stdrt.exe running in temp folder

[Rovot]

• a randomly generated temp folder is created every time I reboot that runs a program stdrt.exe.
  
• pop up brosive.com/therugged.com in IE only. IE is not my main browser ; in fact I do not use it
  
• Microsoft Security Essentials found PDFjsc and CVE-2010-0840 on my system
  

heres my DDS log:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Guillermo at 15:35:12 on 2012-02-18

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.2124 [GMT -6:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}

FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Tablet\Pen\Pen_TouchService.exe

C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\TEMP\mrt5D5B.tmp\stdrt.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Windows\System32\rundll32.exe

C:\Windows\vsnp2uvc.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Program Files (x86)\RocketDock\RocketDock.exe

C:\Program Files\PeerBlock\peerblock.exe

C:\Users\Guillermo\Local Settings\Apps\F.lux\flux.exe

C:\Program Files\CrashPlan\CrashPlanTray.exe

C:\Program Files\Rainmeter\Rainmeter.exe

C:\Users\Guillermo\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files\CrashPlan\CrashPlanService.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\msiexec.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe

C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

mStart Page = hxxp://asus.msn.com

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"

uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe

uRun: [F.lux] "C:\Users\Guillermo\Local Settings\Apps\F.lux\flux.exe" /noshow

mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe

mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

StartupFolder: C:\Users\GUILLE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Guillermo\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

Trusted Zone: intuit.com\ttlc

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3}\16474777966696 : DhcpNameServer = 192.168.4.1 64.134.255.2 64.134.255.10

TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3}\4414E49454C414 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3}\642756561457374796E675966496E236F6D6D224162766C6977237 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{4101B8BE-0D8D-48E5-9CCA-DCB5B4279CB3}\6627F6E64737964656F5762796E646 : DhcpNameServer = 209.18.47.61 209.18.47.62

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

mRun-x64: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun-x64: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun-x64: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe

mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll

.

============= SERVICES / DRIVERS ===============

.

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]

R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-4-21 1136640]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-4-21 134928]

R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2011-3-16 222720]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-1-27 1153368]

R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-2-9 531328]

R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]

R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2012-1-6 6583160]

R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2012-1-6 528760]

R3 AMPPAL;Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2012-1-6 24176]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]

S2 Adobe Licensing Console;Adobe Licensing Console;C:\Windows\SysWOW64\adbcnsl.exe [2012-1-7 689492]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-7 652360]

S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-25 2656280]

S3 AMPPALP;Intel® Centrino® Bluetooth 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]

S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\system32\DRIVERS\lgandbus64.sys --> C:\Windows\system32\DRIVERS\lgandbus64.sys [?]

S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\system32\DRIVERS\lganddiag64.sys --> C:\Windows\system32\DRIVERS\lganddiag64.sys [?]

S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\system32\DRIVERS\lgandgps64.sys --> C:\Windows\system32\DRIVERS\lgandgps64.sys [?]

S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\system32\DRIVERS\lgandmodem64.sys --> C:\Windows\system32\DRIVERS\lgandmodem64.sys [?]

S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\lgandadb.sys --> C:\Windows\system32\Drivers\lgandadb.sys [?]

S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]

S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]

S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]

S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?]

S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-02-18 21:33:41 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BD89AB4-2C40-4870-9C4C-1DF0FCDA2B4C}\offreg.dll

2012-02-18 20:59:50 39184 ----a-w- C:\Windows\System32\Partizan.exe

2012-02-18 20:54:26 8602168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BD89AB4-2C40-4870-9C4C-1DF0FCDA2B4C}\mpengine.dll

2012-02-17 06:22:50 -------- d-----w- C:\Users\Guillermo\AppData\Local\{FFFA2FB9-4857-4475-8379-F36343DA5801}

2012-02-15 22:27:06 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-02-15 17:26:32 -------- d-----w- C:\$RECYCLE.BIN

2012-02-15 01:31:33 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-02-15 01:31:33 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

2012-02-15 01:31:30 515584 ----a-w- C:\Windows\System32\timedate.cpl

2012-02-15 01:31:30 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

2012-02-15 01:31:29 498688 ----a-w- C:\Windows\System32\drivers\afd.sys

2012-02-15 01:31:29 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-02-15 01:31:26 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll

2012-02-15 01:31:26 634880 ----a-w- C:\Windows\System32\msvcrt.dll

2012-02-13 21:25:20 -------- d-----w- C:\Users\Guillermo\AppData\Local\CrashDumps

2012-02-13 20:24:38 196224 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll

2012-02-13 20:24:32 -------- d-----w- C:\ProgramData\P4G

2012-02-13 20:24:32 -------- d-----w- C:\Program Files\ASUS

2012-02-12 09:52:49 -------- d-----w- C:\Users\Guillermo\AppData\Local\SWTOR

2012-02-12 08:12:22 81984 ----a-w- C:\Windows\System32\bdod.bin

2012-02-12 06:25:36 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\BitDefender

2012-02-12 06:25:23 -------- d-----w- C:\ProgramData\BitDefender

2012-02-12 06:25:23 -------- d-----w- C:\Program Files\Common Files\BitDefender

2012-02-12 06:25:23 -------- d-----w- C:\Program Files\BitDefender

2012-02-12 06:24:53 -------- d-----w- C:\Program Files (x86)\Common Files\BitDefender

2012-02-12 06:13:46 -------- d-----w- C:\ProgramData\CPA_VA

2012-02-12 06:07:42 -------- d-----w- C:\ProgramData\Comodo

2012-02-12 06:07:39 -------- d-----w- C:\Program Files\COMODO

2012-02-12 06:07:35 -------- d-----w- C:\Program Files (x86)\Comodo

2012-02-11 03:30:33 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare

2012-02-11 01:55:29 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2012-02-11 01:55:14 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E95627E9-6740-4F24-9957-A5715780658E}\gapaengine.dll

2012-02-11 01:41:59 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab

2012-02-10 21:35:59 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\Origin

2012-02-10 21:34:55 -------- d-----w- C:\ProgramData\Origin

2012-02-08 11:51:38 14848 ----a-w- C:\Windows\SysWow64\regsvr32 - Copy.exe

2012-02-08 11:32:42 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\QuickScan

2012-02-08 11:27:04 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys

2012-02-08 11:26:31 -------- d-----w- C:\ProgramData\Hitman Pro

2012-02-08 04:39:27 2 --shatr- C:\Windows\winstart.bat

2012-02-08 04:39:23 -------- d-----w- C:\Program Files (x86)\UnHackMe

2012-02-08 03:28:15 -------- d-----w- C:\Users\Guillermo\AppData\Local\NPE

2012-02-08 03:28:15 -------- d-----w- C:\ProgramData\Norton

2012-02-08 02:57:14 767952 ----a-w- C:\Windows\BDTSupport.dll0227.old

2012-02-08 02:57:13 149456 ----a-w- C:\Windows\SGDetectionTool.dll0227.old

2012-02-08 02:57:12 2246608 ----a-w- C:\Windows\PCTBDCore.dll0227.old

2012-02-08 02:55:43 -------- d-----w- C:\Program Files (x86)\PC Tools

2012-02-08 01:31:22 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys

2012-02-08 01:31:20 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools

2012-02-08 01:29:19 -------- d-----w- C:\ProgramData\PC Tools

2012-02-08 01:29:18 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\TestApp

2012-02-07 06:37:43 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-02-07 06:37:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-02-07 06:36:31 388096 ----a-r- C:\Users\Guillermo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-02-07 01:59:16 -------- d-----w- C:\folder2

2012-02-07 01:59:08 -------- d-----w- C:\folder1

2012-02-05 20:17:46 98816 ----a-w- C:\Windows\sed.exe

2012-02-05 20:17:46 518144 ----a-w- C:\Windows\SWREG.exe

2012-02-05 20:17:46 256000 ----a-w- C:\Windows\PEV.exe

2012-02-05 20:17:46 208896 ----a-w- C:\Windows\MBR.exe

2012-02-04 09:42:13 65736 ----a-w- C:\Windows\System32\drivers\pxrts.sys

2012-02-04 09:42:12 -------- d-----w- C:\Program Files\Prevx

2012-02-04 09:41:56 -------- d-----w- C:\ProgramData\PrevxCSI

2012-02-03 08:10:27 35712 ----a-w- C:\Windows\SysWow64\drivers\BlackBox.sys

2012-02-03 04:17:12 -------- d-----w- C:\ProgramData\Kaspersky Lab

2012-02-03 03:24:35 -------- d-----w- C:\Users\Guillermo\AppData\Local\Sunbelt Software

2012-02-03 00:49:02 -------- d-----w- C:\Program Files (x86)\ESET

2012-02-02 18:35:22 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-02 02:03:35 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys

2012-02-02 01:50:16 -------- d-----w- C:\Program Files (x86)\Lavasoft

2012-02-02 01:46:26 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\SUPERAntiSpyware.com

2012-02-02 01:45:22 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\Malwarebytes

2012-02-02 01:45:07 -------- d-----w- C:\ProgramData\Malwarebytes

2012-02-01 18:06:06 466456 ----a-w- C:\Windows\System32\wrap_oal.dll

2012-02-01 18:06:06 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll

2012-02-01 18:06:06 122904 ----a-w- C:\Windows\System32\OpenAL32.dll

2012-02-01 18:06:06 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll

2012-02-01 18:06:06 -------- d-----w- C:\Program Files (x86)\OpenAL

2012-02-01 18:03:04 -------- d-----w- C:\Users\Guillermo\AppData\Local\2DBoy

2012-02-01 18:03:04 -------- d-----w- C:\ProgramData\2DBoy

2012-02-01 16:25:06 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine

2012-01-31 05:46:14 -------- d-----w- C:\Users\Guillermo\AppData\Local\Programs

2012-01-29 23:59:31 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-01-27 11:43:21 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys

2012-01-27 11:31:52 -------- d-----w- C:\Program Files (x86)\Trend Micro

2012-01-27 07:56:30 -------- d-----w- C:\ProgramData\Soulseek

2012-01-27 07:56:18 -------- d-----w- C:\Program Files (x86)\SoulseekNS

2012-01-27 07:31:41 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-01-27 07:31:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2012-01-26 06:03:56 -------- d-----w- C:\Users\Guillermo\.config

2012-01-25 18:49:25 -------- d-----w- C:\Program Files (x86)\Steam

2012-01-25 07:27:55 -------- d-----w- C:\ProgramData\Age of Empires 3

2012-01-25 07:20:22 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft Games

2012-01-25 07:13:08 -------- d-----w- C:\Program Files (x86)\Microsoft Games

2012-01-23 20:14:07 -------- d-----w- C:\Users\Guillermo\riotsGamesLogs

2012-01-23 19:34:58 -------- d-----w- C:\Games

2012-01-23 19:34:28 -------- d-----w- C:\Users\Guillermo\AppData\Local\Black_Tree_Gaming

2012-01-20 00:59:10 -------- d-----w- C:\Users\Guillermo\AppData\Roaming\com.adobe.kuler.Desktop.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2012-01-20 00:59:09 -------- d-----w- C:\Program Files (x86)\Adobe kuler

2012-01-20 00:35:47 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software

2012-01-19 22:50:31 -------- d---a-w- C:\.Trash-1000

2012-01-19 21:40:30 -------- d-----w- C:\Program Files (x86)\Common Files\AnswerWorks 5.0

.

==================== Find3M ====================

.

2012-02-18 21:11:44 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe

2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-01-18 03:00:46 577824 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys

2012-01-08 23:07:41 2892 ----a-w- C:\Windows\SysWow64\audcon.sys

2012-01-08 21:40:09 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-01-08 21:40:09 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll

2012-01-08 21:40:09 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll

2012-01-08 05:09:32 384 ----a-w- C:\Windows\SysWow64\checkOS.bat

2012-01-07 19:23:35 689492 ----a-w- C:\Windows\SysWow64\adbcnsl.exe

2011-12-20 00:59:18 43248 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys

2011-12-20 00:59:16 22696 ----a-w- C:\Windows\System32\drivers\cmderd.sys

2011-12-20 00:58:58 41200 ----a-w- C:\Windows\System32\cmdcsr.dll

2011-12-20 00:58:56 389840 ----a-w- C:\Windows\System32\guard64.dll

2011-12-20 00:58:56 301224 ----a-w- C:\Windows\SysWow64\guard32.dll

2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll

2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll

2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 15:37:03.32 ===============

[MrCharlie]

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

Click Scan to scan the system (don't run any other options)

Post back the report.

MrC

[Rovot]

RogueKiller V7.1.0 [02/15/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Guillermo [Admin rights]

Mode: Scan -- Date: 02/21/2012 06:02:24

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] stdrt.exe -- C:\Windows\TEMP\mrt6508.tmp\stdrt.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 4 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++

--- User ---

[MBR] e067c16ba6bb3e117d117429a6a915d7

[bSP] 8eff933f8e3bbfe8fbb683dc3ae172a9 : Linux MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 40005 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81931500 | Size: 101736 Mo

2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 290289662 | Size: 335196 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[MrCharlie]

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

[MrCharlie]

edit out, MrC

[Rovot]

13:52:35.0372 5144 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14

13:52:36.0593 5144 ============================================================

13:52:36.0593 5144 Current date / time: 2012/02/21 13:52:36.0593

13:52:36.0593 5144 SystemInfo:

13:52:36.0593 5144

13:52:36.0593 5144 OS Version: 6.1.7601 ServicePack: 1.0

13:52:36.0593 5144 Product type: Workstation

13:52:36.0593 5144 ComputerName: LAPPY

13:52:36.0609 5144 UserName: Guillermo

13:52:36.0609 5144 Windows directory: C:\Windows

13:52:36.0609 5144 System windows directory: C:\Windows

13:52:36.0609 5144 Running under WOW64

13:52:36.0609 5144 Processor architecture: Intel x64

13:52:36.0609 5144 Number of processors: 4

13:52:36.0609 5144 Page size: 0x1000

13:52:36.0609 5144 Boot type: Normal boot

13:52:36.0609 5144 ============================================================

13:52:42.0671 5144 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:52:43.0104 5144 \Device\Harddisk0\DR0:

13:52:43.0254 5144 MBR used

13:52:43.0254 5144 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x4E22CEC, BlocksNum 0xC6B461E

13:52:43.0427 5144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4D8B49, BlocksNum 0xFA574BE

13:52:45.0991 5144 Initialize success

13:52:45.0991 5144 ============================================================

13:53:57.0316 4644 ============================================================

13:53:57.0316 4644 Scan started

13:53:57.0316 4644 Mode: Manual; SigCheck; TDLFS;

13:53:57.0316 4644 ============================================================

13:54:00.0419 4644 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:54:00.0809 4644 1394ohci - ok

13:54:00.0934 4644 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:54:00.0965 4644 ACPI - ok

13:54:01.0043 4644 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:54:01.0215 4644 AcpiPmi - ok

13:54:01.0339 4644 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

13:54:01.0386 4644 adp94xx - ok

13:54:01.0464 4644 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

13:54:01.0495 4644 adpahci - ok

13:54:01.0558 4644 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

13:54:01.0589 4644 adpu320 - ok

13:54:01.0667 4644 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

13:54:01.0776 4644 AFD - ok

13:54:01.0885 4644 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:54:01.0917 4644 agp440 - ok

13:54:01.0979 4644 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:54:02.0010 4644 aliide - ok

13:54:02.0057 4644 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:54:02.0088 4644 amdide - ok

