Computer Hope
Software => Computer viruses and spyware => Topic started by: zulubanshee on August 28, 2013, 07:13:37 PM
-
The iPumper virus was installed on my machine and that was when the problem started. I have already tried to get rid of it myself. Here are my vital statistics:
Step1. Ran CCleaner slim
Step2. ADWCleaner
# AdwCleaner v3.001 - Report created 28/08/2013 at 21:01:25
# Updated 24/08/2013 by Xplode
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : doug - DOUG-PC
# Running from : C:\Users\doug\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\ProgramData\apn
[!] Folder Deleted : C:\ProgramData\DealPlyLive
[!] Folder Deleted : C:\ProgramData\PC Optimizer Pro
[!] Folder Deleted : C:\Program Files (x86)\Conduit
[!] Folder Deleted : C:\Program Files (x86)\DealPlyLive
[!] Folder Deleted : C:\Program Files (x86)\Desk 365
[!] Folder Deleted : C:\Program Files (x86)\Common Files\337
[!] Folder Deleted : C:\Program Files\Updater By SweetPacks
[!] Folder Deleted : C:\Users\doug\AppData\Local\Bundled software uninstaller
[!] Folder Deleted : C:\Users\doug\AppData\Local\Conduit
[!] Folder Deleted : C:\Users\doug\AppData\Local\cre
[!] Folder Deleted : C:\Users\doug\AppData\Local\DealPlyLive
[!] Folder Deleted : C:\Users\doug\AppData\Local\TempDir
[!] Folder Deleted : C:\Users\doug\AppData\LocalLow\Conduit
[!] Folder Deleted : C:\Users\doug\AppData\LocalLow\PriceGong
[!] Folder Deleted : C:\Users\doug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
[!] Folder Deleted : C:\Users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\jetpack
[!] Folder Deleted : C:\Users\doug\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\22find.xml
File Deleted : C:\Users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\user.js
File Deleted : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\doug\Desktop\!\Internet\Google Chrome.lnk
Shortcut Disinfected : C:\Users\doug\Desktop\!\Internet\Internet Explorer.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\doug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\Users\doug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\doug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Shortcut Disinfected : C:\Users\doug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\doug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\dealplylive
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKLM\Software\dealplylive
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Desk 365
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16502
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v23.0.1 (en-US)
[ File : C:\Users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\prefs.js ]
-\\ Google Chrome v29.0.1547.57
[ File : C:\Users\doug\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [12777 octets] - [28/08/2013 20:54:28]
AdwCleaner[S0].txt - [9631 octets] - [28/08/2013 21:01:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9691 octets] ##########
-------------------------------------------------------------------------------------------------------------------------------------------------------------
I ran this a couple of days ago.
Malwarebytes
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.08.29.01
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
doug :: DOUG-PC [administrator]
8/28/2013 9:24:14 PM
mbam-log-2013-08-28 (21-24-14).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 254479
Time elapsed: 9 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
--------------------------------------------------------------------------
Security Check
Results of screen317's Security Check version 0.99.73
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````[/u]
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 25
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Adobe Flash Player 11.8.800.94
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox (23.0.1)
Mozilla Thunderbird (17.0.6)
Google Chrome 28.0.1500.95
Google Chrome 29.0.1547.57
````````Process Check: objlist.exe by Laurent````````[/u]
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 8 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````[/u]
--------------------------------------------------------------------------------------------------------------
hijack thi
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:57:43 PM, on 8/28/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
FIREFOX: 23.0.1 (en-US)
Boot mode: Normal
Running processes:
C:\Windows\MHotKey.exe
C:\Windows\ChiFuncExt.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\KeePass Password Safe\KeePass.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\doug\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Users\doug\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Users\doug\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
O4 - HKLM\..\Run: [KiesTrayAgent] "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Pidgin] C:\Program Files (x86)\Pidgin\pidgin.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [KeePass Password Safe] "C:\Program Files (x86)\KeePass Password Safe\KeePass.exe"
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [SansaDispatch] C:\Users\doug\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - Startup: Dropbox.lnk = doug\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {EBF1BFCB-F60B-4DCB-9C96-E53C543CB645} (ALM Platfrom Loader v11) - http://www.ivienterprise.com:8080/qcbin/ALM-Platform-Loader.11.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{69DE6067-93A0-4FFF-AD69-C6EE7006F35F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{69DE6067-93A0-4FFF-AD69-C6EE7006F35F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{69DE6067-93A0-4FFF-AD69-C6EE7006F35F}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrlAPI - Unknown owner - C:\cygwin\bin\cygrunsrv.exe
O23 - Service: CYGWIN cygserver (cygserver) - Unknown owner - C:\cygwin\bin\cygrunsrv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
--
End of file - 12763 bytes
-
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Total Fragmentation on Drive C: 8 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
Please do not ignore this warning and defrag your hard drive soon. If you need help doing this, please let me know. (SSD means Solid State Drive)
Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.
•Warning! Once the scan is complete JRT will shut down your browser with NO warning.
•Shut down your protection software now to avoid potential conflicts.
•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this (http://www.bleepingcomputer.com/forums/topic114351.html) link to see a list of security programs that should be disabled and how to disable them.
