2012-02-17 06:22 . 2012-02-17 06:22 -------- d-----w- c:\users\Guillermo\AppData\Local\{FFFA2FB9-4857-4475-8379-F36343DA5801} 2012-02-15 22:27 . 2012-02-15 22:27 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2012-02-15 01:31 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-15 01:31 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-15 01:31 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-15 01:31 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-15 01:31 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-15 01:31 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-15 01:31 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-15 01:31 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-13 21:25 . 2012-02-20 21:08 -------- d-----w- c:\users\Guillermo\AppData\Local\CrashDumps 2012-02-13 20:24 . 2010-08-03 21:30 196224 ----a-w- c:\program files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll 2012-02-13 20:24 . 2012-02-13 20:24 -------- d-----w- c:\programdata\P4G 2012-02-13 20:24 . 2012-02-13 20:24 -------- d-----w- c:\program files\ASUS 2012-02-12 09:52 . 2012-02-12 09:52 -------- d-----w- c:\users\Guillermo\AppData\Local\SWTOR 2012-02-12 08:12 . 2012-02-15 18:42 81984 ----a-w- c:\windows\system32\bdod.bin 2012-02-12 06:25 . 2012-02-12 06:25 -------- d-----w- c:\users\Guillermo\AppData\Roaming\BitDefender 2012-02-12 06:25 . 2012-02-15 18:42 -------- d-----w- c:\program files\Common Files\BitDefender 2012-02-12 06:25 . 2012-02-13 02:22 -------- d-----w- c:\programdata\BitDefender 2012-02-12 06:25 . 2012-02-12 06:25 -------- d-----w- c:\program files\BitDefender 2012-02-12 06:24 . 2012-02-12 06:24 -------- d-----w- c:\program files (x86)\Common Files\BitDefender 2012-02-12 06:13 . 2012-02-12 06:13 -------- d-----w- c:\programdata\CPA_VA 2012-02-12 06:07 . 2012-02-12 06:08 -------- d-----w- c:\programdata\Comodo 2012-02-12 06:07 . 2012-02-12 06:13 -------- d-----w- c:\program files\COMODO 2012-02-12 06:07 . 2012-02-12 06:14 -------- d-----w- c:\program files (x86)\Comodo 2012-02-11 03:30 . 2012-02-11 03:30 -------- d-----w- c:\program files (x86)\Common Files\BioWare 2012-02-11 03:30 . 2012-02-11 03:30 -------- d-----w- c:\program files (x86)\Electronic Arts 2012-02-11 01:55 . 2012-01-06 19:31 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-02-11 01:55 . 2012-02-11 01:55 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E95627E9-6740-4F24-9957-A5715780658E}\gapaengine.dll 2012-02-11 01:41 . 2012-02-11 01:41 -------- d-----w- c:\program files (x86)\SystemRequirementsLab 2012-02-11 01:41 . 2012-02-11 01:41 -------- d-----w- c:\users\Guillermo\AppData\Roaming\SystemRequirementsLab 2012-02-11 01:41 . 2012-02-11 01:41 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-02-11 01:41 . 2012-02-11 01:41 -------- d-----w- c:\program files (x86)\Java 2012-02-10 21:35 . 2012-02-10 21:37 -------- d-----w- c:\users\Guillermo\AppData\Roaming\Origin 2012-02-10 21:34 . 2012-02-18 21:23 -------- d-----w- c:\programdata\Origin 2012-02-08 11:51 . 2009-07-14 01:14 14848 ----a-w- c:\windows\SysWow64\regsvr32 - Copy.exe 2012-02-08 11:32 . 2012-02-08 11:32 -------- d-----w- c:\users\Guillermo\AppData\Roaming\QuickScan 2012-02-08 11:27 . 2012-02-08 11:27 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2012-02-08 11:26 . 2012-02-08 11:26 -------- d-----w- c:\programdata\Hitman Pro 2012-02-08 04:39 . 2012-02-18 20:58 2 --shatr- c:\windows\winstart.bat 2012-02-08 04:39 . 2012-02-18 21:23 -------- d-----w- c:\program files (x86)\UnHackMe 2012-02-08 03:28 . 2012-02-10 03:14 -------- d-----w- c:\users\Guillermo\AppData\Local\NPE 2012-02-08 03:28 . 2012-02-08 03:28 -------- d-----w- c:\programdata\Norton 2012-02-08 02:57 . 2012-01-16 22:28 767952 ----a-w- c:\windows\BDTSupport.dll0227.old 2012-02-08 02:57 . 2012-01-16 22:28 149456 ----a-w- c:\windows\SGDetectionTool.dll0227.old 2012-02-08 02:57 . 2012-01-16 22:28 2246608 ----a-w- c:\windows\PCTBDCore.dll0227.old 2012-02-08 02:55 . 2012-02-08 02:55 -------- d-----w- c:\program files (x86)\PC Tools 2012-02-08 01:31 . 2012-01-11 22:19 230952 ----a-w- c:\windows\system32\drivers\PCTSD64.sys 2012-02-08 01:31 . 2012-02-08 03:22 -------- d-----w- c:\program files (x86)\Common Files\PC Tools 2012-02-08 01:29 . 2012-02-08 03:20 -------- d-----w- c:\programdata\PC Tools 2012-02-08 01:29 . 2012-02-08 01:29 -------- d-----w- c:\users\Guillermo\AppData\Roaming\TestApp 2012-02-07 06:37 . 2012-02-07 06:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-02-07 06:37 . 2011-12-10 21:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-07 06:36 . 2012-02-07 06:36 388096 ----a-r- c:\users\Guillermo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-02-07 01:59 . 2012-02-07 02:56 -------- d-----w- C:\folder2 2012-02-07 01:59 . 2012-02-07 02:56 -------- d-----w- C:\folder1 2012-02-04 09:42 . 2012-02-04 09:42 65736 ----a-w- c:\windows\system32\drivers\pxrts.sys 2012-02-04 09:42 . 2012-02-04 09:42 -------- d-----w- c:\program files\Prevx 2012-02-04 09:41 . 2012-02-05 19:11 -------- d-----w- c:\programdata\PrevxCSI 2012-02-03 08:10 . 2012-02-03 20:49 35712 ----a-w- c:\windows\SysWow64\drivers\BlackBox.sys 2012-02-03 04:17 . 2012-02-08 11:31 -------- d-----w- c:\programdata\Kaspersky Lab 2012-02-03 03:24 . 2012-02-03 03:24 -------- d-----w- c:\users\Guillermo\AppData\Local\Sunbelt Software 2012-02-03 00:49 . 2012-02-03 00:49 -------- d-----w- c:\program files (x86)\ESET 2012-02-02 18:35 . 2012-02-02 18:35 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-02 02:03 . 2012-02-02 02:03 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-02-02 01:50 . 2012-02-03 01:38 -------- d-----w- c:\program files (x86)\Lavasoft 2012-02-02 01:50 . 2012-02-03 01:38 -------- d-----w- c:\programdata\Lavasoft 2012-02-02 01:46 . 2012-02-02 01:46 -------- d-----w- c:\users\Guillermo\AppData\Roaming\SUPERAntiSpyware.com 2012-02-02 01:45 . 2012-02-02 01:45 -------- d-----w- c:\users\Guillermo\AppData\Roaming\Malwarebytes 2012-02-02 01:45 . 2012-02-02 01:45 -------- d-----w- c:\programdata\Malwarebytes 2012-02-01 18:06 . 2012-02-01 18:06 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2012-02-01 18:06 . 2012-02-01 18:06 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2012-02-01 18:06 . 2012-02-01 18:06 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2012-02-01 18:06 . 2012-02-01 18:06 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2012-02-01 18:06 . 2012-02-01 18:06 -------- d-----w- c:\program files (x86)\OpenAL 2012-02-01 18:03 . 2012-02-01 18:03 -------- d-----w- c:\users\Guillermo\AppData\Local\2DBoy 2012-02-01 18:03 . 2012-02-01 18:03 -------- d-----w- c:\programdata\2DBoy 2012-02-01 16:25 . 2012-02-01 16:25 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine 2012-02-01 16:25 . 2012-02-21 19:52 -------- d-----w- c:\users\Guillermo\AppData\Roaming\Winamp 2012-02-01 16:25 . 2012-02-01 16:28 -------- d-----w- c:\program files (x86)\Winamp 2012-01-31 05:46 . 2012-01-31 05:46 -------- d-----w- c:\users\Guillermo\AppData\Local\Programs 2012-01-30 12:15 . 2012-01-30 12:15 -------- d-----w- c:\windows\Sun 2012-01-29 23:59 . 2012-02-11 01:41 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-01-27 11:43 . 2011-06-21 04:09 200976 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys 2012-01-27 11:31 . 2012-01-27 11:39 -------- d-----w- c:\program files (x86)\Trend Micro 2012-01-27 07:56 . 2012-01-27 07:56 -------- d-----w- c:\programdata\Soulseek 2012-01-27 07:56 . 2012-01-27 07:56 -------- d-----w- c:\program files (x86)\SoulseekNS 2012-01-27 07:31 . 2012-02-14 18:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-01-27 07:31 . 2012-01-27 07:34 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-01-26 06:03 . 2012-02-08 11:00 -------- d-----w- c:\users\Guillermo\.config 2012-01-25 18:49 . 2012-02-15 07:52 -------- d-----w- c:\program files (x86)\Steam 2012-01-25 07:27 . 2012-01-25 07:27 -------- d-----w- c:\programdata\Age of Empires 3 2012-01-25 07:20 . 2012-02-02 04:32 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games 2012-01-25 07:13 . 2012-02-02 04:39 -------- d-----w- c:\program files (x86)\Microsoft Games 2012-01-23 20:14 . 2012-02-21 12:24 -------- d-----w- c:\users\Guillermo\riotsGamesLogs 2012-01-23 19:34 . 2012-01-23 19:34 -------- d-----w- C:\Games 2012-01-23 19:34 . 2012-01-27 11:39 -------- d-----w- c:\users\Guillermo\AppData\Local\Black_Tree_Gaming . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-18 21:11 . 2011-07-25 20:21 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe 2012-01-31 12:44 . 2012-01-06 19:31 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-01-18 03:00 . 2012-01-18 03:00 577824 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2012-01-08 23:07 . 2012-01-08 23:07 2892 ----a-w- c:\windows\SysWow64\audcon.sys 2012-01-08 21:40 . 2012-01-08 21:40 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-01-08 21:40 . 2012-01-08 21:40 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll 2012-01-08 21:40 . 2012-01-08 21:40 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll 2012-01-08 05:09 . 2012-01-08 05:09 384 ----a-w- c:\windows\SysWow64\checkOS.bat 2012-01-07 19:23 . 2012-01-07 19:23 689492 ----a-w- c:\windows\SysWow64\adbcnsl.exe 2012-01-06 18:33 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-01-06 05:15 . 2012-01-08 05:30 8602168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-12-20 00:59 . 2011-12-20 00:59 93200 ----a-w- c:\windows\system32\drivers\inspect.sys 2011-12-20 00:59 . 2011-12-20 00:59 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2011-12-20 00:59 . 2011-12-20 00:59 22696 ----a-w- c:\windows\system32\drivers\cmderd.sys 2011-12-20 00:58 . 2011-12-20 00:58 41200 ----a-w- c:\windows\system32\cmdcsr.dll 2011-12-20 00:58 . 2011-12-20 00:58 389840 ----a-w- c:\windows\system32\guard64.dll 2011-12-20 00:58 . 2011-12-20 00:58 301224 ----a-w- c:\windows\SysWow64\guard32.dll . . ((((((((((((((((((((((((((((( SnapShot_2012-02-15_17.26.48 ))))))))))))))))))))))))))))))))))))))))) . + 2012-02-21 12:01 . 2012-02-21 12:01 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012022120120222\index.dat - 2012-01-09 05:10 . 2012-02-15 17:28 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat + 2012-01-09 05:10 . 2012-02-21 12:01 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat + 2012-02-15 22:27 . 2012-02-15 22:27 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 00:21 . 2009-07-14 01:41 88064 c:\windows\system32\WpdMtpUS.dll + 2011-02-18 20:13 . 2012-02-21 12:02 64998 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-02-21 12:02 47934 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2012-01-06 18:02 . 2012-02-21 12:02 16384 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2075945034-679189341-3693907279-1000_UserData.bin - 2009-07-14 05:30 . 2012-02-12 06:08 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-14 05:30 . 2012-02-19 06:46 86016 c:\windows\system32\DriverStore\infpub.dat + 2011-02-18 19:49 . 2010-11-20 10:43 41984 c:\windows\system32\drivers\winusb.sys + 2012-01-06 18:32 . 2012-02-21 12:00 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2012-01-06 18:32 . 2012-02-15 13:30 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2012-02-12 02:09 . 2012-02-15 13:30 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2012-02-12 02:09 . 2012-02-21 12:00 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-02-15 13:30 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-02-21 12:00 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:46 . 2012-02-16 23:05 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2011-04-11 22:56 . 2012-02-15 22:27 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - 2011-04-11 22:56 . 2012-01-07 05:39 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2012-02-15 17:52 . 2012-02-15 17:52 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\42d44cc48edbf4d5b19af6d6afc6cd62\System.Windows.Presentation.ni.dll + 2012-02-15 17:52 . 2012-02-15 17:52 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\5c5a54c265c044f359659e6eeff29171\System.Web.ApplicationServices.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\5febe9c0db17256605a3c0b906d124a3\System.Windows.Presentation.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\d948214592e9ee62eefecfc06ac37690\System.Web.ApplicationServices.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\361744396ee71dcc435c93226a8a6754\System.ServiceModel.Channels.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\265f654b8eed2ac1e42d225a30433c37\System.Windows.Presentation.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\62889e05923a83fa32400e7f3b28f9c6\System.Web.DynamicData.Design.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\c1577aa4e5874f1debc9a63343e5a0d7\PresentationFontCache.ni.exe + 2012-02-15 17:39 . 2012-02-15 17:39 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\2d80e48139b13bf06e85c0c1db06bc20\Microsoft.WSMan.Runtime.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\df5c0dac9e7db175acc8a9755942f87f\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\8a9356f77bd1d1155202f59119ee57c9\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4e53199f22c13aa3e4bc6f063da0aee7\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0f361440d7cbda4bf5b44bfbd4623812\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\f15fa2345f2673b95ac0570da21525f2\WindowsLiveWriter.ni.exe + 2012-02-15 17:31 . 2012-02-15 17:31 81408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bcfabefedbeb1188aa4e53769aeac91b\WindowsLive.Writer.Passport.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\df6e2f050af3e7a7676650240ef9d7e5\System.Windows.Presentation.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\e66fcffbc602b284e20b6c49f4ac64b6\System.Web.DynamicData.Design.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2463cb2600fc129e38f67974f3553368\System.ComponentModel.DataAnnotations.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\bef92fc6725738f2a261600dab88cd66\PresentationFontCache.ni.exe + 2012-02-15 17:33 . 2012-02-15 17:33 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\7834abeef71f9188bb9d9253d8f807ab\Microsoft.WSMan.Runtime.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ef668f1802501935d634458ef637f5e7\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\a66c7d26f61bb8e12960441a77159102\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\61a8d567fe6450b5b77584b0044a6979\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\52785c0dca46f1e08b5cf9299fba9ae0\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\183073b14873e3b18951879ae4a8b425\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\824d2cc6a8193a2458ce90e579c8b8f5\Microsoft.Vsa.ni.dll - 2012-02-15 17:25 . 2012-02-15 17:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-02-21 12:00 . 2012-02-21 12:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-02-21 12:00 . 2012-02-21 12:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-02-15 17:25 . 2012-02-15 17:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-02-13 20:23 . 2012-02-18 21:21 307807 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\MMFApplications\msdc1.dll - 2012-01-09 05:10 . 2012-02-15 17:26 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2012-01-09 05:10 . 2012-02-21 12:00 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 04:54 . 2012-02-21 12:00 131072 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-02-15 17:26 114688 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-02-21 12:00 114688 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 00:21 . 2009-07-14 01:41 297984 c:\windows\system32\WpdMtp.dll + 2012-01-06 20:59 . 2012-02-20 21:08 305480 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2012-01-07 02:53 . 2012-02-21 22:00 285594 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin - 2009-07-14 02:36 . 2012-02-15 13:23 637690 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-02-21 22:01 637690 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-02-21 22:01 111274 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-02-15 13:23 111274 c:\windows\system32\perfc009.dat + 2009-07-14 05:30 . 2012-02-19 06:46 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2012-02-12 06:08 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:12 . 2012-02-15 13:30 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 05:12 . 2012-02-21 12:00 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2009-07-14 05:01 . 2012-02-15 15:42 474012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-02-21 11:58 474012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-01-07 03:28 . 2012-02-17 06:42 210800 c:\windows\Installer\{2EFEAD58-3311-4B2B-9D8A-8D663581D109}\ARPPRODUCTICON.exe + 2012-02-15 17:52 . 2012-02-15 17:52 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\6bdb6c455153a223a2180c883ea5a06c\WindowsFormsIntegration.ni.dll + 2012-02-15 17:52 . 2012-02-15 17:52 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\8df6331b51fe3ae5b9d0cf8c582d3f84\UIAutomationClient.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\6bc2cf9d31ae7e22349af3ddb1306c96\System.Xml.Linq.ni.dll + 2012-02-15 17:49 . 2012-02-15 17:49 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\f9e5fcb862d898327924fcac2ff47c4d\System.Windows.Input.Manipulations.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\5f61f0305f22aed705e0680f58fc5d89\System.Transactions.ni.dll + 2012-02-15 17:52 . 