13:54:02.0135 4644 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

13:54:02.0197 4644 AmdK8 - ok

13:54:02.0244 4644 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

13:54:02.0291 4644 AmdPPM - ok

13:54:02.0353 4644 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

13:54:02.0385 4644 amdsata - ok

13:54:02.0463 4644 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

13:54:02.0494 4644 amdsbs - ok

13:54:02.0556 4644 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

13:54:02.0572 4644 amdxata - ok

13:54:02.0650 4644 AMPPAL (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys

13:54:02.0775 4644 AMPPAL - ok

13:54:02.0884 4644 AMPPALP (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys

13:54:02.0899 4644 AMPPALP - ok

13:54:03.0009 4644 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys

13:54:03.0102 4644 Andbus - ok

13:54:03.0211 4644 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys

13:54:03.0274 4644 AndDiag - ok

13:54:03.0336 4644 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys

13:54:03.0383 4644 AndGps - ok

13:54:03.0461 4644 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys

13:54:03.0539 4644 ANDModem - ok

13:54:03.0648 4644 androidusb (9c1751b2e733471ae07561028b7d2a9b) C:\Windows\system32\Drivers\lgandadb.sys

13:54:03.0695 4644 androidusb - ok

13:54:03.0789 4644 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:54:03.0991 4644 AppID - ok

13:54:04.0163 4644 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

13:54:04.0194 4644 arc - ok

13:54:04.0272 4644 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

13:54:04.0303 4644 arcsas - ok

13:54:04.0397 4644 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

13:54:04.0459 4644 ASMMAP64 - ok

13:54:04.0569 4644 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:54:04.0709 4644 AsyncMac - ok

13:54:04.0771 4644 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:54:04.0803 4644 atapi - ok

13:54:04.0912 4644 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys

13:54:05.0052 4644 athr - ok

13:54:05.0146 4644 ATKWMIACPIIO (ac31727f9946e9009480708e4d1b9986) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

13:54:05.0161 4644 ATKWMIACPIIO - ok

13:54:05.0302 4644 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

13:54:05.0380 4644 b06bdrv - ok

13:54:05.0473 4644 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:54:05.0520 4644 b57nd60a - ok

13:54:05.0645 4644 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:54:05.0723 4644 Beep - ok

13:54:05.0817 4644 BlackBox - ok

13:54:05.0879 4644 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:54:05.0926 4644 blbdrive - ok

13:54:06.0004 4644 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:54:06.0082 4644 bowser - ok

13:54:06.0191 4644 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

13:54:06.0238 4644 BrFiltLo - ok

13:54:06.0285 4644 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

13:54:06.0316 4644 BrFiltUp - ok

13:54:06.0425 4644 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

13:54:06.0519 4644 BridgeMP - ok

13:54:06.0628 4644 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:54:06.0706 4644 Brserid - ok

13:54:06.0799 4644 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:54:06.0846 4644 BrSerWdm - ok

13:54:06.0877 4644 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:54:06.0924 4644 BrUsbMdm - ok

13:54:06.0971 4644 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:54:07.0002 4644 BrUsbSer - ok

13:54:07.0080 4644 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

13:54:07.0158 4644 BthEnum - ok

13:54:07.0267 4644 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

13:54:07.0314 4644 BTHMODEM - ok

13:54:07.0361 4644 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

13:54:07.0423 4644 BthPan - ok

13:54:07.0501 4644 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

13:54:07.0579 4644 BTHPORT - ok

13:54:07.0689 4644 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

13:54:07.0720 4644 BTHUSB - ok

13:54:07.0782 4644 btmaux (270fba230e78e25726d065a924589a72) C:\Windows\system32\DRIVERS\btmaux.sys

13:54:07.0845 4644 btmaux - ok

13:54:07.0938 4644 btmhsf (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys

13:54:08.0001 4644 btmhsf - ok

13:54:08.0032 4644 catchme - ok

13:54:08.0125 4644 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:54:08.0203 4644 cdfs - ok

13:54:08.0313 4644 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

13:54:08.0359 4644 cdrom - ok

13:54:08.0469 4644 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

13:54:08.0515 4644 circlass - ok

13:54:08.0578 4644 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:54:08.0593 4644 CLFS - ok

13:54:08.0703 4644 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

13:54:08.0749 4644 CmBatt - ok

13:54:08.0827 4644 cmdGuard (755f1e440b6c90d83fe3e50331e55298) C:\Windows\system32\DRIVERS\cmdguard.sys

13:54:08.0890 4644 cmdGuard - ok

13:54:08.0952 4644 cmdHlp (4b5b1688ab86ebced4bef8d337e9a722) C:\Windows\system32\DRIVERS\cmdhlp.sys

13:54:08.0968 4644 cmdHlp - ok

13:54:09.0030 4644 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:54:09.0046 4644 cmdide - ok

13:54:09.0124 4644 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

13:54:09.0217 4644 CNG - ok

13:54:09.0311 4644 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

13:54:09.0327 4644 Compbatt - ok

13:54:09.0373 4644 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

13:54:09.0405 4644 CompositeBus - ok

13:54:09.0498 4644 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

13:54:09.0514 4644 crcdisk - ok

13:54:09.0607 4644 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:54:09.0670 4644 DfsC - ok

13:54:09.0685 4644 DIRECTIO - ok

13:54:09.0717 4644 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:54:09.0795 4644 discache - ok

13:54:09.0857 4644 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

13:54:09.0888 4644 Disk - ok

13:54:09.0982 4644 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:54:10.0013 4644 drmkaud - ok

13:54:10.0075 4644 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:54:10.0122 4644 DXGKrnl - ok

13:54:10.0278 4644 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

13:54:10.0403 4644 ebdrv - ok

13:54:10.0512 4644 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys

13:54:10.0528 4644 ElbyCDIO - ok

13:54:10.0621 4644 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

13:54:10.0668 4644 elxstor - ok

13:54:10.0699 4644 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:54:10.0762 4644 ErrDev - ok

13:54:10.0887 4644 ETD (871ab1bfa00eca5dfde99d6eece1bfd4) C:\Windows\system32\DRIVERS\ETD.sys

13:54:10.0918 4644 ETD - ok

13:54:11.0011 4644 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:54:11.0089 4644 exfat - ok

13:54:11.0136 4644 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:54:11.0183 4644 fastfat - ok

13:54:11.0245 4644 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

13:54:11.0292 4644 fdc - ok

13:54:11.0370 4644 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:54:11.0401 4644 FileInfo - ok

13:54:11.0448 4644 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:54:11.0526 4644 Filetrace - ok

13:54:11.0573 4644 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

13:54:11.0604 4644 flpydisk - ok

13:54:11.0667 4644 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:54:11.0698 4644 FltMgr - ok

13:54:11.0745 4644 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:54:11.0776 4644 FsDepends - ok

13:54:11.0854 4644 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

13:54:11.0869 4644 fssfltr - ok

13:54:11.0932 4644 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

13:54:11.0963 4644 Fs_Rec - ok

13:54:12.0010 4644 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:54:12.0041 4644 fvevol - ok

13:54:12.0088 4644 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

13:54:12.0119 4644 gagp30kx - ok

13:54:12.0166 4644 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:54:12.0228 4644 hcw85cir - ok

13:54:12.0337 4644 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

13:54:12.0415 4644 HdAudAddService - ok

13:54:12.0525 4644 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

13:54:12.0556 4644 HDAudBus - ok

13:54:12.0603 4644 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

13:54:12.0634 4644 HidBatt - ok

13:54:12.0649 4644 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

13:54:12.0681 4644 HidBth - ok

13:54:12.0774 4644 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

13:54:12.0821 4644 HidIr - ok

13:54:12.0915 4644 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

13:54:12.0961 4644 HidUsb - ok

13:54:13.0039 4644 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:54:13.0055 4644 HpSAMD - ok

13:54:13.0149 4644 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:54:13.0227 4644 HTTP - ok

13:54:13.0273 4644 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:54:13.0273 4644 hwpolicy - ok

13:54:13.0336 4644 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

13:54:13.0351 4644 i8042prt - ok

13:54:13.0429 4644 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys

13:54:13.0461 4644 iaStor - ok

13:54:13.0539 4644 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:54:13.0570 4644 iaStorV - ok

13:54:13.0632 4644 iBtFltCoex (de9e40baee2e48fd1e3eb423074c014c) C:\Windows\system32\DRIVERS\iBtFltCoex.sys

13:54:13.0663 4644 iBtFltCoex - ok

13:54:14.0101 4644 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys

13:54:14.0470 4644 igfx - ok

13:54:14.0576 4644 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

13:54:14.0597 4644 iirsp - ok

13:54:14.0657 4644 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys

13:54:14.0682 4644 inspect - ok

13:54:14.0741 4644 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys

13:54:14.0763 4644 intaud_WaveExtensible - ok

13:54:14.0920 4644 IntcAzAudAddService (02c93ebaa4421418411448fe7fdfd815) C:\Windows\system32\drivers\RTKVHD64.sys

13:54:15.0028 4644 IntcAzAudAddService - ok

13:54:15.0109 4644 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys

13:54:15.0152 4644 IntcDAud - ok

13:54:15.0212 4644 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:54:15.0234 4644 intelide - ok

13:54:15.0295 4644 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:54:15.0338 4644 intelppm - ok

13:54:15.0393 4644 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:54:15.0456 4644 IpFilterDriver - ok

13:54:15.0500 4644 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:54:15.0547 4644 IPMIDRV - ok

13:54:15.0595 4644 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:54:15.0645 4644 IPNAT - ok

13:54:15.0695 4644 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:54:15.0772 4644 IRENUM - ok

13:54:15.0866 4644 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:54:15.0897 4644 isapnp - ok

13:54:15.0944 4644 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:54:15.0975 4644 iScsiPrt - ok

13:54:16.0022 4644 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys

13:54:16.0037 4644 iwdbus - ok

13:54:16.0100 4644 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

13:54:16.0131 4644 kbdclass - ok

13:54:16.0178 4644 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

13:54:16.0240 4644 kbdhid - ok

13:54:16.0349 4644 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

13:54:16.0365 4644 kbfiltr - ok

13:54:16.0427 4644 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

13:54:16.0459 4644 KSecDD - ok

13:54:16.0505 4644 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

13:54:16.0521 4644 KSecPkg - ok

13:54:16.0599 4644 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:54:16.0661 4644 ksthunk - ok

13:54:16.0755 4644 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys

13:54:16.0786 4644 L1C - ok

13:54:16.0880 4644 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:54:16.0942 4644 lltdio - ok

13:54:17.0051 4644 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

13:54:17.0083 4644 LSI_FC - ok

13:54:17.0114 4644 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

13:54:17.0145 4644 LSI_SAS - ok

13:54:17.0207 4644 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

13:54:17.0239 4644 LSI_SAS2 - ok

13:54:17.0285 4644 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

13:54:17.0317 4644 LSI_SCSI - ok

13:54:17.0379 4644 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:54:17.0410 4644 luafv - ok

13:54:17.0519 4644 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

13:54:17.0551 4644 MBAMProtector - ok

13:54:17.0613 4644 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

13:54:17.0629 4644 megasas - ok

13:54:17.0691 4644 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

13:54:17.0722 4644 MegaSR - ok

13:54:17.0800 4644 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

13:54:17.0816 4644 MEIx64 - ok

13:54:17.0894 4644 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:54:17.0972 4644 Modem - ok

13:54:18.0034 4644 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:54:18.0081 4644 monitor - ok

13:54:18.0143 4644 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

13:54:18.0159 4644 mouclass - ok

13:54:18.0206 4644 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:54:18.0253 4644 mouhid - ok

13:54:18.0299 4644 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:54:18.0331 4644 mountmgr - ok

13:54:18.0393 4644 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys

13:54:18.0424 4644 MpFilter - ok

13:54:18.0502 4644 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:54:18.0518 4644 mpio - ok

13:54:18.0596 4644 MpKsl4854c672 - ok

13:54:18.0674 4644 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys

13:54:18.0674 4644 MpNWMon - ok

13:54:18.0736 4644 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:54:18.0767 4644 mpsdrv - ok

13:54:18.0814 4644 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:54:18.0877 4644 MRxDAV - ok

13:54:18.0939 4644 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:54:19.0001 4644 mrxsmb - ok

13:54:19.0064 4644 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:54:19.0111 4644 mrxsmb10 - ok

13:54:19.0142 4644 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:54:19.0173 4644 mrxsmb20 - ok

13:54:19.0235 4644 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:54:19.0251 4644 msahci - ok

13:54:19.0298 4644 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:54:19.0313 4644 msdsm - ok

13:54:19.0376 4644 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:54:19.0438 4644 Msfs - ok

13:54:19.0469 4644 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:54:19.0547 4644 mshidkmdf - ok

13:54:19.0594 4644 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:54:19.0610 4644 msisadrv - ok

13:54:19.0657 4644 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:54:19.0719 4644 MSKSSRV - ok

13:54:19.0797 4644 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:54:19.0859 4644 MSPCLOCK - ok

13:54:19.0891 4644 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:54:19.0953 4644 MSPQM - ok

13:54:20.0015 4644 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:54:20.0047 4644 MsRPC - ok

13:54:20.0093 4644 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

13:54:20.0109 4644 mssmbios - ok

13:54:20.0171 4644 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:54:20.0234 4644 MSTEE - ok

13:54:20.0281 4644 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

13:54:20.0312 4644 MTConfig - ok

13:54:20.0359 4644 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:54:20.0374 4644 Mup - ok

13:54:20.0515 4644 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:54:20.0561 4644 NativeWifiP - ok

13:54:20.0671 4644 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

13:54:20.0749 4644 NDIS - ok

13:54:20.0811 4644 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:54:20.0873 4644 NdisCap - ok

13:54:20.0920 4644 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:54:21.0014 4644 NdisTapi - ok

13:54:21.0045 4644 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:54:21.0123 4644 Ndisuio - ok

13:54:21.0185 4644 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:54:21.0279 4644 NdisWan - ok

13:54:21.0310 4644 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:54:21.0373 4644 NDProxy - ok

13:54:21.0419 4644 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:54:21.0482 4644 NetBIOS - ok

13:54:21.0529 4644 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:54:21.0591 4644 NetBT - ok

13:54:21.0794 4644 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys

13:54:22.0043 4644 NETwNs64 - ok

13:54:22.0137 4644 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

13:54:22.0153 4644 nfrd960 - ok

13:54:22.0215 4644 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

13:54:22.0231 4644 NisDrv - ok

13:54:22.0309 4644 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:54:22.0402 4644 Npfs - ok

13:54:22.0496 4644 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:54:22.0558 4644 nsiproxy - ok

13:54:22.0667 4644 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:54:22.0745 4644 Ntfs - ok

13:54:22.0808 4644 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:54:22.0886 4644 Null - ok

13:54:22.0995 4644 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:54:23.0026 4644 nvraid - ok

13:54:23.0057 4644 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:54:23.0073 4644 nvstor - ok

13:54:23.0151 4644 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:54:23.0167 4644 nv_agp - ok

13:54:23.0213 4644 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:54:23.0229 4644 ohci1394 - ok

13:54:23.0291 4644 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

13:54:23.0307 4644 Parport - ok

13:54:23.0401 4644 Partizan - ok

13:54:23.0463 4644 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

13:54:23.0479 4644 partmgr - ok

13:54:23.0525 4644 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:54:23.0557 4644 pci - ok

13:54:23.0603 4644 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:54:23.0619 4644 pciide - ok