2012-02-15 17:52 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\6afb4b90a21aae2e499f577b92102b85\System.ServiceProcess.ni.dll + 2012-02-15 17:52 . 2012-02-15 17:52 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\bfb5e1c0961fe330c89c043a188cc807\System.ServiceModel.Routing.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\671c48760746239f2dfb0b64a7413624\System.ServiceModel.Channels.ni.dll + 2012-02-15 17:42 . 2012-02-15 17:42 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\d8342f4b914e190a9e5c89c7703dd11f\System.Security.ni.dll + 2012-02-15 17:49 . 2012-02-15 17:49 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\9426384a1d2d2e815e093a0fe88da585\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2012-02-15 17:49 . 2012-02-15 17:49 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\73d3849c909668636452b43f54edb54e\System.Runtime.Remoting.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\21fa922f90a47d10fd11107efff5ea4f\System.Net.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\c07fc2256ec2210bfd7f7abf1639833e\System.Messaging.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\655c314109b3ab211e13b88d0769651b\System.Management.Instrumentation.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\cf1c0c4152c5548179dd3e2870f25cc4\System.IO.Log.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\d8dc2ea040e12c679b5d779370a19e58\System.IdentityModel.Selectors.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\fef2650a5b3bf39527150b4058762611\System.EnterpriseServices.Wrapper.dll + 2012-02-15 17:42 . 2012-02-15 17:42 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\994e60f26b11755207e9c7ebb9fd688b\System.Dynamic.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\bc62e3c6c42db6e63c18038e9bac5a5c\System.DirectoryServices.Protocols.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\5373b5adf6f12ca3ac8806827259a986\System.Device.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\938f42c2d694b3935ca890fee7d0c8a7\System.Data.DataSetExtensions.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\cde466cd9b88dc7857c40ac43bf7632c\System.Configuration.Install.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\081bebeff0574ed1969b05eafab5b342\System.ComponentModel.DataAnnotations.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\e88489a8cc6a68a7ebb4617d1a20e5e7\System.AddIn.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\ba36345815c2011c3f054ebee01a0569\System.Activities.DurableInstancing.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\70edc7fbf7505880ab1652b35f6e9517\SMSvcHost.ni.exe + 2012-02-15 17:43 . 2012-02-15 17:43 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\9d160b8d7c69ce50ac1db59a8fa2bcb5\SMDiagnostics.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\dbb2bb145d0bac0d0615f52739ad2702\PresentationFramework.Aero.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\4d9a6f376f83a6ea5b71a678566ee1de\PresentationFramework.Royale.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\3ec560f5f3b643e02b6025363034d624\PresentationFramework.Luna.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\1767cdd5d245b5087045d1ad2fbdd8fd\PresentationFramework.Classic.ni.dll + 2012-02-15 17:42 . 2012-02-15 17:42 289280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\10abc6daca21b4d51f5e34abe73cb5cb\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-02-15 17:42 . 2012-02-15 17:42 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\385ffb17c4890d76682d1d0c81f39e09\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\bfab3d0d973b05366401b15f6ab8febb\WindowsFormsIntegration.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\f4d55487b0e1eae2de72e1d8e14c4781\UIAutomationClient.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\35b997b2652f8f564b062e6a6e59055f\System.Xml.Linq.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\b16aace2ac6c7e7d6849f3a683776cd1\System.Windows.Input.Manipulations.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\07db951fbbd939fc70b0b91a8fa83185\System.Transactions.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\f9977bade8fa997882aa57b430820765\System.ServiceProcess.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b6b9eeba0eaffb7691e9fd06c4f3dd10\System.ServiceModel.Routing.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\012cb4a4bd973425eac0dbe52cdcc721\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e558d70a5dbc430b5a2904eec156749d\System.Runtime.Remoting.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\6ddba0a0ef4a512f8de2b3feacb8bd4a\System.Net.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\3ae04414918ec66af305d771a18d8b3c\System.Messaging.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\b2990e7dd2ce6c1ec99e4f27f766beb0\System.Management.Instrumentation.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\3ee79197b362398995eba1a67e83d865\System.IO.Log.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\3e177995dd026b939dc8b6769c77e60f\System.IdentityModel.Selectors.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\06c498e1b0e11e9de295c02f1519b8ff\System.EnterpriseServices.Wrapper.dll + 2012-02-15 17:35 . 2012-02-15 17:35 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\06c498e1b0e11e9de295c02f1519b8ff\System.EnterpriseServices.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\4946d4a8b1301179885c0621ac7120ca\System.DirectoryServices.Protocols.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\171d40509eccb741a5a4a0908b41c840\System.DirectoryServices.AccountManagement.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\eca593b1efb8f28f8204c841d6f875f2\System.Device.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\8cec191afd4e0abc87ed7e93f814f1fc\System.Data.DataSetExtensions.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\36c77d53335088d10774054af4dfc034\System.Configuration.Install.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\3924f7fd82f46e76f3b89b9828c3587c\System.ComponentModel.DataAnnotations.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\b323b1cd4f7e891c9b2def688895cd37\System.AddIn.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\89c1fb7b7684036e32dafff798d1a744\System.Activities.DurableInstancing.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\2dca989632203f2bc603d76492aff1f3\SMSvcHost.ni.exe + 2012-02-15 17:35 . 2012-02-15 17:35 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3ed5c98553688c7bd5fa0459ddc629bf\SMDiagnostics.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\f941120c158a98c56b2cd3488c056c6b\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\4a9409b232987a471b8437cd0a35a3ea\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\600f8ca5fcc54f10623903952fcc10ac\WsatConfig.ni.exe + 2012-02-15 17:41 . 2012-02-15 17:41 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\ddb96c334583dc79463edcb14ae16c99\WindowsFormsIntegration.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\152b577b846875cb3ac5e2097451daf0\UIAutomationClient.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\fb5fce5cf09733b71a796d1da399f07a\TaskScheduler.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\bc3bbe78635aeacaeea3b310ea5ff002\System.Xml.Linq.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\894b696a87ad47b5e18ac89954813a94\System.Web.Routing.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\a6885ee42ea49eb80f1bd18a5252684d\System.Web.Entity.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\88ffeea88ac9ce23de0c5a27a95e773a\System.Web.Entity.Design.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\7a311c3305dbbd5cfa2613997608a4ae\System.Web.DynamicData.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\e5069f3c90b4413dd2f3dc226c80bc68\System.Web.Abstractions.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\e238ca4ca02f9309283c98e1a4235bbd\System.Net.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\c340633057ed6b9ffcf2214cb348a1fa\System.Management.Instrumentation.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\c24a84d54ad05618cf6cab545c31b06b\System.IO.Log.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\be6635364f1af379afff83dd877a4e03\System.Data.Services.Design.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\027959159200e828ccfddaef5f01b3a9\System.Data.DataSetExtensions.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\8c954be3f8d070b1364844741ff4b4b1\System.ComponentModel.DataAnnotations.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\bd9159951d0caa9bf5c90c44fc96661b\System.AddIn.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\8bfc7a328911ae69686576bd24f4f771\SMSvcHost.ni.exe + 2012-02-15 17:39 . 2012-02-15 17:39 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\9c808282a0cfdc5bafcb43e1778d97d6\napsnap.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\616ce317134d4225fc7eec80f9351855\napinit.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\a4b5d98bf175a3f10c47f223195c34b0\MSBuild.ni.exe + 2012-02-15 17:39 . 2012-02-15 17:39 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\04532b2b5174ca249e01a8b21d0ba6fd\Microsoft.WSMan.Management.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\5cd854d075caf8b50de3c803b4303e03\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\cb1c199305d00b2424e707311eb9dcfd\Microsoft.Vsa.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\b2438f632ab1dcbb1cb91c5a1226aaf1\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d7f5b39fba028d2f9e2b3a772845a2a6\Microsoft.PowerShell.GraphicalHost.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\99bb7896ddbe74236efaa97733c63cbc\Microsoft.PowerShell.Commands.Diagnostics.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\71542ecf96342dc1464fe471852be89a\Microsoft.PowerShell.ConsoleHost.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0bafa5e2dc431bb12108395cf2e18773\Microsoft.PowerShell.Security.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\cf9be66d53dddbf49b75cead76ef3cea\Microsoft.MediaCenter.Mheg.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\f356844d3667b88d03bde2ae524659b6\Microsoft.Build.Utilities.v3.5.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\86f7fa65013864ae7da2fba058199dae\Microsoft.Build.Utilities.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\105e77fbca8c5bb29988f3847b0d599f\WsatConfig.ni.exe + 2012-02-15 17:32 . 2012-02-15 17:32 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\378a75654ab243a7c87425580ef5247f\WindowsLiveLocal.WriterPlugin.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e8295ba92cc9500c11e4326da94aa23d\WindowsLive.Writer.HtmlParser.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ccd8a870d49f1f6901964f3009e44704\WindowsLive.Writer.SpellChecker.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bc3de6e386e49d56770ce7026b0b0b42\WindowsLive.Writer.BrowserControl.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa6f0d8e2ce841ad6cfa150e7d19cbbf\WindowsLive.Writer.Controls.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8fb8f7ad92da63392ebd50214f98966c\WindowsLive.Writer.Interop.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\613e9162c5a92e05695b8ec520b6a6f5\WindowsLive.Writer.Instrumentation.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\54a1c00276597643ced64cad94707c44\WindowsLive.Writer.FileDestinations.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\52df063720cfdfb7e286e6c575bcdc98\WindowsLive.Writer.Extensibility.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3dc4ea44bcc90dc7fdd088969895feb6\WindowsLive.Writer.BlogClient.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\369786c29e4bb601f95f4c9f38ca4fb1\WindowsLive.Writer.HtmlEditor.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\22e9d9744c2bf7881ac1662232d688c2\WindowsLive.Writer.Api.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\203986a6f0128bf77b62f19d8b1076cf\WindowsLive.Writer.Mshtml.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 223232 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\7d367b5b97b897ff0e52d30b0a02d4ba\WindowsLive.Client.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\af6e0dd358a5edc094dca9e7957f1038\WindowsFormsIntegration.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d0972fea9e965a565c3cff76982709db\UIAutomationClient.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\ff345d3a2aaafb8a960c3d400e3c11a9\TaskScheduler.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\fa1161af51ab42a61bfac9d02d469a06\System.Xml.Linq.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\43e0731fbb58632563909f1fa5dfe063\System.Web.Routing.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\95f94674ddc4b1224df94bd7ae19c9ef\System.Web.Extensions.Design.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\4c569a365154300e49ab3450f74c2618\System.Web.Entity.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\fb21c5770bc64fc4105787238842f70d\System.Web.Entity.Design.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\785e2ad4125cef423bc367b37fabb71c\System.Web.DynamicData.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\685fb72f0189330eda1d62176fb38996\System.Web.Abstractions.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2273d6ab12c9ae0d52842a84d586b8df\System.Net.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\a717cdb44ec0d3238c621efa420a9956\System.Messaging.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b5930434d0d624701114e014513c9041\System.Management.Instrumentation.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7651951311f9d134e6bc08be7dc9ddc7\System.IO.Log.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8b0dc9405f292a93ddd52eb76bb88169\System.IdentityModel.Selectors.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\344d3289061b28a0f7fb19229f45bb9c\System.DirectoryServices.AccountManagement.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\6a6642467bcccf0345c5e9139e7fd9ae\System.Data.Services.Design.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\c1cf8e31da405f07780fa7b0f28cc650\System.Data.Entity.Design.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\71400a36c8621388031e00075f2fc8e9\System.Data.DataSetExtensions.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\05c4011ad0068d0af722b4b52677d915\System.AddIn.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\17b78ffee2144cf38f024e73b131158d\SMSvcHost.ni.exe + 2012-02-15 17:32 . 2012-02-15 17:32 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\62531ec9534c96e83de2bbd4edfd07e8\napsnap.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\bb49eea48fd5f546afc6d5be634d3cb9\napinit.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\4ac4095081957a001a6174c0b9f7f195\MSBuild.ni.exe + 2012-02-15 17:32 . 2012-02-15 17:32 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\bd5a72adac7a95585984d5bcce994b71\MMCFxCommon.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\928fb6b2401fffd8cc993578c3a04acd\Microsoft.WSMan.Management.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\481b6ebea3e357f29a4ec0e8193d36d3\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\eda566c4dc6595779c3c9dfc359575ed\Microsoft.PowerShell.ConsoleHost.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df4f6b6f33d84b7f438c3f3b66f0336d\Microsoft.PowerShell.Security.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\951235283ff1d4a91ffaa92ea8693249\Microsoft.PowerShell.GraphicalHost.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5f7928a2ffe462f16e25f03be01966e9\Microsoft.PowerShell.Commands.Management.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2015eca4346e34310e958089b22a9c62\Microsoft.PowerShell.Commands.Diagnostics.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\6386ef67ed70f53fe6424246d256190d\Microsoft.ManagementConsole.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c8e128b5e6ceee852cb1f8c165c2177e\Microsoft.Build.Utilities.v3.5.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9795da40a8ee0bc54e91792de7422152\Microsoft.Build.Utilities.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\be7ad749a064283deab76fad38bf2930\Microsoft.Build.Engine.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\f42105699650a206e2ae439ac54ad40a\Microsoft.Build.Conversion.v3.5.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\886a8c3d4f00567df779318fea56f28a\mcstoredb.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\58ea1059f397ccd13d6a8d94d7be7830\EventViewer.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\9d5219961228fb5236c843ea75c69d39\ehRecObj.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\6a07aa6df4d45d1485b6a2749647a3aa\ehExtHost32.ni.exe + 2012-02-15 17:32 . 2012-02-15 17:32 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\39ab6b73bdbaac85b90cc561761916f7\ComSvcConfig.ni.exe + 2012-02-15 17:31 . 2012-02-15 17:31 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\d89086a63a9d85aa9d719d7088e5ae69\BDATunePIA.ni.dll - 2009-07-14 04:54 . 2012-02-15 17:26 2736128 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-02-21 12:00 2736128 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 00:22 . 2009-07-14 01:41 1195008 c:\windows\system32\drivers\UMDF\WpdMtpDr.dll + 2009-07-14 04:45 . 2012-02-15 22:33 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45 . 2012-02-15 13:33 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2012-01-27 06:14 . 2012-02-21 11:58 1533424 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2012-01-27 06:14 . 2012-02-15 15:42 1533424 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2012-02-17 06:22 . 2012-02-17 06:22 9413632 c:\windows\Installer\6e921bd.msi + 2012-02-15 17:42 . 2012-02-15 17:42 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\9d5feeb6727e222673d5bd89f0620ddd\WindowsBase.ni.dll + 2012-02-15 17:52 . 2012-02-15 17:52 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\68f44d619637fac197ee6c8ac9f2aec9\UIAutomationClientsideProviders.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\ff247393a6deb90d63811aa88c84dc7e\System.Xml.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e158bd31f13cbc20f6fc7c7f426113d7\System.Xaml.ni.dll + 2012-02-15 17:52 . 2012-02-15 17:52 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\843d0370292b7b124f9b9231f87e8e6a\System.Windows.Forms.DataVisualization.ni.dll + 2012-02-15 17:52 . 2012-02-15 17:52 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\be0e793afecb54a67a688e4528676e70\System.Web.Services.ni.dll + 2012-02-15 17:52 . 2012-02-15 17:52 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\ae3a837b63de8d3f3fc63a7bfc16589a\System.Speech.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\aec154cbfb0eec1497fb89ebd6deb344\System.ServiceModel.Discovery.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\80b8b6324a73493227b2672b2d6820d3\System.ServiceModel.Activities.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\717540eea541a2769a6cf621fd948678\System.Runtime.Serialization.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\dc7fbde064d5710780a6b8f27554dc57\System.Runtime.DurableInstancing.ni.dll + 2012-02-15 17:49 . 2012-02-15 17:49 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\31c34917df5f24f1ffdd62bfa23f2fb7\System.Printing.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\15112a35e0e355fc344792e49c41628f\System.Management.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\bffc049b6775c3f6f144917a4387a0be\System.IdentityModel.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\fef2650a5b3bf39527150b4058762611\System.EnterpriseServices.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 2290688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\0443ad47a6be56beca12a7a13261c8ed\System.Drawing.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 1217536 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\d94ef12e883b2354af26f19ec7e25110\System.DirectoryServices.AccountManagement.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\026c74ff72ba4fce837134953778e755\System.DirectoryServices.ni.dll + 2012-02-15 17:49 . 2012-02-15 17:49 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\e8e5fcc8e7eb9ce898be3c22e8902ee4\System.Deployment.ni.dll + 2012-02-15 17:49 . 2012-02-15 17:49 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\8d734fe538fe6f226eab465c8d8e3d5c\System.Data.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\83aa1c4f17f57067d3be29e560331349\System.Data.SqlXml.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 1798656 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\6a0bcd0e756819ea795b161d2156e9a8\System.Data.Services.Client.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\1548624d8ec5142825864c5f59be9b49\System.Data.Linq.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\2672be84bcad1c772163d15db0e2864e\System.Configuration.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\228bb21cab2c9ce2f69d5e24a9352a3f\System.ComponentModel.Composition.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\36f5aa69b510e3aeb24ef402d12c20e0\System.Activities.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\7be5ac01354a0c03d5587607687de1e1\System.Activities.Presentation.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\8d549e47084ec2661c944a1eeb9a2be5\System.Activities.Core.Presentation.ni.dll + 2012-02-15 17:49 . 2012-02-15 17:49 4232704 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\8d8f46afc9b2b65144f29a609f63398e\ReachFramework.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 2056192 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\735f127d0957bacdfe6522f0b8a2dcb0\PresentationUI.ni.dll + 2012-02-15 17:42 . 2012-02-15 17:42 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6b82e7a7001a661cb712067b75b7c5ec\Microsoft.VisualBasic.Activities.Compiler.ni.dll + 2012-02-15 17:42 . 2012-02-15 17:42 1838080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6a21c9b7113a1bd6eddff12e138fc96b\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-02-15 17:42 . 2012-02-15 17:42 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\60ff6c1510fb0e2d70e616650eb7ae47\Microsoft.VisualBasic.ni.dll + 2012-02-15 17:42 . 2012-02-15 17:42 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\2e6537fafd64c81032b0aaebb7d3180a\Microsoft.Transactions.Bridge.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\f38dbc9d7ebe981a7c22b72dffb4a2af\Microsoft.JScript.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\1cf22b5ea0ef63e71b6416a36b656b8a\Microsoft.CSharp.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\de58d9a7cb1ebe18d9519943fb351105\UIAutomationClientsideProviders.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b74e1ad9110a39851b12cb46b3954163\System.Xaml.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\f0d119151e7a4d59698125eb4b4275ee\System.Windows.Forms.DataVisualization.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\4d39c6a77db47caf40787ec818691ded\System.Web.Services.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\572316066654286b4629c0a680a76e1b\System.Speech.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 1392640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4d1a64fc317c7d5de7321ef42d9443aa\System.ServiceModel.Activities.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\26150ab602b494d300ae488f81dbef9b\System.ServiceModel.Discovery.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7aa036e91909e1bc5e1d35b673defab2\System.Runtime.Serialization.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\a2011e79b6ef1c5381d110f75685008c\System.Runtime.DurableInstancing.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\dcbff6c9c548b51344cc4ad4893646b2\System.Printing.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\b7bf9745b6ac67086c7364ee34174c51\System.Management.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\38b6bf7d0ee6cea88d785e52e991627c\System.IdentityModel.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\94f406f804865ec1ef81acaf426e48ca\System.DirectoryServices.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\d612e5ab6df30b2018730c781e979ce8\System.Deployment.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\6bbce53ef9b6e8b9204929342f503647\System.Data.Services.Client.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\3d60413b16725524801275d92249169b\System.Activities.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\bb8932dfd01f4c645f9902fd703cde49\System.Activities.Presentation.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\d92c6df050f16ca2610191d283d826bb\System.Activities.Core.Presentation.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 2907136 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\6f94955023126311d6aaa840f8852023\ReachFramework.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\a593524fad58317c70d237d214a25204\PresentationUI.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\70a16497eb1cc16502203fb15014fd35\Microsoft.VisualBasic.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1136128 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\4de0dca5c413e316f948daad4b5e2d6f\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-02-15 17:35 . 2012-02-15 17:35 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2308d9bc9e1b4fa300140d447aa34d51\Microsoft.VisualBasic.Activities.Compiler.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\38b6c0eb820c7b8ce3efb4bdfb6ba480\Microsoft.Transactions.Bridge.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\5beb57c4dedf5103ee84b16d0d269093\Microsoft.JScript.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\dac9f71ca1332da2a359e2d07589b7e9\UIAutomationClientsideProviders.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\5571a92171f93c8a4806b9f1805f1c56\System.WorkflowServices.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\2b012fd0a270bdac848843047bb93312\System.Web.Mobile.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\cf203792167bd243b057b8daf79e0d98\System.Web.Extensions.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\7f261dc1eaa3e4e0b93c44678888dd44\System.Web.Extensions.Design.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\a49bc70b640e21c9bcecbd8122203283\System.Speech.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\8ef813ce3f85ea3b3f499d734ac8019e\System.ServiceModel.Web.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\6860203a3f244d4c6b89ff38a9c9cadb\System.Management.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\48a91957a4b86c3bcebec68eb1471def\System.DirectoryServices.AccountManagement.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\2dd10ff57a987aa347518b0abfcaf8b3\System.Data.Services.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\0177f6ff2b3faf1805b3ba63e0e20ad0\System.Data.Services.Client.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\dd28d55dd94fb4d1e4dca6393e4b15a4\System.Data.Linq.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\caf124d5431e8d8aba046e54a8b7dea5\System.Data.Entity.Design.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\9e59bc2c8cf98cd315468ca01f68663c\System.Core.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\0618574a66f03040f765c43693bf58f6\PresentationBuildTasks.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\24f9a2d494b01bcbc6919f60a278c715\Narrator.ni.exe + 2012-02-15 17:39 . 2012-02-15 17:39 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\8988116626390eae76ef9e492c0e2894\MMCEx.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\e05059a258a8b75d8981f29ecd9baf72\Microsoft.VisualBasic.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ecc930a57b339ba3d126b05b2d756a01\Microsoft.PowerShell.Editor.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\8d5a4862d0e61fdd2e958fc989df3cca\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\713f3cf6037ed7047485c738934f9054\Microsoft.PowerShell.GPowerShell.ni.dll + 2012-02-15 17:39 . 2012-02-15 17:39 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\09516cb547f50c165051c5512c0770d3\Microsoft.PowerShell.Commands.Management.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5e550f8b6414d82551174d1dd0f8f15c\Microsoft.MediaCenter.Bml.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\551b383e39b9fedb84e25c9fc7d763ee\Microsoft.JScript.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\2ec15928bc76c2a6af54ad507c513cd4\Microsoft.Ink.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4ccd2dddff73b52cd77ecaed30075b09\Microsoft.Build.Tasks.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\35cee0a531b3136b21b2c7e2ff56b5eb\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\a22f83fa561173b77ee1215e0dfd7a76\Microsoft.Build.Engine.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\5cd9b4020f38edbdc2718884fe3e68f0\Microsoft.Build.Engine.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 7026176 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a468e7062f69218aada710149fe64a9f\WindowsLive.Writer.PostEditor.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5831e8e7ec7a294d7daf5d20ea697176\WindowsLive.Writer.CoreServices.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\57f2870b60df33107c4360c356da72b7\WindowsLive.Writer.Localization.ni.dll + 2012-02-15 17:31 . 2012-02-15 17:31 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\34b4db9f6a72b19fe1842e9f6fdad5b7\WindowsLive.Writer.ApplicationFramework.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\c463ccf17b00f16ed8e60a6ba1cb46e5\UIAutomationClientsideProviders.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\99f03be29e7f6de2f4bc278b83f0761b\System.WorkflowServices.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0eada94e6fc22ecdf69ec412fe7df0b9\System.Web.Mobile.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8ae9ee071050afc6dce19f5248817d66\System.Web.Extensions.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\8e4b0ae89bdfbe3eac1b79dacef4ef79\System.Speech.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0113a0162fe157bb4f0130a60bbcad1a\System.ServiceModel.Web.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\f4d8c56c790b998bd1bb971905bfae78\System.Management.Automation.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\47c2a93f42a371ac1b3756d098ac18a5\System.Data.Services.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3763b8ac5fa0a96ad5100a53b10b4449\System.Data.Services.Client.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1fe993f1045190570a2c69cb32f9d62d\System.Data.Linq.ni.dll + 2012-02-15 17:34 . 2012-02-15 17:34 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\932542a144496e3a9cb9155270fd4492\System.Data.Entity.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\d2c547794ac1c167fe24904e6848d5cc\PresentationBuildTasks.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\308236e39e3ad82c6b5bfa2d955735e3\Narrator.ni.exe + 2012-02-15 17:33 . 2012-02-15 17:33 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\b792eec16fb24a0f73ca20e1551bfcbf\MMCEx.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\44f2bd588202e6bdacf0b867c7011057\MIGUIControls.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\659bc287f3b51e5e604208ce93d983ec\Microsoft.VisualBasic.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1a6921bcfb8ade6652efb9f095b275f1\Microsoft.Transactions.Bridge.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\86fa49490bc929adf75488903f0dac4b\Microsoft.PowerShell.Editor.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\413c3be0ba8ed04984a0bb3044e0c2e0\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2f66392066352b804d8022664e7bf8de\Microsoft.PowerShell.GPowerShell.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\558d4558f0857891cf0d41d818e7b490\Microsoft.MediaCenter.UI.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\03d64144ed3ea21cbeea0c872ece14b6\Microsoft.MediaCenter.ni.dll + 2012-02-15 17:33 . 2012-02-15 17:33 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\09cea564f5888335ef97bd104d7e4ea6\Microsoft.JScript.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\ca0dacd1a4dc23e5d7bb3e6548282b6b\Microsoft.Ink.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\e566cc5fe7ad95b0a9fca152b335b551\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2b23923536c41d0fb8ab658f6c9a95c1\Microsoft.Build.Tasks.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b8459651fae37b63ab314350a8eff8a\Microsoft.Build.Engine.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\103b0155f85ff08fc9940bd0c3aa0128\mcstore.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\c28c1427f0691e070b77b4ad97000e4c\mcepg.ni.dll + 2012-01-07 04:03 . 2012-02-18 14:06 40916548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2075945034-679189341-3693907279-1000-12288.dat - 2012-01-07 04:03 . 2012-02-15 13:26 40916548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2075945034-679189341-3693907279-1000-12288.dat - 2012-01-08 21:48 . 2012-02-15 15:43 48737724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat + 2012-01-08 21:48 . 2012-02-18 21:32 48737724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat + 2012-02-15 22:26 . 2012-02-15 22:26 20333056 c:\windows\Installer\1142eec.msp + 2012-02-15 17:49 . 2012-02-15 17:49 17290752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\97347a1967260991cca95e94b5ba2d41\System.Windows.Forms.ni.dll + 2012-02-15 17:51 . 2012-02-15 17:51 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\49314ff27e3a21bbb1fb675a295f6571\System.ServiceModel.ni.dll + 2012-02-15 17:50 . 2012-02-15 17:50 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\78e35b4bf12ee4833ed720a490e958f2\System.Data.Entity.ni.dll + 2012-02-15 17:41 . 2012-02-15 17:41 10439168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\fcefa2871c7dc4d397ff8c6f92abf0d5\System.Core.ni.dll + 2012-02-15 17:43 . 2012-02-15 17:43 24406528 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\d0dddbe96a81cd6869f9643fa2809d71\PresentationFramework.ni.dll + 2012-02-15 17:42 . 2012-02-15 17:42 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\efb6d518bb284cdc29a96068726320c0\PresentationCore.ni.dll + 2012-02-15 17:37 . 2012-02-15 17:37 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\b711fe4f8f23da12b205be1d231d4e2e\System.ServiceModel.ni.dll + 2012-02-15 17:36 . 2012-02-15 17:36 13346816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\0816c3b4ab4f25931be80ef29db36024\System.Data.Entity.ni.dll + 2012-02-15 17:38 . 2012-02-15 17:38 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\e18dbed9e34d7d56cc7e2f683de12237\System.Management.Automation.ni.dll + 2012-02-15 17:40 . 2012-02-15 17:40 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\00b730e56986ad4f378e420fa8606395\System.Data.Entity.ni.dll + 2012-02-15 17:32 . 2012-02-15 17:32 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll . -- Snapshot reset to current date --
stdrt.exe running in temp folder