13:54:23.0666 4644 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

13:54:23.0681 4644 pcmcia - ok

13:54:23.0728 4644 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:54:23.0744 4644 pcw - ok

13:54:23.0806 4644 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:54:23.0869 4644 PEAUTH - ok

13:54:23.0993 4644 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:54:24.0056 4644 PptpMiniport - ok

13:54:24.0118 4644 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

13:54:24.0165 4644 Processor - ok

13:54:24.0274 4644 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:54:24.0352 4644 Psched - ok

13:54:24.0493 4644 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

13:54:24.0586 4644 ql2300 - ok

13:54:24.0633 4644 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

13:54:24.0649 4644 ql40xx - ok

13:54:24.0695 4644 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:54:24.0742 4644 QWAVEdrv - ok

13:54:24.0789 4644 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:54:24.0851 4644 RasAcd - ok

13:54:24.0945 4644 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:54:24.0992 4644 RasAgileVpn - ok

13:54:25.0039 4644 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:54:25.0101 4644 Rasl2tp - ok

13:54:25.0163 4644 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:54:25.0226 4644 RasPppoe - ok

13:54:25.0288 4644 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:54:25.0351 4644 RasSstp - ok

13:54:25.0382 4644 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:54:25.0475 4644 rdbss - ok

13:54:25.0507 4644 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

13:54:25.0522 4644 rdpbus - ok

13:54:25.0585 4644 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:54:25.0647 4644 RDPCDD - ok

13:54:25.0678 4644 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:54:25.0756 4644 RDPENCDD - ok

13:54:25.0834 4644 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:54:25.0881 4644 RDPREFMP - ok

13:54:25.0928 4644 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

13:54:25.0959 4644 RDPWD - ok

13:54:26.0006 4644 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:54:26.0037 4644 rdyboost - ok

13:54:26.0100 4644 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

13:54:26.0146 4644 RFCOMM - ok

13:54:26.0256 4644 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:54:26.0349 4644 rspndr - ok

13:54:26.0396 4644 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:54:26.0427 4644 sbp2port - ok

13:54:26.0490 4644 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:54:26.0583 4644 scfilter - ok

13:54:26.0630 4644 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:54:26.0708 4644 secdrv - ok

13:54:26.0755 4644 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

13:54:26.0802 4644 Serenum - ok

13:54:26.0880 4644 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

13:54:26.0911 4644 Serial - ok

13:54:26.0973 4644 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

13:54:27.0020 4644 sermouse - ok

13:54:27.0082 4644 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

13:54:27.0145 4644 sffdisk - ok

13:54:27.0223 4644 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:54:27.0254 4644 sffp_mmc - ok

13:54:27.0270 4644 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

13:54:27.0301 4644 sffp_sd - ok

13:54:27.0348 4644 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

13:54:27.0379 4644 sfloppy - ok

13:54:27.0457 4644 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

13:54:27.0519 4644 SiSGbeLH - ok

13:54:27.0582 4644 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

13:54:27.0597 4644 SiSRaid2 - ok

13:54:27.0660 4644 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

13:54:27.0691 4644 SiSRaid4 - ok

13:54:27.0753 4644 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:54:27.0816 4644 Smb - ok

13:54:27.0972 4644 SNP2UVC (c98375d19f9e9966f6201bae65fb3728) C:\Windows\system32\DRIVERS\snp2uvc.sys

13:54:28.0065 4644 SNP2UVC - ok

13:54:28.0174 4644 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:54:28.0206 4644 spldr - ok

13:54:28.0268 4644 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:54:28.0330 4644 srv - ok

13:54:28.0408 4644 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:54:28.0455 4644 srv2 - ok

13:54:28.0518 4644 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:54:28.0564 4644 srvnet - ok

13:54:28.0674 4644 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

13:54:28.0705 4644 stexstor - ok

13:54:28.0767 4644 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

13:54:28.0783 4644 swenum - ok

13:54:28.0939 4644 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

13:54:29.0001 4644 Tcpip - ok

13:54:29.0110 4644 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

13:54:29.0157 4644 TCPIP6 - ok

13:54:29.0204 4644 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:54:29.0266 4644 tcpipreg - ok

13:54:29.0344 4644 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:54:29.0407 4644 TDPIPE - ok

13:54:29.0454 4644 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

13:54:29.0532 4644 TDTCP - ok

13:54:29.0594 4644 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:54:29.0641 4644 tdx - ok

13:54:29.0688 4644 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

13:54:29.0719 4644 TermDD - ok

13:54:29.0828 4644 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:54:29.0906 4644 tssecsrv - ok

13:54:29.0968 4644 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:54:30.0015 4644 TsUsbFlt - ok

13:54:30.0062 4644 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

13:54:30.0109 4644 TsUsbGD - ok

13:54:30.0171 4644 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:54:30.0249 4644 tunnel - ok

13:54:30.0280 4644 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

13:54:30.0296 4644 uagp35 - ok

13:54:30.0343 4644 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:54:30.0405 4644 udfs - ok

13:54:30.0452 4644 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:54:30.0483 4644 uliagpkx - ok

13:54:30.0530 4644 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

13:54:30.0577 4644 umbus - ok

13:54:30.0624 4644 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

13:54:30.0670 4644 UmPass - ok

13:54:30.0748 4644 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:54:30.0795 4644 usbccgp - ok

13:54:30.0889 4644 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:54:30.0920 4644 usbcir - ok

13:54:30.0967 4644 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

13:54:30.0998 4644 usbehci - ok

13:54:31.0060 4644 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:54:31.0123 4644 usbhub - ok

13:54:31.0170 4644 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

13:54:31.0216 4644 usbohci - ok

13:54:31.0263 4644 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

13:54:31.0310 4644 usbprint - ok

13:54:31.0357 4644 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:54:31.0450 4644 USBSTOR - ok

13:54:31.0528 4644 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

13:54:31.0575 4644 usbuhci - ok

13:54:31.0638 4644 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

13:54:31.0669 4644 usbvideo - ok

13:54:31.0747 4644 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys

13:54:31.0794 4644 VClone - ok

13:54:31.0872 4644 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:54:31.0903 4644 vdrvroot - ok

13:54:31.0965 4644 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:54:31.0996 4644 vga - ok

13:54:32.0059 4644 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:54:32.0137 4644 VgaSave - ok

13:54:32.0184 4644 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:54:32.0215 4644 vhdmp - ok

13:54:32.0246 4644 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:54:32.0293 4644 viaide - ok

13:54:32.0340 4644 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:54:32.0371 4644 volmgr - ok

13:54:32.0402 4644 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:54:32.0433 4644 volmgrx - ok

13:54:32.0480 4644 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:54:32.0496 4644 volsnap - ok

13:54:32.0542 4644 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

13:54:32.0574 4644 vsmraid - ok

13:54:32.0620 4644 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

13:54:32.0667 4644 vwifibus - ok

13:54:32.0714 4644 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

13:54:32.0761 4644 vwififlt - ok

13:54:32.0808 4644 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

13:54:32.0854 4644 vwifimp - ok

13:54:32.0932 4644 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys

13:54:32.0964 4644 wacommousefilter - ok

13:54:33.0010 4644 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

13:54:33.0026 4644 WacomPen - ok

13:54:33.0088 4644 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys

13:54:33.0104 4644 wacomvhid - ok

13:54:33.0166 4644 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:54:33.0244 4644 WANARP - ok

13:54:33.0244 4644 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:54:33.0276 4644 Wanarpv6 - ok

13:54:33.0338 4644 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

13:54:33.0354 4644 Wd - ok

13:54:33.0416 4644 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:54:33.0478 4644 Wdf01000 - ok

13:54:33.0541 4644 wdkmd (63ce387483e74a0bd79ee4e5eba1fd2e) C:\Windows\system32\DRIVERS\WDKMD.sys

13:54:33.0541 4644 wdkmd - ok

13:54:33.0619 4644 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:54:33.0666 4644 WfpLwf - ok

13:54:33.0728 4644 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

13:54:33.0759 4644 WimFltr - ok

13:54:33.0806 4644 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:54:33.0822 4644 WIMMount - ok

13:54:33.0931 4644 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

13:54:33.0978 4644 WinUsb - ok

13:54:34.0071 4644 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

13:54:34.0102 4644 WmiAcpi - ok

13:54:34.0165 4644 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:54:34.0227 4644 ws2ifsl - ok

13:54:34.0274 4644 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:54:34.0336 4644 WudfPf - ok

13:54:34.0399 4644 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:54:34.0477 4644 WUDFRd - ok

13:54:34.0539 4644 MBR (0x1B8) (8e734bd7aa1d4f7e9af58df495f6cf9e) \Device\Harddisk0\DR0

13:54:34.0695 4644 \Device\Harddisk0\DR0 - ok

13:54:34.0742 4644 Boot (0x1200) (095f797b23af9d5c9e30b8a222f9ea25) \Device\Harddisk0\DR0\Partition0

13:54:34.0742 4644 \Device\Harddisk0\DR0\Partition0 - ok

13:54:34.0758 4644 Boot (0x1200) (4b1e91fb7213bd93cfe161c5a8e85848) \Device\Harddisk0\DR0\Partition1

13:54:34.0758 4644 \Device\Harddisk0\DR0\Partition1 - ok

13:54:34.0758 4644 ============================================================

13:54:34.0758 4644 Scan finished

13:54:34.0758 4644 ============================================================

13:54:34.0789 3004 Detected object count: 0

13:54:34.0789 3004 Actual detected object count: 0

16:00:46.0230 1380 ============================================================

16:00:46.0230 1380 Scan started

16:00:46.0230 1380 Mode: Manual; SigCheck; TDLFS;

16:00:46.0230 1380 ============================================================

16:00:47.0490 1380 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

16:00:47.0506 1380 1394ohci - ok

16:00:47.0553 1380 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

16:00:47.0563 1380 ACPI - ok

16:00:47.0606 1380 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

16:00:47.0618 1380 AcpiPmi - ok

16:00:47.0692 1380 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

16:00:47.0704 1380 adp94xx - ok

16:00:47.0750 1380 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

16:00:47.0760 1380 adpahci - ok

16:00:47.0816 1380 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

16:00:47.0824 1380 adpu320 - ok

16:00:47.0898 1380 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

16:00:47.0910 1380 AFD - ok

16:00:47.0969 1380 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

16:00:47.0975 1380 agp440 - ok

16:00:48.0016 1380 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

16:00:48.0023 1380 aliide - ok

16:00:48.0066 1380 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

16:00:48.0072 1380 amdide - ok

16:00:48.0126 1380 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

16:00:48.0135 1380 AmdK8 - ok

16:00:48.0181 1380 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

16:00:48.0191 1380 AmdPPM - ok

16:00:48.0245 1380 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

16:00:48.0252 1380 amdsata - ok

16:00:48.0307 1380 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

16:00:48.0315 1380 amdsbs - ok

16:00:48.0369 1380 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

16:00:48.0376 1380 amdxata - ok

16:00:48.0433 1380 AMPPAL (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys

16:00:48.0443 1380 AMPPAL - ok

16:00:48.0488 1380 AMPPALP (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys

16:00:48.0497 1380 AMPPALP - ok

16:00:48.0543 1380 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys

16:00:48.0550 1380 Andbus - ok

16:00:48.0598 1380 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys

16:00:48.0605 1380 AndDiag - ok

16:00:48.0654 1380 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys

16:00:48.0660 1380 AndGps - ok

16:00:48.0716 1380 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys

16:00:48.0723 1380 ANDModem - ok

16:00:48.0782 1380 androidusb (9c1751b2e733471ae07561028b7d2a9b) C:\Windows\system32\Drivers\lgandadb.sys

16:00:48.0790 1380 androidusb - ok

16:00:48.0851 1380 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

16:00:48.0876 1380 AppID - ok

16:00:48.0941 1380 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

16:00:48.0948 1380 arc - ok

16:00:48.0986 1380 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

16:00:48.0995 1380 arcsas - ok

16:00:49.0054 1380 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

16:00:49.0062 1380 ASMMAP64 - ok

16:00:49.0138 1380 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:00:49.0165 1380 AsyncMac - ok

16:00:49.0220 1380 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

16:00:49.0227 1380 atapi - ok

16:00:49.0300 1380 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys

16:00:49.0321 1380 athr - ok

16:00:49.0390 1380 ATKWMIACPIIO (ac31727f9946e9009480708e4d1b9986) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

16:00:49.0396 1380 ATKWMIACPIIO - ok

16:00:49.0502 1380 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

16:00:49.0514 1380 b06bdrv - ok

16:00:49.0559 1380 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:00:49.0570 1380 b57nd60a - ok

16:00:49.0612 1380 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:00:49.0638 1380 Beep - ok

16:00:49.0679 1380 BlackBox - ok

16:00:49.0725 1380 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:00:49.0735 1380 blbdrive - ok

16:00:49.0805 1380 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

16:00:49.0813 1380 bowser - ok

16:00:49.0873 1380 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

16:00:49.0884 1380 BrFiltLo - ok

16:00:49.0921 1380 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

16:00:49.0932 1380 BrFiltUp - ok

16:00:49.0982 1380 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

16:00:50.0009 1380 BridgeMP - ok

16:00:50.0112 1380 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:00:50.0123 1380 Brserid - ok

16:00:50.0166 1380 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:00:50.0177 1380 BrSerWdm - ok

16:00:50.0218 1380 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:00:50.0229 1380 BrUsbMdm - ok

16:00:50.0264 1380 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:00:50.0273 1380 BrUsbSer - ok

16:00:50.0320 1380 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

16:00:50.0328 1380 BthEnum - ok

16:00:50.0379 1380 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

16:00:50.0390 1380 BTHMODEM - ok

16:00:50.0427 1380 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

16:00:50.0438 1380 BthPan - ok

16:00:50.0501 1380 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

16:00:50.0514 1380 BTHPORT - ok

16:00:50.0561 1380 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

16:00:50.0569 1380 BTHUSB - ok

16:00:50.0617 1380 btmaux (270fba230e78e25726d065a924589a72) C:\Windows\system32\DRIVERS\btmaux.sys

16:00:50.0626 1380 btmaux - ok

16:00:50.0689 1380 btmhsf (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys

16:00:50.0698 1380 btmhsf - ok

16:00:50.0701 1380 catchme - ok

16:00:50.0758 1380 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:00:50.0785 1380 cdfs - ok

16:00:50.0849 1380 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

16:00:50.0859 1380 cdrom - ok

16:00:50.0903 1380 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

16:00:50.0914 1380 circlass - ok

16:00:50.0961 1380 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:00:50.0971 1380 CLFS - ok

16:00:51.0055 1380 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:00:51.0064 1380 CmBatt - ok

16:00:51.0107 1380 cmdGuard (755f1e440b6c90d83fe3e50331e55298) C:\Windows\system32\DRIVERS\cmdguard.sys

16:00:51.0121 1380 cmdGuard - ok

16:00:51.0164 1380 cmdHlp (4b5b1688ab86ebced4bef8d337e9a722) C:\Windows\system32\DRIVERS\cmdhlp.sys

16:00:51.0170 1380 cmdHlp - ok

16:00:51.0219 1380 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

16:00:51.0226 1380 cmdide - ok

16:00:51.0285 1380 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

16:00:51.0300 1380 CNG - ok

16:00:51.0349 1380 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

16:00:51.0356 1380 Compbatt - ok

16:00:51.0397 1380 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

16:00:51.0408 1380 CompositeBus - ok

16:00:51.0454 1380 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

16:00:51.0461 1380 crcdisk - ok

16:00:51.0569 1380 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

16:00:51.0595 1380 DfsC - ok

16:00:51.0600 1380 DIRECTIO - ok

16:00:51.0636 1380 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:00:51.0663 1380 discache - ok