Rovot replied to Rovot's topic in Resolved Malware Removal Logs

13:52:35.0372 5144 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14 13:52:36.0593 5144 ============================================================ 13:52:36.0593 5144 Current date / time: 2012/02/21 13:52:36.0593 13:52:36.0593 5144 SystemInfo: 13:52:36.0593 5144 13:52:36.0593 5144 OS Version: 6.1.7601 ServicePack: 1.0 13:52:36.0593 5144 Product type: Workstation 13:52:36.0593 5144 ComputerName: LAPPY 13:52:36.0609 5144 UserName: Guillermo 13:52:36.0609 5144 Windows directory: C:\Windows 13:52:36.0609 5144 System windows directory: C:\Windows 13:52:36.0609 5144 Running under WOW64 13:52:36.0609 5144 Processor architecture: Intel x64 13:52:36.0609 5144 Number of processors: 4 13:52:36.0609 5144 Page size: 0x1000 13:52:36.0609 5144 Boot type: Normal boot 13:52:36.0609 5144 ============================================================ 13:52:42.0671 5144 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:52:43.0104 5144 \Device\Harddisk0\DR0: 13:52:43.0254 5144 MBR used 13:52:43.0254 5144 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x4E22CEC, BlocksNum 0xC6B461E 13:52:43.0427 5144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4D8B49, BlocksNum 0xFA574BE 13:52:45.0991 5144 Initialize success 13:52:45.0991 5144 ============================================================ 13:53:57.0316 4644 ============================================================ 13:53:57.0316 4644 Scan started 13:53:57.0316 4644 Mode: Manual; SigCheck; TDLFS; 13:53:57.0316 4644 ============================================================ 13:54:00.0419 4644 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 13:54:00.0809 4644 1394ohci - ok 13:54:00.0934 4644 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 13:54:00.0965 4644 ACPI - ok 13:54:01.0043 4644 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 13:54:01.0215 4644 AcpiPmi - ok 13:54:01.0339 4644 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 13:54:01.0386 4644 adp94xx - ok 13:54:01.0464 4644 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 13:54:01.0495 4644 adpahci - ok 13:54:01.0558 4644 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 13:54:01.0589 4644 adpu320 - ok 13:54:01.0667 4644 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 13:54:01.0776 4644 AFD - ok 13:54:01.0885 4644 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 13:54:01.0917 4644 agp440 - ok 13:54:01.0979 4644 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 13:54:02.0010 4644 aliide - ok 13:54:02.0057 4644 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 13:54:02.0088 4644 amdide - ok 13:54:02.0135 4644 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 13:54:02.0197 4644 AmdK8 - ok 13:54:02.0244 4644 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 13:54:02.0291 4644 AmdPPM - ok 13:54:02.0353 4644 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 13:54:02.0385 4644 amdsata - ok 13:54:02.0463 4644 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 13:54:02.0494 4644 amdsbs - ok 13:54:02.0556 4644 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 13:54:02.0572 4644 amdxata - ok 13:54:02.0650 4644 AMPPAL (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys 13:54:02.0775 4644 AMPPAL - ok 13:54:02.0884 4644 AMPPALP (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys 13:54:02.0899 4644 AMPPALP - ok 13:54:03.0009 4644 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys 13:54:03.0102 4644 Andbus - ok 13:54:03.0211 4644 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys 13:54:03.0274 4644 AndDiag - ok 13:54:03.0336 4644 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys 13:54:03.0383 4644 AndGps - ok 13:54:03.0461 4644 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys 13:54:03.0539 4644 ANDModem - ok 13:54:03.0648 4644 androidusb (9c1751b2e733471ae07561028b7d2a9b) C:\Windows\system32\Drivers\lgandadb.sys 13:54:03.0695 4644 androidusb - ok 13:54:03.0789 4644 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 13:54:03.0991 4644 AppID - ok 13:54:04.0163 4644 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 13:54:04.0194 4644 arc - ok 13:54:04.0272 4644 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 13:54:04.0303 4644 arcsas - ok 13:54:04.0397 4644 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 13:54:04.0459 4644 ASMMAP64 - ok 13:54:04.0569 4644 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 13:54:04.0709 4644 AsyncMac - ok 13:54:04.0771 4644 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 13:54:04.0803 4644 atapi - ok 13:54:04.0912 4644 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 13:54:05.0052 4644 athr - ok 13:54:05.0146 4644 ATKWMIACPIIO (ac31727f9946e9009480708e4d1b9986) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 13:54:05.0161 4644 ATKWMIACPIIO - ok 13:54:05.0302 4644 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 13:54:05.0380 4644 b06bdrv - ok 13:54:05.0473 4644 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 13:54:05.0520 4644 b57nd60a - ok 13:54:05.0645 4644 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 13:54:05.0723 4644 Beep - ok 13:54:05.0817 4644 BlackBox - ok 13:54:05.0879 4644 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 13:54:05.0926 4644 blbdrive - ok 13:54:06.0004 4644 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 13:54:06.0082 4644 bowser - ok 13:54:06.0191 4644 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 13:54:06.0238 4644 BrFiltLo - ok 13:54:06.0285 4644 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 13:54:06.0316 4644 BrFiltUp - ok 13:54:06.0425 4644 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 13:54:06.0519 4644 BridgeMP - ok 13:54:06.0628 4644 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 13:54:06.0706 4644 Brserid - ok 13:54:06.0799 4644 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 13:54:06.0846 4644 BrSerWdm - ok 13:54:06.0877 4644 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 13:54:06.0924 4644 BrUsbMdm - ok 13:54:06.0971 4644 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 13:54:07.0002 4644 BrUsbSer - ok 13:54:07.0080 4644 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 13:54:07.0158 4644 BthEnum - ok 13:54:07.0267 4644 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 13:54:07.0314 4644 BTHMODEM - ok 13:54:07.0361 4644 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 13:54:07.0423 4644 BthPan - ok 13:54:07.0501 4644 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 13:54:07.0579 4644 BTHPORT - ok 13:54:07.0689 4644 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 13:54:07.0720 4644 BTHUSB - ok 13:54:07.0782 4644 btmaux (270fba230e78e25726d065a924589a72) C:\Windows\system32\DRIVERS\btmaux.sys 13:54:07.0845 4644 btmaux - ok 13:54:07.0938 4644 btmhsf (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys 13:54:08.0001 4644 btmhsf - ok 13:54:08.0032 4644 catchme - ok 13:54:08.0125 4644 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 13:54:08.0203 4644 cdfs - ok 13:54:08.0313 4644 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 13:54:08.0359 4644 cdrom - ok 13:54:08.0469 4644 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 13:54:08.0515 4644 circlass - ok 13:54:08.0578 4644 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 13:54:08.0593 4644 CLFS - ok 13:54:08.0703 4644 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 13:54:08.0749 4644 CmBatt - ok 13:54:08.0827 4644 cmdGuard (755f1e440b6c90d83fe3e50331e55298) C:\Windows\system32\DRIVERS\cmdguard.sys 13:54:08.0890 4644 cmdGuard - ok 13:54:08.0952 4644 cmdHlp (4b5b1688ab86ebced4bef8d337e9a722) C:\Windows\system32\DRIVERS\cmdhlp.sys 13:54:08.0968 4644 cmdHlp - ok 13:54:09.0030 4644 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 13:54:09.0046 4644 cmdide - ok 13:54:09.0124 4644 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 13:54:09.0217 4644 CNG - ok 13:54:09.0311 4644 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 13:54:09.0327 4644 Compbatt - ok 13:54:09.0373 4644 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 13:54:09.0405 4644 CompositeBus - ok 13:54:09.0498 4644 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 13:54:09.0514 4644 crcdisk - ok 13:54:09.0607 4644 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 13:54:09.0670 4644 DfsC - ok 13:54:09.0685 4644 DIRECTIO - ok 13:54:09.0717 4644 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 13:54:09.0795 4644 discache - ok 13:54:09.0857 4644 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 13:54:09.0888 4644 Disk - ok 13:54:09.0982 4644 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 13:54:10.0013 4644 drmkaud - ok 13:54:10.0075 4644 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 13:54:10.0122 4644 DXGKrnl - ok 13:54:10.0278 4644 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 13:54:10.0403 4644 ebdrv - ok 13:54:10.0512 4644 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 13:54:10.0528 4644 ElbyCDIO - ok 13:54:10.0621 4644 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 13:54:10.0668 4644 elxstor - ok 13:54:10.0699 4644 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 13:54:10.0762 4644 ErrDev - ok 13:54:10.0887 4644 ETD (871ab1bfa00eca5dfde99d6eece1bfd4) C:\Windows\system32\DRIVERS\ETD.sys 13:54:10.0918 4644 ETD - ok 13:54:11.0011 4644 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 13:54:11.0089 4644 exfat - ok 13:54:11.0136 4644 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 13:54:11.0183 4644 fastfat - ok 13:54:11.0245 4644 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 13:54:11.0292 4644 fdc - ok 13:54:11.0370 4644 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 13:54:11.0401 4644 FileInfo - ok 13:54:11.0448 4644 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 13:54:11.0526 4644 Filetrace - ok 13:54:11.0573 4644 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 13:54:11.0604 4644 flpydisk - ok 13:54:11.0667 4644 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 13:54:11.0698 4644 FltMgr - ok 13:54:11.0745 4644 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 13:54:11.0776 4644 FsDepends - ok 13:54:11.0854 4644 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 13:54:11.0869 4644 fssfltr - ok 13:54:11.0932 4644 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 13:54:11.0963 4644 Fs_Rec - ok 13:54:12.0010 4644 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 13:54:12.0041 4644 fvevol - ok 13:54:12.0088 4644 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 13:54:12.0119 4644 gagp30kx - ok 13:54:12.0166 4644 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 13:54:12.0228 4644 hcw85cir - ok 13:54:12.0337 4644 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 13:54:12.0415 4644 HdAudAddService - ok 13:54:12.0525 4644 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 13:54:12.0556 4644 HDAudBus - ok 13:54:12.0603 4644 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 13:54:12.0634 4644 HidBatt - ok 13:54:12.0649 4644 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 13:54:12.0681 4644 HidBth - ok 13:54:12.0774 4644 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 13:54:12.0821 4644 HidIr - ok 13:54:12.0915 4644 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 13:54:12.0961 4644 HidUsb - ok 13:54:13.0039 4644 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 13:54:13.0055 4644 HpSAMD - ok 13:54:13.0149 4644 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 13:54:13.0227 4644 HTTP - ok 13:54:13.0273 4644 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 13:54:13.0273 4644 hwpolicy - ok 13:54:13.0336 4644 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 13:54:13.0351 4644 i8042prt - ok 13:54:13.0429 4644 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys 13:54:13.0461 4644 iaStor - ok 13:54:13.0539 4644 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 13:54:13.0570 4644 iaStorV - ok 13:54:13.0632 4644 iBtFltCoex (de9e40baee2e48fd1e3eb423074c014c) C:\Windows\system32\DRIVERS\iBtFltCoex.sys 13:54:13.0663 4644 iBtFltCoex - ok 13:54:14.0101 4644 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys 13:54:14.0470 4644 igfx - ok 13:54:14.0576 4644 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 13:54:14.0597 4644 iirsp - ok 13:54:14.0657 4644 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys 13:54:14.0682 4644 inspect - ok 13:54:14.0741 4644 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys 13:54:14.0763 4644 intaud_WaveExtensible - ok 13:54:14.0920 4644 IntcAzAudAddService (02c93ebaa4421418411448fe7fdfd815) C:\Windows\system32\drivers\RTKVHD64.sys 13:54:15.0028 4644 IntcAzAudAddService - ok 13:54:15.0109 4644 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 13:54:15.0152 4644 IntcDAud - ok 13:54:15.0212 4644 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 13:54:15.0234 4644 intelide - ok 13:54:15.0295 4644 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 13:54:15.0338 4644 intelppm - ok 13:54:15.0393 4644 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:54:15.0456 4644 IpFilterDriver - ok 13:54:15.0500 4644 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 13:54:15.0547 4644 IPMIDRV - ok 13:54:15.0595 4644 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 13:54:15.0645 4644 IPNAT - ok 13:54:15.0695 4644 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 13:54:15.0772 4644 IRENUM - ok 13:54:15.0866 4644 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 13:54:15.0897 4644 isapnp - ok 13:54:15.0944 4644 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 13:54:15.0975 4644 iScsiPrt - ok 13:54:16.0022 4644 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys 13:54:16.0037 4644 iwdbus - ok 13:54:16.0100 4644 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 13:54:16.0131 4644 kbdclass - ok 13:54:16.0178 4644 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 13:54:16.0240 4644 kbdhid - ok 13:54:16.0349 4644 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 13:54:16.0365 4644 kbfiltr - ok 13:54:16.0427 4644 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 13:54:16.0459 4644 KSecDD - ok 13:54:16.0505 4644 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 13:54:16.0521 4644 KSecPkg - ok 13:54:16.0599 4644 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 13:54:16.0661 4644 ksthunk - ok 13:54:16.0755 4644 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys 13:54:16.0786 4644 L1C - ok 13:54:16.0880 4644 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 13:54:16.0942 4644 lltdio - ok 13:54:17.0051 4644 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 13:54:17.0083 4644 LSI_FC - ok 13:54:17.0114 4644 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 13:54:17.0145 4644 LSI_SAS - ok 13:54:17.0207 4644 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 13:54:17.0239 4644 LSI_SAS2 - ok 13:54:17.0285 4644 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 13:54:17.0317 4644 LSI_SCSI - ok 13:54:17.0379 4644 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 13:54:17.0410 4644 luafv - ok 13:54:17.0519 4644 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 13:54:17.0551 4644 MBAMProtector - ok 13:54:17.0613 4644 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 13:54:17.0629 4644 megasas - ok 13:54:17.0691 4644 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 13:54:17.0722 4644 MegaSR - ok 13:54:17.0800 4644 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 13:54:17.0816 4644 MEIx64 - ok 13:54:17.0894 4644 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 13:54:17.0972 4644 Modem - ok 13:54:18.0034 4644 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 13:54:18.0081 4644 monitor - ok 13:54:18.0143 4644 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 13:54:18.0159 4644 mouclass - ok 13:54:18.0206 4644 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 13:54:18.0253 4644 mouhid - ok 13:54:18.0299 4644 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 13:54:18.0331 4644 mountmgr - ok 13:54:18.0393 4644 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 13:54:18.0424 4644 MpFilter - ok 13:54:18.0502 4644 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 13:54:18.0518 4644 mpio - ok 13:54:18.0596 4644 MpKsl4854c672 - ok 13:54:18.0674 4644 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 13:54:18.0674 4644 MpNWMon - ok 13:54:18.0736 4644 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 13:54:18.0767 4644 mpsdrv - ok 13:54:18.0814 4644 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 13:54:18.0877 4644 MRxDAV - ok 13:54:18.0939 4644 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 13:54:19.0001 4644 mrxsmb - ok 13:54:19.0064 4644 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:54:19.0111 4644 mrxsmb10 - ok 13:54:19.0142 4644 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:54:19.0173 4644 mrxsmb20 - ok 13:54:19.0235 4644 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 13:54:19.0251 4644 msahci - ok 13:54:19.0298 4644 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 13:54:19.0313 4644 msdsm - ok 13:54:19.0376 4644 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 13:54:19.0438 4644 Msfs - ok 13:54:19.0469 4644 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 13:54:19.0547 4644 mshidkmdf - ok 13:54:19.0594 4644 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 13:54:19.0610 4644 msisadrv - ok 13:54:19.0657 4644 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 13:54:19.0719 4644 MSKSSRV - ok 13:54:19.0797 4644 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 13:54:19.0859 4644 MSPCLOCK - ok 13:54:19.0891 4644 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 13:54:19.0953 4644 MSPQM - ok 13:54:20.0015 4644 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 13:54:20.0047 4644 MsRPC - ok 13:54:20.0093 4644 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 13:54:20.0109 4644 mssmbios - ok 13:54:20.0171 4644 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 13:54:20.0234 4644 MSTEE - ok 13:54:20.0281 4644 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 13:54:20.0312 4644 MTConfig - ok 13:54:20.0359 4644 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 13:54:20.0374 4644 Mup - ok 13:54:20.0515 4644 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 13:54:20.0561 4644 NativeWifiP - ok 13:54:20.0671 4644 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 13:54:20.0749 4644 NDIS - ok 13:54:20.0811 4644 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 13:54:20.0873 4644 NdisCap - ok 13:54:20.0920 4644 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 13:54:21.0014 4644 NdisTapi - ok 13:54:21.0045 4644 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 13:54:21.0123 4644 Ndisuio - ok 13:54:21.0185 4644 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 13:54:21.0279 4644 NdisWan - ok 13:54:21.0310 4644 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 13:54:21.0373 4644 NDProxy - ok 13:54:21.0419 4644 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 13:54:21.0482 4644 NetBIOS - ok 13:54:21.0529 4644 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 13:54:21.0591 4644 NetBT - ok 13:54:21.0794 4644 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys 13:54:22.0043 4644 NETwNs64 - ok 13:54:22.0137 4644 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 13:54:22.0153 4644 nfrd960 - ok 13:54:22.0215 4644 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 13:54:22.0231 4644 NisDrv - ok 13:54:22.0309 4644 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 13:54:22.0402 4644 Npfs - ok 13:54:22.0496 4644 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 13:54:22.0558 4644 nsiproxy - ok 13:54:22.0667 4644 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 13:54:22.0745 4644 Ntfs - ok 13:54:22.0808 4644 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 13:54:22.0886 4644 Null - ok 13:54:22.0995 4644 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 13:54:23.0026 4644 nvraid - ok 13:54:23.0057 4644 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 13:54:23.0073 4644 nvstor - ok 13:54:23.0151 4644 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 13:54:23.0167 4644 nv_agp - ok 13:54:23.0213 4644 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 13:54:23.0229 4644 ohci1394 - ok 13:54:23.0291 4644 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 13:54:23.0307 4644 Parport - ok 13:54:23.0401 4644 Partizan - ok 13:54:23.0463 4644 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 13:54:23.0479 4644 partmgr - ok 13:54:23.0525 4644 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 13:54:23.0557 4644 pci - ok 13:54:23.0603 4644 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 13:54:23.0619 4644 pciide - ok 13:54:23.0666 4644 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 13:54:23.0681 4644 pcmcia - ok 13:54:23.0728 4644 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 13:54:23.0744 4644 pcw - ok 13:54:23.0806 4644 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 13:54:23.0869 4644 PEAUTH - ok 13:54:23.0993 4644 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 13:54:24.0056 4644 PptpMiniport - ok 13:54:24.0118 4644 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 13:54:24.0165 4644 Processor - ok 13:54:24.0274 4644 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 13:54:24.0352 4644 Psched - ok 13:54:24.0493 4644 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 13:54:24.0586 4644 ql2300 - ok 13:54:24.0633 4644 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 13:54:24.0649 4644 ql40xx - ok 13:54:24.0695 4644 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 13:54:24.0742 4644 QWAVEdrv - ok 13:54:24.0789 4644 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 13:54:24.0851 4644 RasAcd - ok 13:54:24.0945 4644 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 13:54:24.0992 4644 RasAgileVpn - ok 13:54:25.0039 4644 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 13:54:25.0101 4644 Rasl2tp - ok 13:54:25.0163 4644 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 13:54:25.0226 4644 RasPppoe - ok 13:54:25.0288 4644 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 13:54:25.0351 4644 RasSstp - ok 13:54:25.0382 4644 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 13:54:25.0475 4644 rdbss - ok 13:54:25.0507 4644 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 13:54:25.0522 4644 rdpbus - ok 13:54:25.0585 4644 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 13:54:25.0647 4644 RDPCDD - ok 13:54:25.0678 4644 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 13:54:25.0756 4644 RDPENCDD - ok 13:54:25.0834 4644 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 13:54:25.0881 4644 RDPREFMP - ok 13:54:25.0928 4644 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 13:54:25.0959 4644 RDPWD - ok 13:54:26.0006 4644 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 13:54:26.0037 4644 rdyboost - ok 13:54:26.0100 4644 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 13:54:26.0146 4644 RFCOMM - ok 13:54:26.0256 4644 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 13:54:26.0349 4644 rspndr - ok 13:54:26.0396 4644 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 13:54:26.0427 4644 sbp2port - ok 13:54:26.0490 4644 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 13:54:26.0583 4644 scfilter - ok 13:54:26.0630 4644 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 13:54:26.0708 4644 secdrv - ok 13:54:26.0755 4644 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 13:54:26.0802 4644 Serenum - ok 13:54:26.0880 4644 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 13:54:26.0911 4644 Serial - ok 13:54:26.0973 4644 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 13:54:27.0020 4644 sermouse - ok 13:54:27.0082 4644 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 13:54:27.0145 4644 sffdisk - ok 13:54:27.0223 4644 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 13:54:27.0254 4644 sffp_mmc - ok 13:54:27.0270 4644 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 13:54:27.0301 4644 sffp_sd - ok 13:54:27.0348 4644 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 13:54:27.0379 4644 sfloppy - ok 13:54:27.0457 4644 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 13:54:27.0519 4644 SiSGbeLH - ok 13:54:27.0582 4644 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 13:54:27.0597 4644 SiSRaid2 - ok 13:54:27.0660 4644 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 13:54:27.0691 4644 SiSRaid4 - ok 13:54:27.0753 4644 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 13:54:27.0816 4644 Smb - ok 13:54:27.0972 4644 SNP2UVC (c98375d19f9e9966f6201bae65fb3728) C:\Windows\system32\DRIVERS\snp2uvc.sys 13:54:28.0065 4644 SNP2UVC - ok 13:54:28.0174 4644 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 13:54:28.0206 4644 spldr - ok 13:54:28.0268 4644 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 13:54:28.0330 4644 srv - ok 13:54:28.0408 4644 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 13:54:28.0455 4644 srv2 - ok 13:54:28.0518 4644 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 13:54:28.0564 4644 srvnet - ok 13:54:28.0674 4644 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 13:54:28.0705 4644 stexstor - ok 13:54:28.0767 4644 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 13:54:28.0783 4644 swenum - ok 13:54:28.0939 4644 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 13:54:29.0001 4644 Tcpip - ok 13:54:29.0110 4644 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 13:54:29.0157 4644 TCPIP6 - ok 13:54:29.0204 4644 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 13:54:29.0266 4644 tcpipreg - ok 13:54:29.0344 4644 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 13:54:29.0407 4644 TDPIPE - ok 13:54:29.0454 4644 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 13:54:29.0532 4644 TDTCP - ok 13:54:29.0594 4644 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 13:54:29.0641 4644 tdx - ok 13:54:29.0688 4644 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 13:54:29.0719 4644 TermDD - ok 13:54:29.0828 4644 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 13:54:29.0906 4644 tssecsrv - ok 13:54:29.0968 4644 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 13:54:30.0015 4644 TsUsbFlt - ok 13:54:30.0062 4644 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 13:54:30.0109 4644 TsUsbGD - ok 13:54:30.0171 4644 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 13:54:30.0249 4644 tunnel - ok 13:54:30.0280 4644 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 13:54:30.0296 4644 uagp35 - ok 13:54:30.0343 4644 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 13:54:30.0405 4644 udfs - ok 13:54:30.0452 4644 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 13:54:30.0483 4644 uliagpkx - ok 13:54:30.0530 4644 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 13:54:30.0577 4644 umbus - ok 13:54:30.0624 4644 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 13:54:30.0670 4644 UmPass - ok 13:54:30.0748 4644 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 13:54:30.0795 4644 usbccgp - ok 13:54:30.0889 4644 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 13:54:30.0920 4644 usbcir - ok 13:54:30.0967 4644 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 13:54:30.0998 4644 usbehci - ok 13:54:31.0060 4644 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 13:54:31.0123 4644 usbhub - ok 13:54:31.0170 4644 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 13:54:31.0216 4644 usbohci - ok 13:54:31.0263 4644 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 13:54:31.0310 4644 usbprint - ok 13:54:31.0357 4644 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:54:31.0450 4644 USBSTOR - ok 13:54:31.0528 4644 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 13:54:31.0575 4644 usbuhci - ok 13:54:31.0638 4644 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 13:54:31.0669 4644 usbvideo - ok 13:54:31.0747 4644 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys 13:54:31.0794 4644 VClone - ok 13:54:31.0872 4644 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 13:54:31.0903 4644 vdrvroot - ok 13:54:31.0965 4644 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 13:54:31.0996 4644 vga - ok 13:54:32.0059 4644 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 13:54:32.0137 4644 VgaSave - ok 13:54:32.0184 4644 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 13:54:32.0215 4644 vhdmp - ok 13:54:32.0246 4644 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 13:54:32.0293 4644 viaide - ok 13:54:32.0340 4644 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 13:54:32.0371 4644 volmgr - ok 13:54:32.0402 4644 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 13:54:32.0433 4644 volmgrx - ok 13:54:32.0480 4644 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 13:54:32.0496 4644 volsnap - ok 13:54:32.0542 4644 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 13:54:32.0574 4644 vsmraid - ok 13:54:32.0620 4644 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 13:54:32.0667 4644 vwifibus - ok 13:54:32.0714 4644 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 13:54:32.0761 4644 vwififlt - ok 13:54:32.0808 4644 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 13:54:32.0854 4644 vwifimp - ok 13:54:32.0932 4644 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys 13:54:32.0964 4644 wacommousefilter - ok 13:54:33.0010 4644 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 13:54:33.0026 4644 WacomPen - ok 13:54:33.0088 4644 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys 13:54:33.0104 4644 wacomvhid - ok 13:54:33.0166 4644 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:54:33.0244 4644 WANARP - ok 13:54:33.0244 4644 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:54:33.0276 4644 Wanarpv6 - ok 13:54:33.0338 4644 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 13:54:33.0354 4644 Wd - ok 13:54:33.0416 4644 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 13:54:33.0478 4644 Wdf01000 - ok 13:54:33.0541 4644 wdkmd (63ce387483e74a0bd79ee4e5eba1fd2e) C:\Windows\system32\DRIVERS\WDKMD.sys 13:54:33.0541 4644 wdkmd - ok 13:54:33.0619 4644 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 13:54:33.0666 4644 WfpLwf - ok 13:54:33.0728 4644 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 13:54:33.0759 4644 WimFltr - ok 13:54:33.0806 4644 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 13:54:33.0822 4644 WIMMount - ok 13:54:33.0931 4644 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 13:54:33.0978 4644 WinUsb - ok 13:54:34.0071 4644 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 13:54:34.0102 4644 WmiAcpi - ok 13:54:34.0165 4644 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 13:54:34.0227 4644 ws2ifsl - ok 13:54:34.0274 4644 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 13:54:34.0336 4644 WudfPf - ok 13:54:34.0399 4644 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 13:54:34.0477 4644 WUDFRd - ok 13:54:34.0539 4644 MBR (0x1B8) (8e734bd7aa1d4f7e9af58df495f6cf9e) \Device\Harddisk0\DR0 