16:00:51.0709 1380 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

16:00:51.0716 1380 Disk - ok

16:00:51.0760 1380 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:00:51.0770 1380 drmkaud - ok

16:00:51.0828 1380 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

16:00:51.0857 1380 DXGKrnl - ok

16:00:51.0964 1380 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

16:00:52.0000 1380 ebdrv - ok

16:00:52.0067 1380 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys

16:00:52.0075 1380 ElbyCDIO - ok

16:00:52.0141 1380 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

16:00:52.0153 1380 elxstor - ok

16:00:52.0204 1380 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

16:00:52.0213 1380 ErrDev - ok

16:00:52.0269 1380 ETD (871ab1bfa00eca5dfde99d6eece1bfd4) C:\Windows\system32\DRIVERS\ETD.sys

16:00:52.0278 1380 ETD - ok

16:00:52.0388 1380 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:00:52.0416 1380 exfat - ok

16:00:52.0466 1380 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:00:52.0494 1380 fastfat - ok

16:00:52.0541 1380 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

16:00:52.0553 1380 fdc - ok

16:00:52.0662 1380 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:00:52.0670 1380 FileInfo - ok

16:00:52.0710 1380 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:00:52.0736 1380 Filetrace - ok

16:00:52.0794 1380 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

16:00:52.0803 1380 flpydisk - ok

16:00:52.0858 1380 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

16:00:52.0867 1380 FltMgr - ok

16:00:52.0917 1380 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:00:52.0924 1380 FsDepends - ok

16:00:52.0971 1380 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

16:00:52.0978 1380 fssfltr - ok

16:00:53.0032 1380 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

16:00:53.0039 1380 Fs_Rec - ok

16:00:53.0080 1380 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:00:53.0090 1380 fvevol - ok

16:00:53.0137 1380 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

16:00:53.0145 1380 gagp30kx - ok

16:00:53.0189 1380 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:00:53.0198 1380 hcw85cir - ok

16:00:53.0240 1380 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

16:00:53.0254 1380 HdAudAddService - ok

16:00:53.0298 1380 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

16:00:53.0310 1380 HDAudBus - ok

16:00:53.0400 1380 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

16:00:53.0409 1380 HidBatt - ok

16:00:53.0446 1380 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

16:00:53.0457 1380 HidBth - ok

16:00:53.0490 1380 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

16:00:53.0502 1380 HidIr - ok

16:00:53.0537 1380 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

16:00:53.0546 1380 HidUsb - ok

16:00:53.0595 1380 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

16:00:53.0603 1380 HpSAMD - ok

16:00:53.0653 1380 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

16:00:53.0685 1380 HTTP - ok

16:00:53.0734 1380 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

16:00:53.0741 1380 hwpolicy - ok

16:00:53.0786 1380 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

16:00:53.0795 1380 i8042prt - ok

16:00:53.0893 1380 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys

16:00:53.0906 1380 iaStor - ok

16:00:53.0967 1380 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

16:00:53.0978 1380 iaStorV - ok

16:00:54.0036 1380 iBtFltCoex (de9e40baee2e48fd1e3eb423074c014c) C:\Windows\system32\DRIVERS\iBtFltCoex.sys

16:00:54.0044 1380 iBtFltCoex - ok

16:00:54.0325 1380 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys

16:00:54.0437 1380 igfx - ok

16:00:54.0503 1380 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

16:00:54.0510 1380 iirsp - ok

16:00:54.0562 1380 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys

16:00:54.0569 1380 inspect - ok

16:00:54.0624 1380 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys

16:00:54.0631 1380 intaud_WaveExtensible - ok

16:00:54.0715 1380 IntcAzAudAddService (02c93ebaa4421418411448fe7fdfd815) C:\Windows\system32\drivers\RTKVHD64.sys

16:00:54.0762 1380 IntcAzAudAddService - ok

16:00:54.0809 1380 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys

16:00:54.0824 1380 IntcDAud - ok

16:00:54.0887 1380 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

16:00:54.0902 1380 intelide - ok

16:00:54.0934 1380 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:00:54.0949 1380 intelppm - ok

16:00:54.0996 1380 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:00:55.0012 1380 IpFilterDriver - ok

16:00:55.0058 1380 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

16:00:55.0058 1380 IPMIDRV - ok

16:00:55.0105 1380 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:00:55.0121 1380 IPNAT - ok

16:00:55.0168 1380 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:00:55.0183 1380 IRENUM - ok

16:00:55.0230 1380 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

16:00:55.0246 1380 isapnp - ok

16:00:55.0308 1380 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

16:00:55.0308 1380 iScsiPrt - ok

16:00:55.0355 1380 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys

16:00:55.0370 1380 iwdbus - ok

16:00:55.0417 1380 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

16:00:55.0417 1380 kbdclass - ok

16:00:55.0464 1380 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

16:00:55.0464 1380 kbdhid - ok

16:00:55.0526 1380 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

16:00:55.0558 1380 kbfiltr - ok

16:00:55.0651 1380 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

16:00:55.0651 1380 KSecDD - ok

16:00:55.0698 1380 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

16:00:55.0698 1380 KSecPkg - ok

16:00:55.0760 1380 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:00:55.0792 1380 ksthunk - ok

16:00:55.0854 1380 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys

16:00:55.0870 1380 L1C - ok

16:00:55.0932 1380 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:00:55.0963 1380 lltdio - ok

16:00:56.0026 1380 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

16:00:56.0041 1380 LSI_FC - ok

16:00:56.0088 1380 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

16:00:56.0088 1380 LSI_SAS - ok

16:00:56.0213 1380 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

16:00:56.0213 1380 LSI_SAS2 - ok

16:00:56.0260 1380 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

16:00:56.0275 1380 LSI_SCSI - ok

16:00:56.0322 1380 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:00:56.0353 1380 luafv - ok

16:00:56.0431 1380 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

16:00:56.0431 1380 MBAMProtector - ok

16:00:56.0509 1380 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

16:00:56.0525 1380 megasas - ok

16:00:56.0572 1380 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

16:00:56.0572 1380 MegaSR - ok

16:00:56.0634 1380 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

16:00:56.0650 1380 MEIx64 - ok

16:00:56.0696 1380 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:00:56.0728 1380 Modem - ok

16:00:56.0759 1380 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:00:56.0774 1380 monitor - ok

16:00:56.0806 1380 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:00:56.0806 1380 mouclass - ok

16:00:56.0884 1380 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:00:56.0899 1380 mouhid - ok

16:00:56.0962 1380 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

16:00:56.0962 1380 mountmgr - ok

16:00:57.0024 1380 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys

16:00:57.0024 1380 MpFilter - ok

16:00:57.0086 1380 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

16:00:57.0102 1380 mpio - ok

16:00:57.0149 1380 MpKsl4854c672 - ok

16:00:57.0227 1380 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys

16:00:57.0227 1380 MpNWMon - ok

16:00:57.0289 1380 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:00:57.0320 1380 mpsdrv - ok

16:00:57.0398 1380 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

16:00:57.0414 1380 MRxDAV - ok

16:00:57.0476 1380 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:00:57.0476 1380 mrxsmb - ok

16:00:57.0523 1380 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:00:57.0523 1380 mrxsmb10 - ok

16:00:57.0586 1380 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:00:57.0586 1380 mrxsmb20 - ok

16:00:57.0664 1380 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

16:00:57.0664 1380 msahci - ok

16:00:57.0726 1380 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

16:00:57.0726 1380 msdsm - ok

16:00:57.0788 1380 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:00:57.0804 1380 Msfs - ok

16:00:57.0866 1380 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:00:57.0898 1380 mshidkmdf - ok

16:00:57.0944 1380 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

16:00:57.0944 1380 msisadrv - ok

16:00:58.0007 1380 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:00:58.0022 1380 MSKSSRV - ok

16:00:58.0085 1380 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:00:58.0116 1380 MSPCLOCK - ok

16:00:58.0147 1380 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:00:58.0178 1380 MSPQM - ok

16:00:58.0225 1380 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

16:00:58.0225 1380 MsRPC - ok

16:00:58.0272 1380 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

16:00:58.0288 1380 mssmbios - ok

16:00:58.0319 1380 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:00:58.0350 1380 MSTEE - ok

16:00:58.0381 1380 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

16:00:58.0397 1380 MTConfig - ok

16:00:58.0444 1380 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:00:58.0444 1380 Mup - ok

16:00:58.0506 1380 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:00:58.0522 1380 NativeWifiP - ok

16:00:58.0584 1380 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

16:00:58.0600 1380 NDIS - ok

16:00:58.0662 1380 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:00:58.0693 1380 NdisCap - ok

16:00:58.0724 1380 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:00:58.0756 1380 NdisTapi - ok

16:00:58.0802 1380 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

16:00:58.0818 1380 Ndisuio - ok

16:00:58.0865 1380 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

16:00:58.0880 1380 NdisWan - ok

16:00:58.0927 1380 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

16:00:58.0958 1380 NDProxy - ok

16:00:58.0990 1380 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:00:59.0021 1380 NetBIOS - ok

16:00:59.0068 1380 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

16:00:59.0099 1380 NetBT - ok

16:00:59.0286 1380 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys

16:00:59.0364 1380 NETwNs64 - ok

16:00:59.0411 1380 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

16:00:59.0426 1380 nfrd960 - ok

16:00:59.0473 1380 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

16:00:59.0489 1380 NisDrv - ok

16:00:59.0567 1380 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:00:59.0582 1380 Npfs - ok

16:00:59.0629 1380 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:00:59.0660 1380 nsiproxy - ok

16:00:59.0738 1380 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

16:00:59.0770 1380 Ntfs - ok

16:00:59.0816 1380 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:00:59.0848 1380 Null - ok

16:00:59.0910 1380 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

16:00:59.0910 1380 nvraid - ok

16:00:59.0957 1380 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

16:00:59.0972 1380 nvstor - ok

16:01:00.0035 1380 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

16:01:00.0035 1380 nv_agp - ok

16:01:00.0082 1380 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

16:01:00.0097 1380 ohci1394 - ok

16:01:00.0128 1380 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

16:01:00.0144 1380 Parport - ok

16:01:00.0175 1380 Partizan - ok

16:01:00.0222 1380 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

16:01:00.0222 1380 partmgr - ok

16:01:00.0284 1380 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

16:01:00.0284 1380 pci - ok

16:01:00.0331 1380 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

16:01:00.0331 1380 pciide - ok

16:01:00.0409 1380 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

16:01:00.0425 1380 pcmcia - ok

16:01:00.0472 1380 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:01:00.0472 1380 pcw - ok

16:01:00.0534 1380 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:01:00.0565 1380 PEAUTH - ok

16:01:00.0628 1380 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

16:01:00.0643 1380 PptpMiniport - ok

16:01:00.0690 1380 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

16:01:00.0706 1380 Processor - ok

16:01:00.0752 1380 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

16:01:00.0768 1380 Psched - ok

16:01:00.0893 1380 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

16:01:00.0924 1380 ql2300 - ok

16:01:00.0986 1380 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

16:01:00.0986 1380 ql40xx - ok

16:01:01.0049 1380 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:01:01.0049 1380 QWAVEdrv - ok

16:01:01.0096 1380 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:01:01.0127 1380 RasAcd - ok

16:01:01.0189 1380 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:01:01.0220 1380 RasAgileVpn - ok

16:01:01.0267 1380 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:01:01.0283 1380 Rasl2tp - ok

16:01:01.0330 1380 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:01:01.0361 1380 RasPppoe - ok

16:01:01.0408 1380 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:01:01.0439 1380 RasSstp - ok

16:01:01.0470 1380 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

16:01:01.0501 1380 rdbss - ok

16:01:01.0548 1380 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

16:01:01.0548 1380 rdpbus - ok

16:01:01.0610 1380 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:01:01.0626 1380 RDPCDD - ok

16:01:01.0673 1380 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:01:01.0704 1380 RDPENCDD - ok

16:01:01.0751 1380 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:01:01.0766 1380 RDPREFMP - ok

16:01:01.0813 1380 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

16:01:01.0844 1380 RDPWD - ok

16:01:01.0876 1380 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

16:01:01.0891 1380 rdyboost - ok

16:01:01.0938 1380 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

16:01:01.0954 1380 RFCOMM - ok

16:01:02.0000 1380 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:01:02.0016 1380 rspndr - ok

16:01:02.0063 1380 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

16:01:02.0078 1380 sbp2port - ok

16:01:02.0110 1380 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

16:01:02.0141 1380 scfilter - ok

16:01:02.0188 1380 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:01:02.0203 1380 secdrv - ok

16:01:02.0250 1380 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

16:01:02.0266 1380 Serenum - ok

16:01:02.0312 1380 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

16:01:02.0312 1380 Serial - ok

16:01:02.0359 1380 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

16:01:02.0375 1380 sermouse - ok

16:01:02.0437 1380 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

16:01:02.0453 1380 sffdisk - ok

16:01:02.0484 1380 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

16:01:02.0500 1380 sffp_mmc - ok

16:01:02.0531 1380 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

16:01:02.0531 1380 sffp_sd - ok

16:01:02.0578 1380 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

16:01:02.0578 1380 sfloppy - ok

16:01:02.0624 1380 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

16:01:02.0640 1380 SiSGbeLH - ok

16:01:02.0687 1380 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

16:01:02.0687 1380 SiSRaid2 - ok

16:01:02.0734 1380 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

16:01:02.0749 1380 SiSRaid4 - ok

16:01:02.0796 1380 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:01:02.0812 1380 Smb - ok

16:01:02.0905 1380 SNP2UVC (c98375d19f9e9966f6201bae65fb3728) C:\Windows\system32\DRIVERS\snp2uvc.sys

16:01:02.0936 1380 SNP2UVC - ok

16:01:02.0983 1380 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:01:02.0983 1380 spldr - ok

16:01:03.0061 1380 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

16:01:03.0077 1380 srv - ok

16:01:03.0108 1380 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

16:01:03.0124 1380 srv2 - ok

16:01:03.0170 1380 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

16:01:03.0186 1380 srvnet - ok

16:01:03.0280 1380 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

16:01:03.0280 1380 stexstor - ok

16:01:03.0326 1380 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

16:01:03.0342 1380 swenum - ok

16:01:03.0436 1380 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

16:01:03.0451 1380 Tcpip - ok

16:01:03.0529 1380 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

16:01:03.0560 1380 TCPIP6 - ok

16:01:03.0607 1380 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

16:01:03.0638 1380 tcpipreg - ok

16:01:03.0685 1380 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:01:03.0716 1380 TDPIPE - ok

16:01:03.0763 1380 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

16:01:03.0779 1380 TDTCP - ok

16:01:03.0826 1380 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

16:01:03.0841 1380 tdx - ok

16:01:03.0888 1380 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

16:01:03.0904 1380 TermDD - ok

16:01:03.0966 1380 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:01:03.0982 1380 tssecsrv - ok