13:54:34.0695 4644 \Device\Harddisk0\DR0 - ok 13:54:34.0742 4644 Boot (0x1200) (095f797b23af9d5c9e30b8a222f9ea25) \Device\Harddisk0\DR0\Partition0 13:54:34.0742 4644 \Device\Harddisk0\DR0\Partition0 - ok 13:54:34.0758 4644 Boot (0x1200) (4b1e91fb7213bd93cfe161c5a8e85848) \Device\Harddisk0\DR0\Partition1 13:54:34.0758 4644 \Device\Harddisk0\DR0\Partition1 - ok 13:54:34.0758 4644 ============================================================ 13:54:34.0758 4644 Scan finished 13:54:34.0758 4644 ============================================================ 13:54:34.0789 3004 Detected object count: 0 13:54:34.0789 3004 Actual detected object count: 0 16:00:46.0230 1380 ============================================================ 16:00:46.0230 1380 Scan started 16:00:46.0230 1380 Mode: Manual; SigCheck; TDLFS; 16:00:46.0230 1380 ============================================================ 16:00:47.0490 1380 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 16:00:47.0506 1380 1394ohci - ok 16:00:47.0553 1380 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 16:00:47.0563 1380 ACPI - ok 16:00:47.0606 1380 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 16:00:47.0618 1380 AcpiPmi - ok 16:00:47.0692 1380 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 16:00:47.0704 1380 adp94xx - ok 16:00:47.0750 1380 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 16:00:47.0760 1380 adpahci - ok 16:00:47.0816 1380 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 16:00:47.0824 1380 adpu320 - ok 16:00:47.0898 1380 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 16:00:47.0910 1380 AFD - ok 16:00:47.0969 1380 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 16:00:47.0975 1380 agp440 - ok 16:00:48.0016 1380 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 16:00:48.0023 1380 aliide - ok 16:00:48.0066 1380 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 16:00:48.0072 1380 amdide - ok 16:00:48.0126 1380 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 16:00:48.0135 1380 AmdK8 - ok 16:00:48.0181 1380 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 16:00:48.0191 1380 AmdPPM - ok 16:00:48.0245 1380 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 16:00:48.0252 1380 amdsata - ok 16:00:48.0307 1380 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 16:00:48.0315 1380 amdsbs - ok 16:00:48.0369 1380 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 16:00:48.0376 1380 amdxata - ok 16:00:48.0433 1380 AMPPAL (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys 16:00:48.0443 1380 AMPPAL - ok 16:00:48.0488 1380 AMPPALP (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys 16:00:48.0497 1380 AMPPALP - ok 16:00:48.0543 1380 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys 16:00:48.0550 1380 Andbus - ok 16:00:48.0598 1380 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys 16:00:48.0605 1380 AndDiag - ok 16:00:48.0654 1380 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys 16:00:48.0660 1380 AndGps - ok 16:00:48.0716 1380 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys 16:00:48.0723 1380 ANDModem - ok 16:00:48.0782 1380 androidusb (9c1751b2e733471ae07561028b7d2a9b) C:\Windows\system32\Drivers\lgandadb.sys 16:00:48.0790 1380 androidusb - ok 16:00:48.0851 1380 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 16:00:48.0876 1380 AppID - ok 16:00:48.0941 1380 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 16:00:48.0948 1380 arc - ok 16:00:48.0986 1380 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 16:00:48.0995 1380 arcsas - ok 16:00:49.0054 1380 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 16:00:49.0062 1380 ASMMAP64 - ok 16:00:49.0138 1380 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 16:00:49.0165 1380 AsyncMac - ok 16:00:49.0220 1380 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 16:00:49.0227 1380 atapi - ok 16:00:49.0300 1380 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 16:00:49.0321 1380 athr - ok 16:00:49.0390 1380 ATKWMIACPIIO (ac31727f9946e9009480708e4d1b9986) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 16:00:49.0396 1380 ATKWMIACPIIO - ok 16:00:49.0502 1380 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 16:00:49.0514 1380 b06bdrv - ok 16:00:49.0559 1380 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 16:00:49.0570 1380 b57nd60a - ok 16:00:49.0612 1380 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 16:00:49.0638 1380 Beep - ok 16:00:49.0679 1380 BlackBox - ok 16:00:49.0725 1380 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 16:00:49.0735 1380 blbdrive - ok 16:00:49.0805 1380 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 16:00:49.0813 1380 bowser - ok 16:00:49.0873 1380 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 16:00:49.0884 1380 BrFiltLo - ok 16:00:49.0921 1380 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 16:00:49.0932 1380 BrFiltUp - ok 16:00:49.0982 1380 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 16:00:50.0009 1380 BridgeMP - ok 16:00:50.0112 1380 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 16:00:50.0123 1380 Brserid - ok 16:00:50.0166 1380 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 16:00:50.0177 1380 BrSerWdm - ok 16:00:50.0218 1380 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 16:00:50.0229 1380 BrUsbMdm - ok 16:00:50.0264 1380 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 16:00:50.0273 1380 BrUsbSer - ok 16:00:50.0320 1380 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 16:00:50.0328 1380 BthEnum - ok 16:00:50.0379 1380 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 16:00:50.0390 1380 BTHMODEM - ok 16:00:50.0427 1380 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 16:00:50.0438 1380 BthPan - ok 16:00:50.0501 1380 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 16:00:50.0514 1380 BTHPORT - ok 16:00:50.0561 1380 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 16:00:50.0569 1380 BTHUSB - ok 16:00:50.0617 1380 btmaux (270fba230e78e25726d065a924589a72) C:\Windows\system32\DRIVERS\btmaux.sys 16:00:50.0626 1380 btmaux - ok 16:00:50.0689 1380 btmhsf (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys 16:00:50.0698 1380 btmhsf - ok 16:00:50.0701 1380 catchme - ok 16:00:50.0758 1380 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 16:00:50.0785 1380 cdfs - ok 16:00:50.0849 1380 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 16:00:50.0859 1380 cdrom - ok 16:00:50.0903 1380 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 16:00:50.0914 1380 circlass - ok 16:00:50.0961 1380 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 16:00:50.0971 1380 CLFS - ok 16:00:51.0055 1380 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 16:00:51.0064 1380 CmBatt - ok 16:00:51.0107 1380 cmdGuard (755f1e440b6c90d83fe3e50331e55298) C:\Windows\system32\DRIVERS\cmdguard.sys 16:00:51.0121 1380 cmdGuard - ok 16:00:51.0164 1380 cmdHlp (4b5b1688ab86ebced4bef8d337e9a722) C:\Windows\system32\DRIVERS\cmdhlp.sys 16:00:51.0170 1380 cmdHlp - ok 16:00:51.0219 1380 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 16:00:51.0226 1380 cmdide - ok 16:00:51.0285 1380 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 16:00:51.0300 1380 CNG - ok 16:00:51.0349 1380 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 16:00:51.0356 1380 Compbatt - ok 16:00:51.0397 1380 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 16:00:51.0408 1380 CompositeBus - ok 16:00:51.0454 1380 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 16:00:51.0461 1380 crcdisk - ok 16:00:51.0569 1380 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 16:00:51.0595 1380 DfsC - ok 16:00:51.0600 1380 DIRECTIO - ok 16:00:51.0636 1380 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 16:00:51.0663 1380 discache - ok 16:00:51.0709 1380 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 16:00:51.0716 1380 Disk - ok 16:00:51.0760 1380 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 16:00:51.0770 1380 drmkaud - ok 16:00:51.0828 1380 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 16:00:51.0857 1380 DXGKrnl - ok 16:00:51.0964 1380 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 16:00:52.0000 1380 ebdrv - ok 16:00:52.0067 1380 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 16:00:52.0075 1380 ElbyCDIO - ok 16:00:52.0141 1380 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 16:00:52.0153 1380 elxstor - ok 16:00:52.0204 1380 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 16:00:52.0213 1380 ErrDev - ok 16:00:52.0269 1380 ETD (871ab1bfa00eca5dfde99d6eece1bfd4) C:\Windows\system32\DRIVERS\ETD.sys 16:00:52.0278 1380 ETD - ok 16:00:52.0388 1380 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 16:00:52.0416 1380 exfat - ok 16:00:52.0466 1380 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 16:00:52.0494 1380 fastfat - ok 16:00:52.0541 1380 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 16:00:52.0553 1380 fdc - ok 16:00:52.0662 1380 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 16:00:52.0670 1380 FileInfo - ok 16:00:52.0710 1380 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 16:00:52.0736 1380 Filetrace - ok 16:00:52.0794 1380 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 16:00:52.0803 1380 flpydisk - ok 16:00:52.0858 1380 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 16:00:52.0867 1380 FltMgr - ok 16:00:52.0917 1380 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 16:00:52.0924 1380 FsDepends - ok 16:00:52.0971 1380 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 16:00:52.0978 1380 fssfltr - ok 16:00:53.0032 1380 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 16:00:53.0039 1380 Fs_Rec - ok 16:00:53.0080 1380 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 16:00:53.0090 1380 fvevol - ok 16:00:53.0137 1380 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 16:00:53.0145 1380 gagp30kx - ok 16:00:53.0189 1380 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 16:00:53.0198 1380 hcw85cir - ok 16:00:53.0240 1380 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 16:00:53.0254 1380 HdAudAddService - ok 16:00:53.0298 1380 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 16:00:53.0310 1380 HDAudBus - ok 16:00:53.0400 1380 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 16:00:53.0409 1380 HidBatt - ok 16:00:53.0446 1380 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 16:00:53.0457 1380 HidBth - ok 16:00:53.0490 1380 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 16:00:53.0502 1380 HidIr - ok 16:00:53.0537 1380 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 16:00:53.0546 1380 HidUsb - ok 16:00:53.0595 1380 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 16:00:53.0603 1380 HpSAMD - ok 16:00:53.0653 1380 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 16:00:53.0685 1380 HTTP - ok 16:00:53.0734 1380 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 16:00:53.0741 1380 hwpolicy - ok 16:00:53.0786 1380 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 16:00:53.0795 1380 i8042prt - ok 16:00:53.0893 1380 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys 16:00:53.0906 1380 iaStor - ok 16:00:53.0967 1380 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 16:00:53.0978 1380 iaStorV - ok 16:00:54.0036 1380 iBtFltCoex (de9e40baee2e48fd1e3eb423074c014c) C:\Windows\system32\DRIVERS\iBtFltCoex.sys 16:00:54.0044 1380 iBtFltCoex - ok 16:00:54.0325 1380 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys 16:00:54.0437 1380 igfx - ok 16:00:54.0503 1380 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 16:00:54.0510 1380 iirsp - ok 16:00:54.0562 1380 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys 16:00:54.0569 1380 inspect - ok 16:00:54.0624 1380 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys 16:00:54.0631 1380 intaud_WaveExtensible - ok 16:00:54.0715 1380 IntcAzAudAddService (02c93ebaa4421418411448fe7fdfd815) C:\Windows\system32\drivers\RTKVHD64.sys 16:00:54.0762 1380 IntcAzAudAddService - ok 16:00:54.0809 1380 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 16:00:54.0824 1380 IntcDAud - ok 16:00:54.0887 1380 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 16:00:54.0902 1380 intelide - ok 16:00:54.0934 1380 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 16:00:54.0949 1380 intelppm - ok 16:00:54.0996 1380 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:00:55.0012 1380 IpFilterDriver - ok 16:00:55.0058 1380 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 16:00:55.0058 1380 IPMIDRV - ok 16:00:55.0105 1380 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 16:00:55.0121 1380 IPNAT - ok 16:00:55.0168 1380 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 16:00:55.0183 1380 IRENUM - ok 16:00:55.0230 1380 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 16:00:55.0246 1380 isapnp - ok 16:00:55.0308 1380 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 16:00:55.0308 1380 iScsiPrt - ok 16:00:55.0355 1380 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys 16:00:55.0370 1380 iwdbus - ok 16:00:55.0417 1380 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 16:00:55.0417 1380 kbdclass - ok 16:00:55.0464 1380 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 16:00:55.0464 1380 kbdhid - ok 16:00:55.0526 1380 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 16:00:55.0558 1380 kbfiltr - ok 16:00:55.0651 1380 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 16:00:55.0651 1380 KSecDD - ok 16:00:55.0698 1380 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 16:00:55.0698 1380 KSecPkg - ok 16:00:55.0760 1380 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 16:00:55.0792 1380 ksthunk - ok 16:00:55.0854 1380 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys 16:00:55.0870 1380 L1C - ok 16:00:55.0932 1380 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 16:00:55.0963 1380 lltdio - ok 16:00:56.0026 1380 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 16:00:56.0041 1380 LSI_FC - ok 16:00:56.0088 1380 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 16:00:56.0088 1380 LSI_SAS - ok 16:00:56.0213 1380 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 16:00:56.0213 1380 LSI_SAS2 - ok 16:00:56.0260 1380 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 16:00:56.0275 1380 LSI_SCSI - ok 16:00:56.0322 1380 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 16:00:56.0353 1380 luafv - ok 16:00:56.0431 1380 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 16:00:56.0431 1380 MBAMProtector - ok 16:00:56.0509 1380 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 16:00:56.0525 1380 megasas - ok 16:00:56.0572 1380 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 16:00:56.0572 1380 MegaSR - ok 16:00:56.0634 1380 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 16:00:56.0650 1380 MEIx64 - ok 16:00:56.0696 1380 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 16:00:56.0728 1380 Modem - ok 16:00:56.0759 1380 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 16:00:56.0774 1380 monitor - ok 16:00:56.0806 1380 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 16:00:56.0806 1380 mouclass - ok 16:00:56.0884 1380 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 16:00:56.0899 1380 mouhid - ok 16:00:56.0962 1380 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 16:00:56.0962 1380 mountmgr - ok 16:00:57.0024 1380 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 16:00:57.0024 1380 MpFilter - ok 16:00:57.0086 1380 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 16:00:57.0102 1380 mpio - ok 16:00:57.0149 1380 MpKsl4854c672 - ok 16:00:57.0227 1380 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 16:00:57.0227 1380 MpNWMon - ok 16:00:57.0289 1380 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 16:00:57.0320 1380 mpsdrv - ok 16:00:57.0398 1380 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 16:00:57.0414 1380 MRxDAV - ok 16:00:57.0476 1380 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 16:00:57.0476 1380 mrxsmb - ok 16:00:57.0523 1380 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:00:57.0523 1380 mrxsmb10 - ok 16:00:57.0586 1380 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:00:57.0586 1380 mrxsmb20 - ok 16:00:57.0664 1380 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 16:00:57.0664 1380 msahci - ok 16:00:57.0726 1380 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 16:00:57.0726 1380 msdsm - ok 16:00:57.0788 1380 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 16:00:57.0804 1380 Msfs - ok 16:00:57.0866 1380 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 16:00:57.0898 1380 mshidkmdf - ok 16:00:57.0944 1380 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 16:00:57.0944 1380 msisadrv - ok 16:00:58.0007 1380 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 16:00:58.0022 1380 MSKSSRV - ok 16:00:58.0085 1380 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 16:00:58.0116 1380 MSPCLOCK - ok 16:00:58.0147 1380 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 16:00:58.0178 1380 MSPQM - ok 16:00:58.0225 1380 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 16:00:58.0225 1380 MsRPC - ok 16:00:58.0272 1380 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 16:00:58.0288 1380 mssmbios - ok 16:00:58.0319 1380 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 16:00:58.0350 1380 MSTEE - ok 16:00:58.0381 1380 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 16:00:58.0397 1380 MTConfig - ok 16:00:58.0444 1380 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 16:00:58.0444 1380 Mup - ok 16:00:58.0506 1380 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 16:00:58.0522 1380 NativeWifiP - ok 16:00:58.0584 1380 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 16:00:58.0600 1380 NDIS - ok 16:00:58.0662 1380 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 16:00:58.0693 1380 NdisCap - ok 16:00:58.0724 1380 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 16:00:58.0756 1380 NdisTapi - ok 16:00:58.0802 1380 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 16:00:58.0818 1380 Ndisuio - ok 16:00:58.0865 1380 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 16:00:58.0880 1380 NdisWan - ok 16:00:58.0927 1380 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 16:00:58.0958 1380 NDProxy - ok 16:00:58.0990 1380 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 16:00:59.0021 1380 NetBIOS - ok 16:00:59.0068 1380 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 16:00:59.0099 1380 NetBT - ok 16:00:59.0286 1380 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys 16:00:59.0364 1380 NETwNs64 - ok 16:00:59.0411 1380 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 16:00:59.0426 1380 nfrd960 - ok 16:00:59.0473 1380 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 16:00:59.0489 1380 NisDrv - ok 16:00:59.0567 1380 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 16:00:59.0582 1380 Npfs - ok 16:00:59.0629 1380 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 16:00:59.0660 1380 nsiproxy - ok 16:00:59.0738 1380 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 16:00:59.0770 1380 Ntfs - ok 16:00:59.0816 1380 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 16:00:59.0848 1380 Null - ok 16:00:59.0910 1380 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 16:00:59.0910 1380 nvraid - ok 16:00:59.0957 1380 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 16:00:59.0972 1380 nvstor - ok 16:01:00.0035 1380 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 16:01:00.0035 1380 nv_agp - ok 16:01:00.0082 1380 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 16:01:00.0097 1380 ohci1394 - ok 16:01:00.0128 1380 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 16:01:00.0144 1380 Parport - ok 16:01:00.0175 1380 Partizan - ok 16:01:00.0222 1380 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 16:01:00.0222 1380 partmgr - ok 16:01:00.0284 1380 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 16:01:00.0284 1380 pci - ok 16:01:00.0331 1380 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 16:01:00.0331 1380 pciide - ok 16:01:00.0409 1380 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 16:01:00.0425 1380 pcmcia - ok 16:01:00.0472 1380 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 16:01:00.0472 1380 pcw - ok 16:01:00.0534 1380 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 16:01:00.0565 1380 PEAUTH - ok 16:01:00.0628 1380 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 16:01:00.0643 1380 PptpMiniport - ok 16:01:00.0690 1380 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 16:01:00.0706 1380 Processor - ok 16:01:00.0752 1380 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 16:01:00.0768 1380 Psched - ok 16:01:00.0893 1380 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 16:01:00.0924 1380 ql2300 - ok 16:01:00.0986 1380 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 16:01:00.0986 1380 ql40xx - ok 16:01:01.0049 1380 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 16:01:01.0049 1380 QWAVEdrv - ok 16:01:01.0096 1380 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 16:01:01.0127 1380 RasAcd - ok 16:01:01.0189 1380 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 16:01:01.0220 1380 RasAgileVpn - ok 16:01:01.0267 1380 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 16:01:01.0283 1380 Rasl2tp - ok 16:01:01.0330 1380 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 16:01:01.0361 1380 RasPppoe - ok 16:01:01.0408 1380 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 16:01:01.0439 1380 RasSstp - ok 16:01:01.0470 1380 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 16:01:01.0501 1380 rdbss - ok 16:01:01.0548 1380 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 16:01:01.0548 1380 rdpbus - ok 16:01:01.0610 1380 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 16:01:01.0626 1380 RDPCDD - ok 16:01:01.0673 1380 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 16:01:01.0704 1380 RDPENCDD - ok 16:01:01.0751 1380 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 16:01:01.0766 1380 RDPREFMP - ok 16:01:01.0813 1380 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 16:01:01.0844 1380 RDPWD - ok 16:01:01.0876 1380 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 16:01:01.0891 1380 rdyboost - ok 16:01:01.0938 1380 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 16:01:01.0954 1380 RFCOMM - ok 16:01:02.0000 1380 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 16:01:02.0016 1380 rspndr - ok 16:01:02.0063 1380 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 16:01:02.0078 1380 sbp2port - ok 16:01:02.0110 1380 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 16:01:02.0141 1380 scfilter - ok 16:01:02.0188 1380 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 16:01:02.0203 1380 secdrv - ok 16:01:02.0250 1380 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 16:01:02.0266 1380 Serenum - ok 16:01:02.0312 1380 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 16:01:02.0312 1380 Serial - ok 16:01:02.0359 1380 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 16:01:02.0375 1380 sermouse - ok 16:01:02.0437 1380 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 16:01:02.0453 1380 sffdisk - ok 16:01:02.0484 1380 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 16:01:02.0500 1380 sffp_mmc - ok 16:01:02.0531 1380 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 16:01:02.0531 1380 sffp_sd - ok 16:01:02.0578 1380 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 16:01:02.0578 1380 sfloppy - ok 16:01:02.0624 1380 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 16:01:02.0640 1380 SiSGbeLH - ok 16:01:02.0687 1380 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 16:01:02.0687 1380 SiSRaid2 - ok 16:01:02.0734 1380 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 16:01:02.0749 1380 SiSRaid4 - ok 16:01:02.0796 1380 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 16:01:02.0812 1380 Smb - ok 16:01:02.0905 1380 SNP2UVC (c98375d19f9e9966f6201bae65fb3728) C:\Windows\system32\DRIVERS\snp2uvc.sys 16:01:02.0936 1380 SNP2UVC - ok 16:01:02.0983 1380 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 16:01:02.0983 1380 spldr - ok 16:01:03.0061 1380 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 16:01:03.0077 1380 srv - ok 16:01:03.0108 1380 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 16:01:03.0124 1380 srv2 - ok 16:01:03.0170 1380 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 16:01:03.0186 1380 srvnet - ok 16:01:03.0280 1380 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 16:01:03.0280 1380 stexstor - ok 16:01:03.0326 1380 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 16:01:03.0342 1380 swenum - ok 16:01:03.0436 1380 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 16:01:03.0451 1380 Tcpip - ok 16:01:03.0529 1380 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 16:01:03.0560 1380 TCPIP6 - ok 16:01:03.0607 1380 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 16:01:03.0638 1380 tcpipreg - ok 16:01:03.0685 1380 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 16:01:03.0716 1380 TDPIPE - ok 16:01:03.0763 1380 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 16:01:03.0779 1380 TDTCP - ok 16:01:03.0826 1380 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 16:01:03.0841 1380 tdx - ok 16:01:03.0888 1380 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 16:01:03.0904 1380 TermDD - ok 16:01:03.0966 1380 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 16:01:03.0982 1380 tssecsrv - ok 16:01:04.0028 1380 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 16:01:04.0044 1380 TsUsbFlt - ok 16:01:04.0075 1380 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 16:01:04.0091 1380 TsUsbGD - ok 16:01:04.0153 1380 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 16:01:04.0184 1380 tunnel - ok 16:01:04.0216 1380 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 16:01:04.0231 1380 uagp35 - ok 16:01:04.0278 1380 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 16:01:04.0309 1380 udfs - ok 16:01:04.0340 1380 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 16:01:04.0356 1380 uliagpkx - ok 16:01:04.0387 1380 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 16:01:04.0387 1380 umbus - ok 16:01:04.0450 1380 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 16:01:04.0450 1380 UmPass - ok 16:01:04.0512 1380 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 16:01:04.0528 1380 usbccgp - ok 16:01:04.0574 1380 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 16:01:04.0574 1380 usbcir - ok 16:01:04.0637 1380 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 16:01:04.0637 1380 usbehci - ok 16:01:04.0699 1380 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 16:01:04.0699 1380 usbhub - ok 16:01:04.0746 1380 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 16:01:04.0746 1380 usbohci - ok 16:01:04.0793 1380 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 16:01:04.0808 1380 usbprint - ok 16:01:04.0871 1380 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:01:04.0886 1380 USBSTOR - ok 16:01:04.0949 1380 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 16:01:04.0949 1380 usbuhci - ok 16:01:04.0996 1380 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 16:01:05.0011 1380 usbvideo - ok 16:01:05.0058 1380 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys 16:01:05.0058 1380 VClone - ok 16:01:05.0105 1380 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 16:01:05.0105 1380 vdrvroot - ok 16:01:05.0152 1380 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 16:01:05.0167 1380 vga - ok 16:01:05.0214 1380 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 16:01:05.0245 1380 VgaSave - ok 16:01:05.0292 1380 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 16:01:05.0292 1380 vhdmp - ok 16:01:05.0339 1380 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 16:01:05.0339 1380 viaide - ok 16:01:05.0386 1380 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 16:01:05.0401 1380 volmgr - ok 16:01:05.0448 1380 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 16:01:05.0448 1380 volmgrx - ok 16:01:05.0495 1380 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 16:01:05.0510 1380 volsnap - ok 16:01:05.0557 1380 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 16:01:05.0573 1380 vsmraid - ok 16:01:05.0620 1380 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 16:01:05.0620 1380 vwifibus - ok 16:01:05.0682 1380 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 16:01:05.0698 1380 vwififlt - ok 16:01:05.0744 1380 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 16:01:05.0744 1380 vwifimp - ok 16:01:05.0807 1380 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys 16:01:05.0822 1380 wacommousefilter - ok 16:01:05.0885 1380 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 16:01:05.0885 1380 WacomPen - ok 16:01:05.0932 1380 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys 16:01:05.0947 1380 wacomvhid - ok 16:01:05.0994 1380 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 16:01:06.0025 1380 WANARP - ok 16:01:06.0041 1380 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 16:01:06.0072 1380 Wanarpv6 - ok 16:01:06.0134 1380 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 16:01:06.0134 1380 Wd - ok 16:01:06.0181 1380 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 16:01:06.0197 1380 Wdf01000 - ok 16:01:06.0259 1380 wdkmd (63ce387483e74a0bd79ee4e5eba1fd2e) C:\Windows\system32\DRIVERS\WDKMD.sys 16:01:06.0259 1380 wdkmd - ok 16:01:06.0337 1380 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 16:01:06.0368 1380 WfpLwf - ok 16:01:06.0431 1380 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 16:01:06.0431 1380 WimFltr - ok 16:01:06.0478 1380 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 16:01:06.0478 1380 WIMMount - ok 16:01:06.0556 1380 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 16:01:06.0571 1380 WinUsb - ok 16:01:06.0602 1380 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 16:01:06.0618 1380 WmiAcpi - ok 16:01:06.0680 1380 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 16:01:06.0712 1380 ws2ifsl - ok 16:01:06.0774 1380 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 16:01:06.0790 1380 WudfPf - ok 16:01:06.0852 1380 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 16:01:06.0868 1380 WUDFRd - ok 16:01:06.0914 1380 MBR (0x1B8) (8e734bd7aa1d4f7e9af58df495f6cf9e) \Device\Harddisk0\DR0 16:01:07.0102 1380 \Device\Harddisk0\DR0 - ok 16:01:07.0164 1380 Boot (0x1200) (095f797b23af9d5c9e30b8a222f9ea25) \Device\Harddisk0\DR0\Partition0 16:01:07.0164 1380 \Device\Harddisk0\DR0\Partition0 - ok 16:01:07.0180 1380 Boot (0x1200) (4b1e91fb7213bd93cfe161c5a8e85848) \Device\Harddisk0\DR0\Partition1 16:01:07.0180 1380 \Device\Harddisk0\DR0\Partition1 - ok 16:01:07.0180 1380 ============================================================ 16:01:07.0180 1380 Scan finished 16:01:07.0180 1380 ============================================================ 16:01:07.0195 6816 Detected object count: 0 16:01:07.0195 6816 Actual detected object count: 0
stdrt.exe running in temp folder

Rovot replied to Rovot's topic in Resolved Malware Removal Logs

RogueKiller V7.1.0 [02/15/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Guillermo [Admin rights] Mode: Scan -- Date: 02/21/2012 06:02:24 ¤¤¤ Bad processes: 1 ¤¤¤ [sUSP PATH] stdrt.exe -- C:\Windows\TEMP\mrt6508.tmp\stdrt.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 4 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9500325AS +++++ --- User --- [MBR] e067c16ba6bb3e117d117429a6a915d7 [bSP] 8eff933f8e3bbfe8fbb683dc3ae172a9 : Linux MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 40005 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81931500 | Size: 101736 Mo 2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 290289662 | Size: 335196 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
stdrt.exe running in temp folder

Rovot posted a topic in Resolved Malware Removal Logs

a randomly generated temp folder is created every time I reboot that runs a program stdrt.exe. pop up brosive.com/therugged.com in IE only. IE is not my main browser ; in fact I do not use it Microsoft Security Essentials found PDFjsc and CVE-2010-0840 on my system heres my DDS log: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Guillermo at 15:35:12 on 2012-02-18 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.2124 [GMT -6:00] . AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC} FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Tablet\Pen\Pen_TouchService.exe C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Tablet\Pen\Pen_TouchUser.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\TEMP\mrt5D5B.tmp\stdrt.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Windows\System32\rundll32.exe C:\Windows\vsnp2uvc.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files (x86)\RocketDock\RocketDock.exe C:\Program Files\PeerBlock\peerblock.exe C:\Users\Guillermo\Local Settings\Apps\F.lux\flux.exe C:\Program Files\CrashPlan\CrashPlanTray.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Users\Guillermo\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\Bamboo Dock\BambooCore.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files\CrashPlan\CrashPlanService.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\msiexec.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files\Tablet\Pen\Pen_TabletUser.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . mStart Page = hxxp://asus.msn.com BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe uRun: [F.lux] "C:\Users\Guillermo\Local Settings\Apps\F.lux\flux.exe" /noshow mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe StartupFolder: C:\Users\GUILLE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Guillermo\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll Trusted Zone: intuit.com\ttlc DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3} : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3}\16474777966696 : DhcpNameServer = 192.168.4.1 64.134.255.2 64.134.255.10 TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3}\4414E49454C414 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3}\642756561457374796E675966496E236F6D6D224162766C6977237 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3}\6627F6E64737964656F5762796E646 : DhcpNameServer = 209.18.47.61 209.18.47.62 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll mRun-x64: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun-x64: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun-x64: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll . ============= SERVICES / DRIVERS =============== . R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536] R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?] R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?] R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-4-21 1136640] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-4-21 134928] R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2011-3-16 222720] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-1-27 1153368] R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-2-9 531328] R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504] R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2012-1-6 6583160] R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2012-1-6 528760] R3 AMPPAL;Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2012-1-6 24176] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] S2 Adobe Licensing Console;Adobe Licensing Console;C:\Windows\SysWOW64\adbcnsl.exe [2012-1-7 689492] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-7 652360] S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-25 2656280] S3 AMPPALP;Intel® Centrino® Bluetooth 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?] S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\system32\DRIVERS\lgandbus64.sys --> C:\Windows\system32\DRIVERS\lgandbus64.sys [?] S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\system32\DRIVERS\lganddiag64.sys --> C:\Windows\system32\DRIVERS\lganddiag64.sys [?] S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\system32\DRIVERS\lgandgps64.sys --> C:\Windows\system32\DRIVERS\lgandgps64.sys [?] S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\system32\DRIVERS\lgandmodem64.sys --> C:\Windows\system32\DRIVERS\lgandmodem64.sys [?] S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\lgandadb.sys --> C:\Windows\system32\Drivers\lgandadb.sys [?] S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?] S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?] S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-02-18 21:33:41 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BD89AB4-2C40-4870-9C4C-1DF0FCDA2B4C}\offreg.dll 2012-02-18 20:59:50 39184 ----a-w- C:\Windows\System32\Partizan.exe 2012-02-18 20:54:26 8602168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BD89AB4-2C40-4870-9C4C-1DF0FCDA2B4C}\mpengine.dll 2012-02-17 06:22:50 -------- d-----w- C:\Users\Guillermo\AppData\Local\{FFFA2FB9-4857-4475-8379-F36343DA5801} 2012-02-15 22:27:06 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-02-15 17:26:32 -------- d-----w- C:\$RECYCLE.BIN 2012-02-15 01:31:33 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-15 01:31:33 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-15 01:31:30 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-15 01:31:30 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-15 01:31:29 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-15 01:31:29 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-15 01:31:26 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-15 01:31:26 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-13 21:25:20 -------- d-----w- C:\Users\Guillermo\AppData\Local\CrashDumps 2012-02-13 20:24:38 196224 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll 2012-02-13 20:24:32 -------- d-----w- C:\ProgramData\P4G 2012-02-13 20:24:32 -------- d-----w- C:\Program Files\ASUS 2012-02-12 09:52:49 -------- d-----w- C:\Users\Guillermo\AppData\Local\SWTOR 2012-02-12 08:12:22 81984 ----a-w- C:\Windows\System32\bdod.bin 2012-02-12 06:25:36 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\BitDefender 2012-02-12 06:25:23 -------- d-----w- C:\ProgramData\BitDefender 2012-02-12 06:25:23 -------- d-----w- C:\Program Files\Common Files\BitDefender 2012-02-12 06:25:23 -------- d-----w- C:\Program Files\BitDefender 2012-02-12 06:24:53 -------- d-----w- C:\Program Files (x86)\Common Files\BitDefender 2012-02-12 06:13:46 -------- d-----w- C:\ProgramData\CPA_VA 2012-02-12 06:07:42 -------- d-----w- C:\ProgramData\Comodo 2012-02-12 06:07:39 -------- d-----w- C:\Program Files\COMODO 2012-02-12 06:07:35 -------- d-----w- C:\Program Files (x86)\Comodo 2012-02-11 03:30:33 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare 2012-02-11 01:55:29 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-02-11 01:55:14 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E95627E9-6740-4F24-9957-A5715780658E}\gapaengine.dll 2012-02-11 01:41:59 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab 2012-02-10 21:35:59 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\Origin 2012-02-10 21:34:55 -------- d-----w- C:\ProgramData\Origin 2012-02-08 11:51:38 14848 ----a-w- C:\Windows\SysWow64\regsvr32 - Copy.exe 2012-02-08 11:32:42 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\QuickScan 2012-02-08 11:27:04 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys 2012-02-08 11:26:31 -------- d-----w- C:\ProgramData\Hitman Pro 2012-02-08 04:39:27 2 --shatr- C:\Windows\winstart.bat 2012-02-08 04:39:23 -------- d-----w- C:\Program Files (x86)\UnHackMe 2012-02-08 03:28:15 -------- d-----w- C:\Users\Guillermo\AppData\Local\NPE 2012-02-08 03:28:15 -------- d-----w- C:\ProgramData\Norton 2012-02-08 02:57:14 767952 ----a-w- C:\Windows\BDTSupport.dll0227.old 2012-02-08 02:57:13 149456 ----a-w- C:\Windows\SGDetectionTool.dll0227.old 2012-02-08 02:57:12 2246608 ----a-w- C:\Windows\PCTBDCore.dll0227.old 2012-02-08 02:55:43 -------- d-----w- C:\Program Files (x86)\PC Tools 2012-02-08 01:31:22 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys 2012-02-08 01:31:20 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools 2012-02-08 01:29:19 -------- d-----w- C:\ProgramData\PC Tools 2012-02-08 01:29:18 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\TestApp 2012-02-07 06:37:43 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-02-07 06:37:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-02-07 06:36:31 388096 ----a-r- C:\Users\Guillermo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-02-07 01:59:16 -------- d-----w- C:\folder2 2012-02-07 01:59:08 -------- d-----w- C:\folder1 2012-02-05 20:17:46 98816 ----a-w- C:\Windows\sed.exe 2012-02-05 20:17:46 518144 ----a-w- C:\Windows\SWREG.exe 2012-02-05 20:17:46 256000 ----a-w- C:\Windows\PEV.exe 2012-02-05 20:17:46 208896 ----a-w- C:\Windows\MBR.exe 2012-02-04 09:42:13 65736 ----a-w- C:\Windows\System32\drivers\pxrts.sys 2012-02-04 09:42:12 -------- d-----w- C:\Program Files\Prevx 2012-02-04 09:41:56 -------- d-----w- C:\ProgramData\PrevxCSI 2012-02-03 08:10:27 35712 ----a-w- C:\Windows\SysWow64\drivers\BlackBox.sys 2012-02-03 04:17:12 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-02-03 03:24:35 -------- d-----w- C:\Users\Guillermo\AppData\Local\Sunbelt Software 2012-02-03 00:49:02 -------- d-----w- C:\Program Files (x86)\ESET 2012-02-02 18:35:22 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-02 02:03:35 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys 2012-02-02 01:50:16 -------- d-----w- C:\Program Files (x86)\Lavasoft 2012-02-02 01:46:26 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\SUPERAntiSpyware.com 2012-02-02 01:45:22 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\Malwarebytes 2012-02-02 01:45:07 -------- d-----w- C:\ProgramData\Malwarebytes 2012-02-01 18:06:06 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-02-01 18:06:06 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-02-01 18:06:06 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-02-01 18:06:06 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2012-02-01 18:06:06 -------- d-----w- C:\Program Files (x86)\OpenAL 2012-02-01 18:03:04 -------- d-----w- C:\Users\Guillermo\AppData\Local\2DBoy 2012-02-01 18:03:04 -------- d-----w- C:\ProgramData\2DBoy 2012-02-01 16:25:06 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine 2012-01-31 05:46:14 -------- d-----w- C:\Users\Guillermo\AppData\Local\Programs 2012-01-29 23:59:31 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-01-27 11:43:21 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys 2012-01-27 11:31:52 -------- d-----w- C:\Program Files (x86)\Trend Micro 2012-01-27 07:56:30 -------- d-----w- C:\ProgramData\Soulseek 2012-01-27 07:56:18 -------- d-----w- C:\Program Files (x86)\SoulseekNS 2012-01-27 07:31:41 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-01-27 07:31:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-01-26 06:03:56 -------- d-----w- C:\Users\Guillermo\.config 2012-01-25 18:49:25 -------- d-----w- C:\Program Files (x86)\Steam 2012-01-25 07:27:55 -------- d-----w- C:\ProgramData\Age of Empires 3 2012-01-25 07:20:22 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft Games 2012-01-25 07:13:08 -------- d-----w- C:\Program Files (x86)\Microsoft Games 2012-01-23 20:14:07 -------- d-----w- C:\Users\Guillermo\riotsGamesLogs 2012-01-23 19:34:58 -------- d-----w- C:\Games 2012-01-23 19:34:28 -------- d-----w- C:\Users\Guillermo\AppData\Local\Black_Tree_Gaming 2012-01-20 00:59:10 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\com.adobe.kuler.Desktop.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2012-01-20 00:59:09 -------- d-----w- C:\Program Files (x86)\Adobe kuler 2012-01-20 00:35:47 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software 2012-01-19 22:50:31 -------- d---a-w- C:\.Trash-1000 2012-01-19 21:40:30 -------- d-----w- C:\Program Files (x86)\Common Files\AnswerWorks 5.0 . ==================== Find3M ==================== . 2012-02-18 21:11:44 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe 2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-01-18 03:00:46 577824 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys 2012-01-08 23:07:41 2892 ----a-w- C:\Windows\SysWow64\audcon.sys 2012-01-08 21:40:09 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2012-01-08 21:40:09 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll 2012-01-08 21:40:09 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll 2012-01-08 05:09:32 384 ----a-w- C:\Windows\SysWow64\checkOS.bat 2012-01-07 19:23:35 689492 ----a-w- C:\Windows\SysWow64\adbcnsl.exe 2011-12-20 00:59:18 43248 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys 2011-12-20 00:59:16 22696 ----a-w- C:\Windows\System32\drivers\cmderd.sys 2011-12-20 00:58:58 41200 ----a-w- C:\Windows\System32\cmdcsr.dll 2011-12-20 00:58:56 389840 ----a-w- C:\Windows\System32\guard64.dll 2011-12-20 00:58:56 301224 ----a-w- C:\Windows\SysWow64\guard32.dll 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 15:37:03.32 ===============

Sign In

Rovot

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Everything posted by Rovot

stdrt.exe running in temp folder

stdrt.exe running in temp folder

stdrt.exe running in temp folder

stdrt.exe running in temp folder

stdrt.exe running in temp folder

stdrt.exe running in temp folder

stdrt.exe running in temp folder

stdrt.exe running in temp folder

stdrt.exe running in temp folder

stdrt.exe running in temp folder

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information