16:01:04.0028 1380 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

16:01:04.0044 1380 TsUsbFlt - ok

16:01:04.0075 1380 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

16:01:04.0091 1380 TsUsbGD - ok

16:01:04.0153 1380 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

16:01:04.0184 1380 tunnel - ok

16:01:04.0216 1380 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

16:01:04.0231 1380 uagp35 - ok

16:01:04.0278 1380 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

16:01:04.0309 1380 udfs - ok

16:01:04.0340 1380 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

16:01:04.0356 1380 uliagpkx - ok

16:01:04.0387 1380 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

16:01:04.0387 1380 umbus - ok

16:01:04.0450 1380 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

16:01:04.0450 1380 UmPass - ok

16:01:04.0512 1380 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

16:01:04.0528 1380 usbccgp - ok

16:01:04.0574 1380 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

16:01:04.0574 1380 usbcir - ok

16:01:04.0637 1380 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

16:01:04.0637 1380 usbehci - ok

16:01:04.0699 1380 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

16:01:04.0699 1380 usbhub - ok

16:01:04.0746 1380 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

16:01:04.0746 1380 usbohci - ok

16:01:04.0793 1380 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

16:01:04.0808 1380 usbprint - ok

16:01:04.0871 1380 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:01:04.0886 1380 USBSTOR - ok

16:01:04.0949 1380 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

16:01:04.0949 1380 usbuhci - ok

16:01:04.0996 1380 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

16:01:05.0011 1380 usbvideo - ok

16:01:05.0058 1380 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys

16:01:05.0058 1380 VClone - ok

16:01:05.0105 1380 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

16:01:05.0105 1380 vdrvroot - ok

16:01:05.0152 1380 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:01:05.0167 1380 vga - ok

16:01:05.0214 1380 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:01:05.0245 1380 VgaSave - ok

16:01:05.0292 1380 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

16:01:05.0292 1380 vhdmp - ok

16:01:05.0339 1380 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

16:01:05.0339 1380 viaide - ok

16:01:05.0386 1380 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

16:01:05.0401 1380 volmgr - ok

16:01:05.0448 1380 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

16:01:05.0448 1380 volmgrx - ok

16:01:05.0495 1380 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

16:01:05.0510 1380 volsnap - ok

16:01:05.0557 1380 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

16:01:05.0573 1380 vsmraid - ok

16:01:05.0620 1380 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

16:01:05.0620 1380 vwifibus - ok

16:01:05.0682 1380 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

16:01:05.0698 1380 vwififlt - ok

16:01:05.0744 1380 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

16:01:05.0744 1380 vwifimp - ok

16:01:05.0807 1380 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys

16:01:05.0822 1380 wacommousefilter - ok

16:01:05.0885 1380 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

16:01:05.0885 1380 WacomPen - ok

16:01:05.0932 1380 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys

16:01:05.0947 1380 wacomvhid - ok

16:01:05.0994 1380 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:01:06.0025 1380 WANARP - ok

16:01:06.0041 1380 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:01:06.0072 1380 Wanarpv6 - ok

16:01:06.0134 1380 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

16:01:06.0134 1380 Wd - ok

16:01:06.0181 1380 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:01:06.0197 1380 Wdf01000 - ok

16:01:06.0259 1380 wdkmd (63ce387483e74a0bd79ee4e5eba1fd2e) C:\Windows\system32\DRIVERS\WDKMD.sys

16:01:06.0259 1380 wdkmd - ok

16:01:06.0337 1380 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:01:06.0368 1380 WfpLwf - ok

16:01:06.0431 1380 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

16:01:06.0431 1380 WimFltr - ok

16:01:06.0478 1380 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:01:06.0478 1380 WIMMount - ok

16:01:06.0556 1380 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

16:01:06.0571 1380 WinUsb - ok

16:01:06.0602 1380 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

16:01:06.0618 1380 WmiAcpi - ok

16:01:06.0680 1380 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:01:06.0712 1380 ws2ifsl - ok

16:01:06.0774 1380 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

16:01:06.0790 1380 WudfPf - ok

16:01:06.0852 1380 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:01:06.0868 1380 WUDFRd - ok

16:01:06.0914 1380 MBR (0x1B8) (8e734bd7aa1d4f7e9af58df495f6cf9e) \Device\Harddisk0\DR0

16:01:07.0102 1380 \Device\Harddisk0\DR0 - ok

16:01:07.0164 1380 Boot (0x1200) (095f797b23af9d5c9e30b8a222f9ea25) \Device\Harddisk0\DR0\Partition0

16:01:07.0164 1380 \Device\Harddisk0\DR0\Partition0 - ok

16:01:07.0180 1380 Boot (0x1200) (4b1e91fb7213bd93cfe161c5a8e85848) \Device\Harddisk0\DR0\Partition1

16:01:07.0180 1380 \Device\Harddisk0\DR0\Partition1 - ok

16:01:07.0180 1380 ============================================================

16:01:07.0180 1380 Scan finished

16:01:07.0180 1380 ============================================================

16:01:07.0195 6816 Detected object count: 0

16:01:07.0195 6816 Actual detected object count: 0

[MrCharlie]

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

[Rovot]

ComboFix 12-02-21.02 - Guillermo 02/21/2012 18:15:49.8.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.2701 [GMT -6:00]

Running from: c:\users\Guillermo\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}

SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-01-22 to 2012-02-22 )))))))))))))))))))))))))))))))

.

.

2012-02-22 00:21 . 2012-02-22 00:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-02-21 12:14 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C0863DCB-A285-4054-88B5-4196B7205E18}\mpengine.dll

2012-02-18 20:59 . 2012-02-18 20:59 39184 ----a-w- c:\windows\system32\Partizan.exe

2012-02-17 06:22 . 2012-02-17 06:22 -------- d-----w- c:\users\Guillermo\AppData\Local\{FFFA2FB9-4857-4475-8379-F36343DA5801}

2012-02-15 22:27 . 2012-02-15 22:27 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-02-15 01:31 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll

2012-02-15 01:31 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll

2012-02-15 01:31 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl

2012-02-15 01:31 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl

2012-02-15 01:31 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-02-15 01:31 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys

2012-02-15 01:31 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll

2012-02-15 01:31 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll

2012-02-13 21:25 . 2012-02-20 21:08 -------- d-----w- c:\users\Guillermo\AppData\Local\CrashDumps

2012-02-13 20:24 . 2010-08-03 21:30 196224 ----a-w- c:\program files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll

2012-02-13 20:24 . 2012-02-13 20:24 -------- d-----w- c:\programdata\P4G

2012-02-13 20:24 . 2012-02-13 20:24 -------- d-----w- c:\program files\ASUS

2012-02-12 09:52 . 2012-02-12 09:52 -------- d-----w- c:\users\Guillermo\AppData\Local\SWTOR

2012-02-12 08:12 . 2012-02-15 18:42 81984 ----a-w- c:\windows\system32\bdod.bin

2012-02-12 06:25 . 2012-02-12 06:25 -------- d-----w- c:\users\Guillermo\AppData\Roaming\BitDefender

2012-02-12 06:25 . 2012-02-15 18:42 -------- d-----w- c:\program files\Common Files\BitDefender

2012-02-12 06:25 . 2012-02-13 02:22 -------- d-----w- c:\programdata\BitDefender

2012-02-12 06:25 . 2012-02-12 06:25 -------- d-----w- c:\program files\BitDefender

2012-02-12 06:24 . 2012-02-12 06:24 -------- d-----w- c:\program files (x86)\Common Files\BitDefender

2012-02-12 06:13 . 2012-02-12 06:13 -------- d-----w- c:\programdata\CPA_VA

2012-02-12 06:07 . 2012-02-12 06:08 -------- d-----w- c:\programdata\Comodo

2012-02-12 06:07 . 2012-02-12 06:13 -------- d-----w- c:\program files\COMODO

2012-02-12 06:07 . 2012-02-12 06:14 -------- d-----w- c:\program files (x86)\Comodo

2012-02-11 03:30 . 2012-02-11 03:30 -------- d-----w- c:\program files (x86)\Common Files\BioWare

2012-02-11 03:30 . 2012-02-11 03:30 -------- d-----w- c:\program files (x86)\Electronic Arts

2012-02-11 01:55 . 2012-01-06 19:31 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2012-02-11 01:55 . 2012-02-11 01:55 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E95627E9-6740-4F24-9957-A5715780658E}\gapaengine.dll

2012-02-11 01:41 . 2012-02-11 01:41 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2012-02-11 01:41 . 2012-02-11 01:41 -------- d-----w- c:\users\Guillermo\AppData\Roaming\SystemRequirementsLab

2012-02-11 01:41 . 2012-02-11 01:41 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-02-11 01:41 . 2012-02-11 01:41 -------- d-----w- c:\program files (x86)\Java

2012-02-10 21:35 . 2012-02-10 21:37 -------- d-----w- c:\users\Guillermo\AppData\Roaming\Origin

2012-02-10 21:34 . 2012-02-18 21:23 -------- d-----w- c:\programdata\Origin

2012-02-08 11:51 . 2009-07-14 01:14 14848 ----a-w- c:\windows\SysWow64\regsvr32 - Copy.exe

2012-02-08 11:32 . 2012-02-08 11:32 -------- d-----w- c:\users\Guillermo\AppData\Roaming\QuickScan

2012-02-08 11:27 . 2012-02-08 11:27 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2012-02-08 11:26 . 2012-02-08 11:26 -------- d-----w- c:\programdata\Hitman Pro

2012-02-08 04:39 . 2012-02-18 20:58 2 --shatr- c:\windows\winstart.bat

2012-02-08 04:39 . 2012-02-18 21:23 -------- d-----w- c:\program files (x86)\UnHackMe

2012-02-08 03:28 . 2012-02-10 03:14 -------- d-----w- c:\users\Guillermo\AppData\Local\NPE

2012-02-08 03:28 . 2012-02-08 03:28 -------- d-----w- c:\programdata\Norton

2012-02-08 02:57 . 2012-01-16 22:28 767952 ----a-w- c:\windows\BDTSupport.dll0227.old

2012-02-08 02:57 . 2012-01-16 22:28 149456 ----a-w- c:\windows\SGDetectionTool.dll0227.old

2012-02-08 02:57 . 2012-01-16 22:28 2246608 ----a-w- c:\windows\PCTBDCore.dll0227.old

2012-02-08 02:55 . 2012-02-08 02:55 -------- d-----w- c:\program files (x86)\PC Tools

2012-02-08 01:31 . 2012-01-11 22:19 230952 ----a-w- c:\windows\system32\drivers\PCTSD64.sys

2012-02-08 01:31 . 2012-02-08 03:22 -------- d-----w- c:\program files (x86)\Common Files\PC Tools

2012-02-08 01:29 . 2012-02-08 03:20 -------- d-----w- c:\programdata\PC Tools

2012-02-08 01:29 . 2012-02-08 01:29 -------- d-----w- c:\users\Guillermo\AppData\Roaming\TestApp

2012-02-07 06:37 . 2012-02-07 06:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-02-07 06:37 . 2011-12-10 21:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-07 06:36 . 2012-02-07 06:36 388096 ----a-r- c:\users\Guillermo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-02-07 01:59 . 2012-02-07 02:56 -------- d-----w- C:\folder2

2012-02-07 01:59 . 2012-02-07 02:56 -------- d-----w- C:\folder1

2012-02-04 09:42 . 2012-02-04 09:42 65736 ----a-w- c:\windows\system32\drivers\pxrts.sys

2012-02-04 09:42 . 2012-02-04 09:42 -------- d-----w- c:\program files\Prevx

2012-02-04 09:41 . 2012-02-05 19:11 -------- d-----w- c:\programdata\PrevxCSI

2012-02-03 08:10 . 2012-02-03 20:49 35712 ----a-w- c:\windows\SysWow64\drivers\BlackBox.sys

2012-02-03 04:17 . 2012-02-08 11:31 -------- d-----w- c:\programdata\Kaspersky Lab

2012-02-03 03:24 . 2012-02-03 03:24 -------- d-----w- c:\users\Guillermo\AppData\Local\Sunbelt Software

2012-02-03 00:49 . 2012-02-03 00:49 -------- d-----w- c:\program files (x86)\ESET

2012-02-02 18:35 . 2012-02-02 18:35 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-02 02:03 . 2012-02-02 02:03 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2012-02-02 01:50 . 2012-02-03 01:38 -------- d-----w- c:\program files (x86)\Lavasoft

2012-02-02 01:50 . 2012-02-03 01:38 -------- d-----w- c:\programdata\Lavasoft

2012-02-02 01:46 . 2012-02-02 01:46 -------- d-----w- c:\users\Guillermo\AppData\Roaming\SUPERAntiSpyware.com

2012-02-02 01:45 . 2012-02-02 01:45 -------- d-----w- c:\users\Guillermo\AppData\Roaming\Malwarebytes

2012-02-02 01:45 . 2012-02-02 01:45 -------- d-----w- c:\programdata\Malwarebytes

2012-02-01 18:06 . 2012-02-01 18:06 466456 ----a-w- c:\windows\system32\wrap_oal.dll

2012-02-01 18:06 . 2012-02-01 18:06 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll

2012-02-01 18:06 . 2012-02-01 18:06 122904 ----a-w- c:\windows\system32\OpenAL32.dll

2012-02-01 18:06 . 2012-02-01 18:06 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll

2012-02-01 18:06 . 2012-02-01 18:06 -------- d-----w- c:\program files (x86)\OpenAL

2012-02-01 18:03 . 2012-02-01 18:03 -------- d-----w- c:\users\Guillermo\AppData\Local\2DBoy

2012-02-01 18:03 . 2012-02-01 18:03 -------- d-----w- c:\programdata\2DBoy

2012-02-01 16:25 . 2012-02-01 16:25 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2012-02-01 16:25 . 2012-02-21 19:52 -------- d-----w- c:\users\Guillermo\AppData\Roaming\Winamp

2012-02-01 16:25 . 2012-02-01 16:28 -------- d-----w- c:\program files (x86)\Winamp

2012-01-31 05:46 . 2012-01-31 05:46 -------- d-----w- c:\users\Guillermo\AppData\Local\Programs

2012-01-30 12:15 . 2012-01-30 12:15 -------- d-----w- c:\windows\Sun

2012-01-29 23:59 . 2012-02-11 01:41 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-01-27 11:43 . 2011-06-21 04:09 200976 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys

2012-01-27 11:31 . 2012-01-27 11:39 -------- d-----w- c:\program files (x86)\Trend Micro

2012-01-27 07:56 . 2012-01-27 07:56 -------- d-----w- c:\programdata\Soulseek

2012-01-27 07:56 . 2012-01-27 07:56 -------- d-----w- c:\program files (x86)\SoulseekNS

2012-01-27 07:31 . 2012-02-14 18:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-01-27 07:31 . 2012-01-27 07:34 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2012-01-26 06:03 . 2012-02-08 11:00 -------- d-----w- c:\users\Guillermo\.config

2012-01-25 18:49 . 2012-02-15 07:52 -------- d-----w- c:\program files (x86)\Steam

2012-01-25 07:27 . 2012-01-25 07:27 -------- d-----w- c:\programdata\Age of Empires 3

2012-01-25 07:20 . 2012-02-02 04:32 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games

2012-01-25 07:13 . 2012-02-02 04:39 -------- d-----w- c:\program files (x86)\Microsoft Games

2012-01-23 20:14 . 2012-02-21 12:24 -------- d-----w- c:\users\Guillermo\riotsGamesLogs

2012-01-23 19:34 . 2012-01-23 19:34 -------- d-----w- C:\Games

2012-01-23 19:34 . 2012-01-27 11:39 -------- d-----w- c:\users\Guillermo\AppData\Local\Black_Tree_Gaming

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-18 21:11 . 2011-07-25 20:21 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe

2012-01-31 12:44 . 2012-01-06 19:31 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-01-18 03:00 . 2012-01-18 03:00 577824 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2012-01-08 23:07 . 2012-01-08 23:07 2892 ----a-w- c:\windows\SysWow64\audcon.sys

2012-01-08 21:40 . 2012-01-08 21:40 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2012-01-08 21:40 . 2012-01-08 21:40 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll

2012-01-08 21:40 . 2012-01-08 21:40 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll

2012-01-08 05:09 . 2012-01-08 05:09 384 ----a-w- c:\windows\SysWow64\checkOS.bat

2012-01-07 19:23 . 2012-01-07 19:23 689492 ----a-w- c:\windows\SysWow64\adbcnsl.exe

2012-01-06 18:33 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-01-06 05:15 . 2012-01-08 05:30 8602168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-12-20 00:59 . 2011-12-20 00:59 93200 ----a-w- c:\windows\system32\drivers\inspect.sys

2011-12-20 00:59 . 2011-12-20 00:59 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-12-20 00:59 . 2011-12-20 00:59 22696 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-12-20 00:58 . 2011-12-20 00:58 41200 ----a-w- c:\windows\system32\cmdcsr.dll

2011-12-20 00:58 . 2011-12-20 00:58 389840 ----a-w- c:\windows\system32\guard64.dll

2011-12-20 00:58 . 2011-12-20 00:58 301224 ----a-w- c:\windows\SysWow64\guard32.dll

.

.

((((((((((((((((((((((((((((( SnapShot_2012-02-15_17.26.48 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-02-21 12:01 . 2012-02-21 12:01 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012022120120222\index.dat

- 2012-01-09 05:10 . 2012-02-15 17:28 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat

+ 2012-01-09 05:10 . 2012-02-21 12:01 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat

+ 2012-02-15 22:27 . 2012-02-15 22:27 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat

+ 2009-07-14 00:21 . 2009-07-14 01:41 88064 c:\windows\system32\WpdMtpUS.dll

+ 2011-02-18 20:13 . 2012-02-21 12:02 64998 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-02-21 12:02 47934 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2012-01-06 18:02 . 2012-02-21 12:02 16384 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2075945034-679189341-3693907279-1000_UserData.bin

- 2009-07-14 05:30 . 2012-02-12 06:08 86016 c:\windows\system32\DriverStore\infpub.dat

+ 2009-07-14 05:30 . 2012-02-19 06:46 86016 c:\windows\system32\DriverStore\infpub.dat

+ 2011-02-18 19:49 . 2010-11-20 10:43 41984 c:\windows\system32\drivers\winusb.sys

+ 2012-01-06 18:32 . 2012-02-21 12:00 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2012-01-06 18:32 . 2012-02-15 13:30 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2012-02-12 02:09 . 2012-02-15 13:30 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2012-02-12 02:09 . 2012-02-21 12:00 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-02-15 13:30 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-21 12:00 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:46 . 2012-02-16 23:05 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

+ 2011-04-11 22:56 . 2012-02-15 22:27 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

- 2011-04-11 22:56 . 2012-01-07 05:39 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

+ 2012-02-15 17:52 . 2012-02-15 17:52 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\42d44cc48edbf4d5b19af6d6afc6cd62\System.Windows.Presentation.ni.dll

+ 2012-02-15 17:52 . 2012-02-15 17:52 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\5c5a54c265c044f359659e6eeff29171\System.Web.ApplicationServices.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\5febe9c0db17256605a3c0b906d124a3\System.Windows.Presentation.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\d948214592e9ee62eefecfc06ac37690\System.Web.ApplicationServices.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\361744396ee71dcc435c93226a8a6754\System.ServiceModel.Channels.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\265f654b8eed2ac1e42d225a30433c37\System.Windows.Presentation.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\62889e05923a83fa32400e7f3b28f9c6\System.Web.DynamicData.Design.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\c1577aa4e5874f1debc9a63343e5a0d7\PresentationFontCache.ni.exe

+ 2012-02-15 17:39 . 2012-02-15 17:39 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\2d80e48139b13bf06e85c0c1db06bc20\Microsoft.WSMan.Runtime.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\df5c0dac9e7db175acc8a9755942f87f\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\8a9356f77bd1d1155202f59119ee57c9\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4e53199f22c13aa3e4bc6f063da0aee7\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0f361440d7cbda4bf5b44bfbd4623812\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\f15fa2345f2673b95ac0570da21525f2\WindowsLiveWriter.ni.exe

+ 2012-02-15 17:31 . 2012-02-15 17:31 81408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bcfabefedbeb1188aa4e53769aeac91b\WindowsLive.Writer.Passport.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\df6e2f050af3e7a7676650240ef9d7e5\System.Windows.Presentation.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\e66fcffbc602b284e20b6c49f4ac64b6\System.Web.DynamicData.Design.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2463cb2600fc129e38f67974f3553368\System.ComponentModel.DataAnnotations.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\bef92fc6725738f2a261600dab88cd66\PresentationFontCache.ni.exe

+ 2012-02-15 17:33 . 2012-02-15 17:33 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\7834abeef71f9188bb9d9253d8f807ab\Microsoft.WSMan.Runtime.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ef668f1802501935d634458ef637f5e7\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\a66c7d26f61bb8e12960441a77159102\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\61a8d567fe6450b5b77584b0044a6979\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\52785c0dca46f1e08b5cf9299fba9ae0\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\183073b14873e3b18951879ae4a8b425\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\824d2cc6a8193a2458ce90e579c8b8f5\Microsoft.Vsa.ni.dll

- 2012-02-15 17:25 . 2012-02-15 17:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-02-21 12:00 . 2012-02-21 12:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-02-21 12:00 . 2012-02-21 12:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-02-15 17:25 . 2012-02-15 17:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-02-13 20:23 . 2012-02-18 21:21 307807 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\MMFApplications\msdc1.dll

- 2012-01-09 05:10 . 2012-02-15 17:26 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

+ 2012-01-09 05:10 . 2012-02-21 12:00 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

+ 2009-07-14 04:54 . 2012-02-21 12:00 131072 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-02-15 17:26 114688 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-21 12:00 114688 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 00:21 . 2009-07-14 01:41 297984 c:\windows\system32\WpdMtp.dll

+ 2012-01-06 20:59 . 2012-02-20 21:08 305480 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin

+ 2012-01-07 02:53 . 2012-02-21 22:00 285594 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

- 2009-07-14 02:36 . 2012-02-15 13:23 637690 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-02-21 22:01 637690 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-02-21 22:01 111274 c:\windows\system32\perfc009.dat

- 2009-07-14 02:36 . 2012-02-15 13:23 111274 c:\windows\system32\perfc009.dat

+ 2009-07-14 05:30 . 2012-02-19 06:46 143360 c:\windows\system32\DriverStore\infstrng.dat

- 2009-07-14 05:30 . 2012-02-12 06:08 143360 c:\windows\system32\DriverStore\infstrng.dat

- 2009-07-14 05:12 . 2012-02-15 13:30 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

+ 2009-07-14 05:12 . 2012-02-21 12:00 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

- 2009-07-14 05:01 . 2012-02-15 15:42 474012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-02-21 11:58 474012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2012-01-07 03:28 . 2012-02-17 06:42 210800 c:\windows\Installer\{2EFEAD58-3311-4B2B-9D8A-8D663581D109}\ARPPRODUCTICON.exe

+ 2012-02-15 17:52 . 2012-02-15 17:52 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\6bdb6c455153a223a2180c883ea5a06c\WindowsFormsIntegration.ni.dll

+ 2012-02-15 17:52 . 2012-02-15 17:52 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\8df6331b51fe3ae5b9d0cf8c582d3f84\UIAutomationClient.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\6bc2cf9d31ae7e22349af3ddb1306c96\System.Xml.Linq.ni.dll

+ 2012-02-15 17:49 . 2012-02-15 17:49 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\f9e5fcb862d898327924fcac2ff47c4d\System.Windows.Input.Manipulations.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\5f61f0305f22aed705e0680f58fc5d89\System.Transactions.ni.dll

+ 2012-02-15 17:52 . 2012-02-15 17:52 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\6afb4b90a21aae2e499f577b92102b85\System.ServiceProcess.ni.dll

+ 2012-02-15 17:52 . 2012-02-15 17:52 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\bfb5e1c0961fe330c89c043a188cc807\System.ServiceModel.Routing.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\671c48760746239f2dfb0b64a7413624\System.ServiceModel.Channels.ni.dll

+ 2012-02-15 17:42 . 2012-02-15 17:42 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\d8342f4b914e190a9e5c89c7703dd11f\System.Security.ni.dll

+ 2012-02-15 17:49 . 2012-02-15 17:49 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\9426384a1d2d2e815e093a0fe88da585\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2012-02-15 17:49 . 2012-02-15 17:49 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\73d3849c909668636452b43f54edb54e\System.Runtime.Remoting.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\21fa922f90a47d10fd11107efff5ea4f\System.Net.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\c07fc2256ec2210bfd7f7abf1639833e\System.Messaging.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\655c314109b3ab211e13b88d0769651b\System.Management.Instrumentation.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\cf1c0c4152c5548179dd3e2870f25cc4\System.IO.Log.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\d8dc2ea040e12c679b5d779370a19e58\System.IdentityModel.Selectors.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\fef2650a5b3bf39527150b4058762611\System.EnterpriseServices.Wrapper.dll

+ 2012-02-15 17:42 . 2012-02-15 17:42 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\994e60f26b11755207e9c7ebb9fd688b\System.Dynamic.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\bc62e3c6c42db6e63c18038e9bac5a5c\System.DirectoryServices.Protocols.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\5373b5adf6f12ca3ac8806827259a986\System.Device.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\938f42c2d694b3935ca890fee7d0c8a7\System.Data.DataSetExtensions.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\cde466cd9b88dc7857c40ac43bf7632c\System.Configuration.Install.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\081bebeff0574ed1969b05eafab5b342\System.ComponentModel.DataAnnotations.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\e88489a8cc6a68a7ebb4617d1a20e5e7\System.AddIn.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\ba36345815c2011c3f054ebee01a0569\System.Activities.DurableInstancing.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\70edc7fbf7505880ab1652b35f6e9517\SMSvcHost.ni.exe

+ 2012-02-15 17:43 . 2012-02-15 17:43 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\9d160b8d7c69ce50ac1db59a8fa2bcb5\SMDiagnostics.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\dbb2bb145d0bac0d0615f52739ad2702\PresentationFramework.Aero.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\4d9a6f376f83a6ea5b71a678566ee1de\PresentationFramework.Royale.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\3ec560f5f3b643e02b6025363034d624\PresentationFramework.Luna.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\1767cdd5d245b5087045d1ad2fbdd8fd\PresentationFramework.Classic.ni.dll

+ 2012-02-15 17:42 . 2012-02-15 17:42 289280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\10abc6daca21b4d51f5e34abe73cb5cb\Microsoft.VisualBasic.Compatibility.Data.ni.dll

+ 2012-02-15 17:42 . 2012-02-15 17:42 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\385ffb17c4890d76682d1d0c81f39e09\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\bfab3d0d973b05366401b15f6ab8febb\WindowsFormsIntegration.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\f4d55487b0e1eae2de72e1d8e14c4781\UIAutomationClient.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\35b997b2652f8f564b062e6a6e59055f\System.Xml.Linq.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\b16aace2ac6c7e7d6849f3a683776cd1\System.Windows.Input.Manipulations.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\07db951fbbd939fc70b0b91a8fa83185\System.Transactions.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\f9977bade8fa997882aa57b430820765\System.ServiceProcess.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b6b9eeba0eaffb7691e9fd06c4f3dd10\System.ServiceModel.Routing.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\012cb4a4bd973425eac0dbe52cdcc721\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e558d70a5dbc430b5a2904eec156749d\System.Runtime.Remoting.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\6ddba0a0ef4a512f8de2b3feacb8bd4a\System.Net.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\3ae04414918ec66af305d771a18d8b3c\System.Messaging.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\b2990e7dd2ce6c1ec99e4f27f766beb0\System.Management.Instrumentation.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\3ee79197b362398995eba1a67e83d865\System.IO.Log.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\3e177995dd026b939dc8b6769c77e60f\System.IdentityModel.Selectors.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\06c498e1b0e11e9de295c02f1519b8ff\System.EnterpriseServices.Wrapper.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\06c498e1b0e11e9de295c02f1519b8ff\System.EnterpriseServices.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\4946d4a8b1301179885c0621ac7120ca\System.DirectoryServices.Protocols.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\171d40509eccb741a5a4a0908b41c840\System.DirectoryServices.AccountManagement.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\eca593b1efb8f28f8204c841d6f875f2\System.Device.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\8cec191afd4e0abc87ed7e93f814f1fc\System.Data.DataSetExtensions.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\36c77d53335088d10774054af4dfc034\System.Configuration.Install.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\3924f7fd82f46e76f3b89b9828c3587c\System.ComponentModel.DataAnnotations.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\b323b1cd4f7e891c9b2def688895cd37\System.AddIn.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\89c1fb7b7684036e32dafff798d1a744\System.Activities.DurableInstancing.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\2dca989632203f2bc603d76492aff1f3\SMSvcHost.ni.exe

+ 2012-02-15 17:35 . 2012-02-15 17:35 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3ed5c98553688c7bd5fa0459ddc629bf\SMDiagnostics.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\f941120c158a98c56b2cd3488c056c6b\Microsoft.VisualBasic.Compatibility.Data.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\4a9409b232987a471b8437cd0a35a3ea\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\600f8ca5fcc54f10623903952fcc10ac\WsatConfig.ni.exe

+ 2012-02-15 17:41 . 2012-02-15 17:41 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\ddb96c334583dc79463edcb14ae16c99\WindowsFormsIntegration.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\152b577b846875cb3ac5e2097451daf0\UIAutomationClient.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\fb5fce5cf09733b71a796d1da399f07a\TaskScheduler.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\bc3bbe78635aeacaeea3b310ea5ff002\System.Xml.Linq.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\894b696a87ad47b5e18ac89954813a94\System.Web.Routing.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\a6885ee42ea49eb80f1bd18a5252684d\System.Web.Entity.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\88ffeea88ac9ce23de0c5a27a95e773a\System.Web.Entity.Design.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\7a311c3305dbbd5cfa2613997608a4ae\System.Web.DynamicData.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\e5069f3c90b4413dd2f3dc226c80bc68\System.Web.Abstractions.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\e238ca4ca02f9309283c98e1a4235bbd\System.Net.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\c340633057ed6b9ffcf2214cb348a1fa\System.Management.Instrumentation.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\c24a84d54ad05618cf6cab545c31b06b\System.IO.Log.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\be6635364f1af379afff83dd877a4e03\System.Data.Services.Design.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\027959159200e828ccfddaef5f01b3a9\System.Data.DataSetExtensions.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\8c954be3f8d070b1364844741ff4b4b1\System.ComponentModel.DataAnnotations.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\bd9159951d0caa9bf5c90c44fc96661b\System.AddIn.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\8bfc7a328911ae69686576bd24f4f771\SMSvcHost.ni.exe

+ 2012-02-15 17:39 . 2012-02-15 17:39 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\9c808282a0cfdc5bafcb43e1778d97d6\napsnap.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\616ce317134d4225fc7eec80f9351855\napinit.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\a4b5d98bf175a3f10c47f223195c34b0\MSBuild.ni.exe

+ 2012-02-15 17:39 . 2012-02-15 17:39 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\04532b2b5174ca249e01a8b21d0ba6fd\Microsoft.WSMan.Management.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\5cd854d075caf8b50de3c803b4303e03\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\cb1c199305d00b2424e707311eb9dcfd\Microsoft.Vsa.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\b2438f632ab1dcbb1cb91c5a1226aaf1\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d7f5b39fba028d2f9e2b3a772845a2a6\Microsoft.PowerShell.GraphicalHost.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\99bb7896ddbe74236efaa97733c63cbc\Microsoft.PowerShell.Commands.Diagnostics.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\71542ecf96342dc1464fe471852be89a\Microsoft.PowerShell.ConsoleHost.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0bafa5e2dc431bb12108395cf2e18773\Microsoft.PowerShell.Security.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\cf9be66d53dddbf49b75cead76ef3cea\Microsoft.MediaCenter.Mheg.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\f356844d3667b88d03bde2ae524659b6\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\86f7fa65013864ae7da2fba058199dae\Microsoft.Build.Utilities.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\105e77fbca8c5bb29988f3847b0d599f\WsatConfig.ni.exe

+ 2012-02-15 17:32 . 2012-02-15 17:32 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\378a75654ab243a7c87425580ef5247f\WindowsLiveLocal.WriterPlugin.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e8295ba92cc9500c11e4326da94aa23d\WindowsLive.Writer.HtmlParser.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ccd8a870d49f1f6901964f3009e44704\WindowsLive.Writer.SpellChecker.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bc3de6e386e49d56770ce7026b0b0b42\WindowsLive.Writer.BrowserControl.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa6f0d8e2ce841ad6cfa150e7d19cbbf\WindowsLive.Writer.Controls.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8fb8f7ad92da63392ebd50214f98966c\WindowsLive.Writer.Interop.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\613e9162c5a92e05695b8ec520b6a6f5\WindowsLive.Writer.Instrumentation.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\54a1c00276597643ced64cad94707c44\WindowsLive.Writer.FileDestinations.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\52df063720cfdfb7e286e6c575bcdc98\WindowsLive.Writer.Extensibility.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3dc4ea44bcc90dc7fdd088969895feb6\WindowsLive.Writer.BlogClient.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\369786c29e4bb601f95f4c9f38ca4fb1\WindowsLive.Writer.HtmlEditor.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\22e9d9744c2bf7881ac1662232d688c2\WindowsLive.Writer.Api.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\203986a6f0128bf77b62f19d8b1076cf\WindowsLive.Writer.Mshtml.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 223232 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\7d367b5b97b897ff0e52d30b0a02d4ba\WindowsLive.Client.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\af6e0dd358a5edc094dca9e7957f1038\WindowsFormsIntegration.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d0972fea9e965a565c3cff76982709db\UIAutomationClient.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\ff345d3a2aaafb8a960c3d400e3c11a9\TaskScheduler.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\fa1161af51ab42a61bfac9d02d469a06\System.Xml.Linq.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\43e0731fbb58632563909f1fa5dfe063\System.Web.Routing.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\95f94674ddc4b1224df94bd7ae19c9ef\System.Web.Extensions.Design.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\4c569a365154300e49ab3450f74c2618\System.Web.Entity.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\fb21c5770bc64fc4105787238842f70d\System.Web.Entity.Design.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\785e2ad4125cef423bc367b37fabb71c\System.Web.DynamicData.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\685fb72f0189330eda1d62176fb38996\System.Web.Abstractions.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2273d6ab12c9ae0d52842a84d586b8df\System.Net.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\a717cdb44ec0d3238c621efa420a9956\System.Messaging.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b5930434d0d624701114e014513c9041\System.Management.Instrumentation.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7651951311f9d134e6bc08be7dc9ddc7\System.IO.Log.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8b0dc9405f292a93ddd52eb76bb88169\System.IdentityModel.Selectors.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\344d3289061b28a0f7fb19229f45bb9c\System.DirectoryServices.AccountManagement.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\6a6642467bcccf0345c5e9139e7fd9ae\System.Data.Services.Design.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\c1cf8e31da405f07780fa7b0f28cc650\System.Data.Entity.Design.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\71400a36c8621388031e00075f2fc8e9\System.Data.DataSetExtensions.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\05c4011ad0068d0af722b4b52677d915\System.AddIn.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\17b78ffee2144cf38f024e73b131158d\SMSvcHost.ni.exe

+ 2012-02-15 17:32 . 2012-02-15 17:32 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\62531ec9534c96e83de2bbd4edfd07e8\napsnap.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\bb49eea48fd5f546afc6d5be634d3cb9\napinit.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\4ac4095081957a001a6174c0b9f7f195\MSBuild.ni.exe

+ 2012-02-15 17:32 . 2012-02-15 17:32 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\bd5a72adac7a95585984d5bcce994b71\MMCFxCommon.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\928fb6b2401fffd8cc993578c3a04acd\Microsoft.WSMan.Management.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\481b6ebea3e357f29a4ec0e8193d36d3\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\eda566c4dc6595779c3c9dfc359575ed\Microsoft.PowerShell.ConsoleHost.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df4f6b6f33d84b7f438c3f3b66f0336d\Microsoft.PowerShell.Security.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\951235283ff1d4a91ffaa92ea8693249\Microsoft.PowerShell.GraphicalHost.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5f7928a2ffe462f16e25f03be01966e9\Microsoft.PowerShell.Commands.Management.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2015eca4346e34310e958089b22a9c62\Microsoft.PowerShell.Commands.Diagnostics.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\6386ef67ed70f53fe6424246d256190d\Microsoft.ManagementConsole.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c8e128b5e6ceee852cb1f8c165c2177e\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9795da40a8ee0bc54e91792de7422152\Microsoft.Build.Utilities.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\be7ad749a064283deab76fad38bf2930\Microsoft.Build.Engine.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\f42105699650a206e2ae439ac54ad40a\Microsoft.Build.Conversion.v3.5.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\886a8c3d4f00567df779318fea56f28a\mcstoredb.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\58ea1059f397ccd13d6a8d94d7be7830\EventViewer.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\9d5219961228fb5236c843ea75c69d39\ehRecObj.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\6a07aa6df4d45d1485b6a2749647a3aa\ehExtHost32.ni.exe

+ 2012-02-15 17:32 . 2012-02-15 17:32 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\39ab6b73bdbaac85b90cc561761916f7\ComSvcConfig.ni.exe

+ 2012-02-15 17:31 . 2012-02-15 17:31 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\d89086a63a9d85aa9d719d7088e5ae69\BDATunePIA.ni.dll

- 2009-07-14 04:54 . 2012-02-15 17:26 2736128 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-21 12:00 2736128 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 00:22 . 2009-07-14 01:41 1195008 c:\windows\system32\drivers\UMDF\WpdMtpDr.dll

+ 2009-07-14 04:45 . 2012-02-15 22:33 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

- 2009-07-14 04:45 . 2012-02-15 13:33 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2012-01-27 06:14 . 2012-02-21 11:58 1533424 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2012-01-27 06:14 . 2012-02-15 15:42 1533424 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2012-02-17 06:22 . 2012-02-17 06:22 9413632 c:\windows\Installer\6e921bd.msi

+ 2012-02-15 17:42 . 2012-02-15 17:42 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\9d5feeb6727e222673d5bd89f0620ddd\WindowsBase.ni.dll

+ 2012-02-15 17:52 . 2012-02-15 17:52 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\68f44d619637fac197ee6c8ac9f2aec9\UIAutomationClientsideProviders.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\ff247393a6deb90d63811aa88c84dc7e\System.Xml.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e158bd31f13cbc20f6fc7c7f426113d7\System.Xaml.ni.dll

+ 2012-02-15 17:52 . 2012-02-15 17:52 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\843d0370292b7b124f9b9231f87e8e6a\System.Windows.Forms.DataVisualization.ni.dll

+ 2012-02-15 17:52 . 2012-02-15 17:52 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\be0e793afecb54a67a688e4528676e70\System.Web.Services.ni.dll

+ 2012-02-15 17:52 . 2012-02-15 17:52 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\ae3a837b63de8d3f3fc63a7bfc16589a\System.Speech.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\aec154cbfb0eec1497fb89ebd6deb344\System.ServiceModel.Discovery.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\80b8b6324a73493227b2672b2d6820d3\System.ServiceModel.Activities.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\717540eea541a2769a6cf621fd948678\System.Runtime.Serialization.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\dc7fbde064d5710780a6b8f27554dc57\System.Runtime.DurableInstancing.ni.dll

+ 2012-02-15 17:49 . 2012-02-15 17:49 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\31c34917df5f24f1ffdd62bfa23f2fb7\System.Printing.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\15112a35e0e355fc344792e49c41628f\System.Management.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\bffc049b6775c3f6f144917a4387a0be\System.IdentityModel.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\fef2650a5b3bf39527150b4058762611\System.EnterpriseServices.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 2290688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\0443ad47a6be56beca12a7a13261c8ed\System.Drawing.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 1217536 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\d94ef12e883b2354af26f19ec7e25110\System.DirectoryServices.AccountManagement.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\026c74ff72ba4fce837134953778e755\System.DirectoryServices.ni.dll

+ 2012-02-15 17:49 . 2012-02-15 17:49 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\e8e5fcc8e7eb9ce898be3c22e8902ee4\System.Deployment.ni.dll

+ 2012-02-15 17:49 . 2012-02-15 17:49 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\8d734fe538fe6f226eab465c8d8e3d5c\System.Data.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\83aa1c4f17f57067d3be29e560331349\System.Data.SqlXml.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 1798656 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\6a0bcd0e756819ea795b161d2156e9a8\System.Data.Services.Client.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\1548624d8ec5142825864c5f59be9b49\System.Data.Linq.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\2672be84bcad1c772163d15db0e2864e\System.Configuration.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\228bb21cab2c9ce2f69d5e24a9352a3f\System.ComponentModel.Composition.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\36f5aa69b510e3aeb24ef402d12c20e0\System.Activities.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\7be5ac01354a0c03d5587607687de1e1\System.Activities.Presentation.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\8d549e47084ec2661c944a1eeb9a2be5\System.Activities.Core.Presentation.ni.dll

+ 2012-02-15 17:49 . 2012-02-15 17:49 4232704 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\8d8f46afc9b2b65144f29a609f63398e\ReachFramework.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 2056192 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\735f127d0957bacdfe6522f0b8a2dcb0\PresentationUI.ni.dll

+ 2012-02-15 17:42 . 2012-02-15 17:42 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6b82e7a7001a661cb712067b75b7c5ec\Microsoft.VisualBasic.Activities.Compiler.ni.dll

+ 2012-02-15 17:42 . 2012-02-15 17:42 1838080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6a21c9b7113a1bd6eddff12e138fc96b\Microsoft.VisualBasic.Compatibility.ni.dll

+ 2012-02-15 17:42 . 2012-02-15 17:42 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\60ff6c1510fb0e2d70e616650eb7ae47\Microsoft.VisualBasic.ni.dll

+ 2012-02-15 17:42 . 2012-02-15 17:42 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\2e6537fafd64c81032b0aaebb7d3180a\Microsoft.Transactions.Bridge.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\f38dbc9d7ebe981a7c22b72dffb4a2af\Microsoft.JScript.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\1cf22b5ea0ef63e71b6416a36b656b8a\Microsoft.CSharp.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\de58d9a7cb1ebe18d9519943fb351105\UIAutomationClientsideProviders.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b74e1ad9110a39851b12cb46b3954163\System.Xaml.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\f0d119151e7a4d59698125eb4b4275ee\System.Windows.Forms.DataVisualization.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\4d39c6a77db47caf40787ec818691ded\System.Web.Services.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\572316066654286b4629c0a680a76e1b\System.Speech.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 1392640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4d1a64fc317c7d5de7321ef42d9443aa\System.ServiceModel.Activities.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\26150ab602b494d300ae488f81dbef9b\System.ServiceModel.Discovery.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7aa036e91909e1bc5e1d35b673defab2\System.Runtime.Serialization.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\a2011e79b6ef1c5381d110f75685008c\System.Runtime.DurableInstancing.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\dcbff6c9c548b51344cc4ad4893646b2\System.Printing.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\b7bf9745b6ac67086c7364ee34174c51\System.Management.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\38b6bf7d0ee6cea88d785e52e991627c\System.IdentityModel.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\94f406f804865ec1ef81acaf426e48ca\System.DirectoryServices.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\d612e5ab6df30b2018730c781e979ce8\System.Deployment.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\6bbce53ef9b6e8b9204929342f503647\System.Data.Services.Client.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\3d60413b16725524801275d92249169b\System.Activities.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\bb8932dfd01f4c645f9902fd703cde49\System.Activities.Presentation.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\d92c6df050f16ca2610191d283d826bb\System.Activities.Core.Presentation.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 2907136 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\6f94955023126311d6aaa840f8852023\ReachFramework.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\a593524fad58317c70d237d214a25204\PresentationUI.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\70a16497eb1cc16502203fb15014fd35\Microsoft.VisualBasic.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1136128 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\4de0dca5c413e316f948daad4b5e2d6f\Microsoft.VisualBasic.Compatibility.ni.dll

+ 2012-02-15 17:35 . 2012-02-15 17:35 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2308d9bc9e1b4fa300140d447aa34d51\Microsoft.VisualBasic.Activities.Compiler.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\38b6c0eb820c7b8ce3efb4bdfb6ba480\Microsoft.Transactions.Bridge.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\5beb57c4dedf5103ee84b16d0d269093\Microsoft.JScript.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\dac9f71ca1332da2a359e2d07589b7e9\UIAutomationClientsideProviders.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\5571a92171f93c8a4806b9f1805f1c56\System.WorkflowServices.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\2b012fd0a270bdac848843047bb93312\System.Web.Mobile.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\cf203792167bd243b057b8daf79e0d98\System.Web.Extensions.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\7f261dc1eaa3e4e0b93c44678888dd44\System.Web.Extensions.Design.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\a49bc70b640e21c9bcecbd8122203283\System.Speech.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\8ef813ce3f85ea3b3f499d734ac8019e\System.ServiceModel.Web.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\6860203a3f244d4c6b89ff38a9c9cadb\System.Management.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\48a91957a4b86c3bcebec68eb1471def\System.DirectoryServices.AccountManagement.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\2dd10ff57a987aa347518b0abfcaf8b3\System.Data.Services.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\0177f6ff2b3faf1805b3ba63e0e20ad0\System.Data.Services.Client.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\dd28d55dd94fb4d1e4dca6393e4b15a4\System.Data.Linq.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\caf124d5431e8d8aba046e54a8b7dea5\System.Data.Entity.Design.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\9e59bc2c8cf98cd315468ca01f68663c\System.Core.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\0618574a66f03040f765c43693bf58f6\PresentationBuildTasks.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\24f9a2d494b01bcbc6919f60a278c715\Narrator.ni.exe

+ 2012-02-15 17:39 . 2012-02-15 17:39 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\8988116626390eae76ef9e492c0e2894\MMCEx.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\e05059a258a8b75d8981f29ecd9baf72\Microsoft.VisualBasic.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ecc930a57b339ba3d126b05b2d756a01\Microsoft.PowerShell.Editor.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\8d5a4862d0e61fdd2e958fc989df3cca\Microsoft.PowerShell.Commands.Utility.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\713f3cf6037ed7047485c738934f9054\Microsoft.PowerShell.GPowerShell.ni.dll

+ 2012-02-15 17:39 . 2012-02-15 17:39 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\09516cb547f50c165051c5512c0770d3\Microsoft.PowerShell.Commands.Management.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5e550f8b6414d82551174d1dd0f8f15c\Microsoft.MediaCenter.Bml.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\551b383e39b9fedb84e25c9fc7d763ee\Microsoft.JScript.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\2ec15928bc76c2a6af54ad507c513cd4\Microsoft.Ink.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4ccd2dddff73b52cd77ecaed30075b09\Microsoft.Build.Tasks.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\35cee0a531b3136b21b2c7e2ff56b5eb\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\a22f83fa561173b77ee1215e0dfd7a76\Microsoft.Build.Engine.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\5cd9b4020f38edbdc2718884fe3e68f0\Microsoft.Build.Engine.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 7026176 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a468e7062f69218aada710149fe64a9f\WindowsLive.Writer.PostEditor.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5831e8e7ec7a294d7daf5d20ea697176\WindowsLive.Writer.CoreServices.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\57f2870b60df33107c4360c356da72b7\WindowsLive.Writer.Localization.ni.dll

+ 2012-02-15 17:31 . 2012-02-15 17:31 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\34b4db9f6a72b19fe1842e9f6fdad5b7\WindowsLive.Writer.ApplicationFramework.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\c463ccf17b00f16ed8e60a6ba1cb46e5\UIAutomationClientsideProviders.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\99f03be29e7f6de2f4bc278b83f0761b\System.WorkflowServices.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0eada94e6fc22ecdf69ec412fe7df0b9\System.Web.Mobile.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8ae9ee071050afc6dce19f5248817d66\System.Web.Extensions.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\8e4b0ae89bdfbe3eac1b79dacef4ef79\System.Speech.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0113a0162fe157bb4f0130a60bbcad1a\System.ServiceModel.Web.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\f4d8c56c790b998bd1bb971905bfae78\System.Management.Automation.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\47c2a93f42a371ac1b3756d098ac18a5\System.Data.Services.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3763b8ac5fa0a96ad5100a53b10b4449\System.Data.Services.Client.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1fe993f1045190570a2c69cb32f9d62d\System.Data.Linq.ni.dll

+ 2012-02-15 17:34 . 2012-02-15 17:34 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\932542a144496e3a9cb9155270fd4492\System.Data.Entity.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\d2c547794ac1c167fe24904e6848d5cc\PresentationBuildTasks.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\308236e39e3ad82c6b5bfa2d955735e3\Narrator.ni.exe

+ 2012-02-15 17:33 . 2012-02-15 17:33 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\b792eec16fb24a0f73ca20e1551bfcbf\MMCEx.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\44f2bd588202e6bdacf0b867c7011057\MIGUIControls.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\659bc287f3b51e5e604208ce93d983ec\Microsoft.VisualBasic.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1a6921bcfb8ade6652efb9f095b275f1\Microsoft.Transactions.Bridge.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\86fa49490bc929adf75488903f0dac4b\Microsoft.PowerShell.Editor.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\413c3be0ba8ed04984a0bb3044e0c2e0\Microsoft.PowerShell.Commands.Utility.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2f66392066352b804d8022664e7bf8de\Microsoft.PowerShell.GPowerShell.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\558d4558f0857891cf0d41d818e7b490\Microsoft.MediaCenter.UI.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\03d64144ed3ea21cbeea0c872ece14b6\Microsoft.MediaCenter.ni.dll

+ 2012-02-15 17:33 . 2012-02-15 17:33 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\09cea564f5888335ef97bd104d7e4ea6\Microsoft.JScript.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\ca0dacd1a4dc23e5d7bb3e6548282b6b\Microsoft.Ink.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\e566cc5fe7ad95b0a9fca152b335b551\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2b23923536c41d0fb8ab658f6c9a95c1\Microsoft.Build.Tasks.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b8459651fae37b63ab314350a8eff8a\Microsoft.Build.Engine.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\103b0155f85ff08fc9940bd0c3aa0128\mcstore.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\c28c1427f0691e070b77b4ad97000e4c\mcepg.ni.dll

+ 2012-01-07 04:03 . 2012-02-18 14:06 40916548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2075945034-679189341-3693907279-1000-12288.dat

- 2012-01-07 04:03 . 2012-02-15 13:26 40916548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2075945034-679189341-3693907279-1000-12288.dat

- 2012-01-08 21:48 . 2012-02-15 15:43 48737724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat

+ 2012-01-08 21:48 . 2012-02-18 21:32 48737724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat

+ 2012-02-15 22:26 . 2012-02-15 22:26 20333056 c:\windows\Installer\1142eec.msp

+ 2012-02-15 17:49 . 2012-02-15 17:49 17290752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\97347a1967260991cca95e94b5ba2d41\System.Windows.Forms.ni.dll

+ 2012-02-15 17:51 . 2012-02-15 17:51 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\49314ff27e3a21bbb1fb675a295f6571\System.ServiceModel.ni.dll

+ 2012-02-15 17:50 . 2012-02-15 17:50 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\78e35b4bf12ee4833ed720a490e958f2\System.Data.Entity.ni.dll

+ 2012-02-15 17:41 . 2012-02-15 17:41 10439168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\fcefa2871c7dc4d397ff8c6f92abf0d5\System.Core.ni.dll

+ 2012-02-15 17:43 . 2012-02-15 17:43 24406528 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\d0dddbe96a81cd6869f9643fa2809d71\PresentationFramework.ni.dll

+ 2012-02-15 17:42 . 2012-02-15 17:42 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\efb6d518bb284cdc29a96068726320c0\PresentationCore.ni.dll

+ 2012-02-15 17:37 . 2012-02-15 17:37 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\b711fe4f8f23da12b205be1d231d4e2e\System.ServiceModel.ni.dll

+ 2012-02-15 17:36 . 2012-02-15 17:36 13346816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\0816c3b4ab4f25931be80ef29db36024\System.Data.Entity.ni.dll

+ 2012-02-15 17:38 . 2012-02-15 17:38 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\e18dbed9e34d7d56cc7e2f683de12237\System.Management.Automation.ni.dll

+ 2012-02-15 17:40 . 2012-02-15 17:40 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\00b730e56986ad4f378e420fa8606395\System.Data.Entity.ni.dll

+ 2012-02-15 17:32 . 2012-02-15 17:32 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll

.

-- Snapshot reset to current date --

[Rovot]

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]

"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2010-11-07 2646128]

"F.lux"="c:\users\Guillermo\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]

"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]

"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2011-09-27 646232]

"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]

"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2011-07-25 3058304]

"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536]

.

c:\users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Guillermo\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-1-18 24246216]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-11 548528]

CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2011-3-16 217088]

Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R1 MpKsl4854c672;MpKsl4854c672;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7C9EA47A-C174-409B-B79A-A91071ADB998}\MpKsl4854c672.sys [x]

R2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\SysWOW64\adbcnsl.exe [2012-01-07 689492]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AMPPALP;Intel® Centrino® Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]

R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]

R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]

R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]

R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]

R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x]

R3 BlackBox;BlackBox SR2; [x]

R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]

R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]

R3 DIRECTIO;DIRECTIO;c:\bit_temp\DirectIo.sys [x]

R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]

R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]

R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]

S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]

S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]

S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]

S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2011-03-16 222720]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-02-09 531328]

S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]

S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]

S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]

S3 AMPPAL;Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]

S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 71503573

*Deregistered* - 71503573

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2075945034-679189341-3693907279-1000Core.job

- c:\users\Guillermo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-06 17:46]

.

2012-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2075945034-679189341-3693907279-1000UA.job

- c:\users\Guillermo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-06 17:46]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Guillermo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]

"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]

"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]

"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-26 11775592]

"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 9454920]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\guard64.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://asus.msn.com

mLocal Page = c:\windows\system32\blank.htm

Trusted Zone: intuit.com\ttlc

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:87,41,89,b1,7e,d1,cc,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,a0,f1,03,a9,de,94,44,ae,54,2b,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c8,02,88,90,34,52,3f,47,b5,1a,21,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,a0,f1,03,a9,de,94,44,ae,54,2b,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,a0,f1,03,a9,de,94,44,ae,54,2b,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,a0,f1,03,a9,de,94,44,ae,54,2b,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-02-21 18:22:44

ComboFix-quarantined-files.txt 2012-02-22 00:22

ComboFix2.txt 2012-02-15 17:57

ComboFix3.txt 2012-02-12 23:02

ComboFix4.txt 2012-02-08 12:53

ComboFix5.txt 2012-02-22 00:13

.

Pre-Run: 30,436,642,816 bytes free

Post-Run: 30,354,219,008 bytes free

.

- - End Of File - - B8681B6BD797B74B896599C545E46C94

[MrCharlie]

Please Update and run a Quick Scan with MBAM, post the report.

Please let me know if there's any difference, MrC

[Rovot]

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.22.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Guillermo :: LAPPY [administrator]

2/22/2012 10:55:47 AM

mbam-log-2012-02-22 (10-55-47).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 192429

Time elapsed: 5 minute(s), 51 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

strangely enough, MBAM doesnt detect, even when I continued to be infected

[MrCharlie]

Upload that file to VirusTotal for a free scan, let me know the results (copy back the url)

C:\Windows\TEMP\mrt6508.tmp\stdrt.exe

http://www.virustotal.com/

MrC

[Rovot]

https://www.virustotal.com/file/7d471caa3e868232fcfd75f0d32611e2b3047a47ca9c96722bf6f58918788afe/analysis/1330030514/

[MrCharlie]

Well it comes up clean, but some versions are clean and others are considered malware.

UnHackMe is reported to get rid of it if it's malware.

You can download and use it for 30 days free, I'm not familiar with the program but I've given you a link to download it and also how to use it.

So if it's malware this program should get it:

http://greatis.com/u...me/download.htm

http://greatis.com/unhackme/detail.htm

Let me know, MrC

[Rovot]

tried that program and it's a mess.

didn't get rid of it either.

[MrCharlie]

What's inside this folder:

C:\Windows\TEMP\mrt6508.tmp

---------------------------------

I have some samples of that file and it belongs to Windows Media Center Diagnostic Application, just scroll down to "additional information" and you'll see what it says in the link for VirusTotal you gave me.

--------------------------------------

Run this scanner:

Note: You will need to use Internet Explorer for this scan.

http://www.eset.eu/online-scanner

Tick the box next to YES, I accept the Terms of Use.

Click Start

When asked, allow the ActiveX control to install

Click Start

Make sure that the options Remove found threats and the option Scan unwanted applications is checked

Click Scan

Wait for the scan to finish

Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt

Copy and paste that log as a reply to this topic

MrC

[MrCharlie]

When you get a chance, see if this file is on you computer:

Please download SystemLook from one of the links below and save it to your Desktop.

http://jpshortstuff....temLook_x64.exe

• Double-click SystemLook.exe to run it.
  

• Copy the content of the following codebox into the main textfield:
  

:filefind
regsrv.exe 

• Click the Look button to start the scan.
  

• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  

Note: The log can also be found on your Desktop entitled SystemLook.txt

MrC

[Rovot]

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10

# end=stopped

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-02-03 01:15:56

# local_time=2012-02-02 07:15:56 (-0600, Central Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5893 16776574 66 85 30088203 79774202 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=34450

# found=0

# cleaned=0

# scan_time=1004

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2012-02-07 09:01:49

# local_time=2012-02-07 03:01:49 (-0600, Central Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=512 16777215 100 0 16305 16305 0 0

# compatibility_mode=5893 16776574 66 85 30456133 80142132 0 0

# compatibility_mode=8192 67108863 100 0 285740 285740 0 0

# scanned=212536

# found=5

# cleaned=0

# scan_time=6627

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\40f5675b-4927c0fd Java/TrojanDownloader.Agent.AC trojan (unable to clean) 00000000000000000000000000000000 I

C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\40f5675b-4927c0fd Java/TrojanDownloader.Agent.AC trojan (unable to clean) 00000000000000000000000000000000 I

D:\Downloads\kimtea.zip PHP/Kryptik.AB trojan (unable to clean) 00000000000000000000000000000000 I

D:\Downloads\FL Studio 10.0.9 XXL Bundle\flstudio_10.0.9.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I

D:\Downloads\FL Studio 10.0.9 XXL Bundle\XXL_Plugins\deckadance_1.93.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I

# version=7

# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2012-02-07 08:28:35

# local_time=2012-02-07 02:28:35 (-0600, Central Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=512 16777215 100 0 59731 59731 0 0

# compatibility_mode=5893 16776574 66 85 30499559 80185558 0 0

# compatibility_mode=8192 67108863 100 0 329166 329166 0 0

# scanned=213941

# found=4

# cleaned=0

# scan_time=4407

C:\Qoobox\Quarantine\D\av2.zip multiple threats (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\D\Downloads\kimtea.zip.vir PHP/Kryptik.AB trojan (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\D\Downloads\FL Studio 10.0.9 XXL Bundle\flstudio_10.0.9.exe.vir Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\D\Downloads\FL Studio 10.0.9 XXL Bundle\XXL_Plugins\deckadance_1.93.exe.vir Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I

esets_scanner_update returned -1 esets_gle=53251

# version=7

# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10

# end=stopped

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-02-07 10:37:19

# local_time=2012-02-07 04:37:19 (-0600, Central Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=512 16777215 100 0 70841 70841 0 0

# compatibility_mode=5893 16776574 66 85 30510669 80196668 0 0

# compatibility_mode=8192 67108863 100 0 340276 340276 0 0

# scanned=35960

# found=0

# cleaned=0

# scan_time=1021

esets_scanner_update returned -1 esets_gle=53251

ESETSmartInstaller@High as downloader log:

all ok

esets_scanner_update returned -1 esets_gle=53251

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-02-08 01:11:17

# local_time=2012-02-07 07:11:17 (-0600, Central Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=512 16777215 100 0 77469 77469 0 0

# compatibility_mode=5893 16776574 66 85 30517297 80203296 0 0

# compatibility_mode=8192 67108863 100 0 346904 346904 0 0

# scanned=212863

# found=0

# cleaned=0

# scan_time=3630

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-02-15 07:43:14

# local_time=2012-02-15 01:43:14 (-0600, Central Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=512 16777215 100 0 749519 749519 0 0

# compatibility_mode=3073 16777213 80 71 0 6731310 0 0

# compatibility_mode=5893 16776574 66 85 31189347 80875346 0 0

# compatibility_mode=8192 67108863 100 0 1018954 1018954 0 0

# scanned=212719

# found=0

# cleaned=0

# scan_time=3097

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=5d8cf2a0a42dd241b16d9e6c43923f10

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-02-24 03:29:53

# local_time=2012-02-23 09:29:53 (-0600, Central Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=512 16777215 100 0 1468520 1468520 0 0

# compatibility_mode=3073 16777213 80 71 105992 7450311 0 0

# compatibility_mode=5893 16776574 66 85 31908348 81594347 0 0

# compatibility_mode=8192 67108863 100 0 1737955 1737955 0 0

# scanned=224765

# found=0

# cleaned=0

# scan_time=3295

[Rovot]

SystemLook 30.07.11 by jpshortstuff

Log created at 22:21 on 23/02/2012 by Guillermo

Administrator - Elevation successful

========== filefind ==========

Searching for "regsrv.exe"

No files found.

-= EOF =-

[MrCharlie]

You know you had a topic started here with igringo_pr:_pr's

http://www.bleepingc...opic441153.html

Why didn't you stick with it?? MrC

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!