•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete depending on your system's specifications.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Copy and Paste the JRT.txt log into your next message.
*********************************************
Download Combofix from any of the links below, and save it to your DESKTOP.
If your version of Windows defaults to you download folder you will need to copy it to your desktop.
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)
To prevent your anti-virus application interfering with ComboFix we need to disable it. See here (http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications-4.html) for a tutorial regarding how to do so if you are unsure.
- Close any open windows and double click ComboFix.exe to run it.
You will see the following image:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_disclaimer_ENG.png)
Click I Agree to start the program.
ComboFix will then extract the necessary files and you will see this:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_extraction.png)
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7
It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
If you did not have it installed, you will see the prompt below. Choose YES.
(http://i424.photobucket.com/albums/pp322/digistar/RcAuto1.gif)
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
(http://i424.photobucket.com/albums/pp322/digistar/whatnext.png)
Click on Yes, to continue scanning for malware.
When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.
Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Windows (TM) Vista Home Premium x64
Ran by doug on Thu 08/29/2013 at 20:16:14.85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 08/29/2013 at 20:27:46.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
This one I may have to do over^^^
I went in to turn of windows defender and it said that it was already shut off, which is somewhat alarming because I didn't shut it down and the green icon can be seen in the tray. So I killed that process in the task manager to be sure
So when I ran combofix, it said that MSE is still running. Will restart and resume in a moment.
-
ComboFix 13-08-29.02 - doug 08/29/2013 20:41:42.2.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.7934.5887 [GMT -4:00]
Running from: c:\users\doug\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-07-28 to 2013-08-30 )))))))))))))))))))))))))))))))
.
.
2013-08-30 01:07 . 2013-08-30 01:07 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-08-30 01:07 . 2013-08-30 01:07 -------- d-----w- c:\users\doug taylor\AppData\Local\temp
2013-08-30 01:07 . 2013-08-30 01:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-30 01:07 . 2013-08-30 01:07 -------- d-----w- c:\users\AppData\AppData\Local\temp
2013-08-30 00:12 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7B47534C-677A-4F27-846B-C0986E49E32E}\mpengine.dll
2013-08-29 23:23 . 2013-08-29 23:23 -------- d-----w- c:\windows\ERUNT
2013-08-29 00:54 . 2013-08-29 01:01 -------- d-----w- C:\AdwCleaner
2013-08-28 18:48 . 2013-08-28 18:48 -------- d-----w- c:\users\doug\AppData\Roaming\webex
2013-08-28 18:46 . 2013-08-28 18:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-28 15:18 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-28 15:15 . 2013-08-02 14:06 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-28 15:15 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-08-25 19:51 . 2013-08-25 19:51 -------- d-----w- c:\users\doug\{fae33a4d-6b95-46a1-a648-2d889c683668}
2013-08-25 17:21 . 2013-08-30 00:21 -------- d-----w- c:\users\doug\AppData\Local\GC
2013-08-25 17:21 . 2013-08-25 17:23 -------- d-----w- c:\program files (x86)\GC
2013-08-23 12:12 . 2013-08-23 12:08 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E3A91BF9-E79F-4552-A17D-64CD3D4219D5}\gapaengine.dll
2013-08-15 20:42 . 2013-08-15 20:43 -------- d-----w- c:\program files\jEdit
2013-08-15 20:38 . 2013-08-15 20:38 -------- d-----w- c:\users\doug\AppData\Roaming\KDE
2013-08-15 20:38 . 2013-08-15 20:38 -------- d-----w- c:\programdata\KDE
2013-08-14 13:58 . 2013-07-25 02:25 104448 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-08-14 13:58 . 2013-07-25 02:25 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2013-08-14 13:58 . 2013-07-25 03:30 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2013-08-14 13:58 . 2013-07-25 02:25 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2013-08-14 13:58 . 2013-07-25 03:30 887808 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2013-08-14 13:58 . 2013-07-25 03:54 17830400 ----a-w- c:\windows\system32\mshtml.dll
2013-08-14 13:58 . 2013-07-25 03:35 10926080 ----a-w- c:\windows\system32\ieframe.dll
2013-08-03 07:25 . 2013-08-03 07:25 -------- d-----w- c:\users\doug\{c0b32ba0-31e7-444e-bbf5-b68d442169c6}
2013-08-03 06:34 . 2013-06-21 00:07 203672 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-08-03 06:34 . 2013-06-21 00:07 103448 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-08-01 15:21 . 2013-08-01 15:21 57096 ----a-w- c:\windows\system32\certsentry.dll
2013-08-01 15:21 . 2013-08-01 15:21 48392 ----a-w- c:\windows\SysWow64\certsentry.dll
2013-08-01 15:21 . 2013-08-01 15:21 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-28 18:45 . 2012-06-24 14:54 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-08-28 18:45 . 2010-05-16 18:32 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-21 16:36 . 2012-04-13 14:55 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-21 16:36 . 2011-05-22 15:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-14 14:08 . 2006-11-02 12:35 78161360 ----a-w- c:\windows\system32\mrt.exe
2013-07-18 15:58 . 2013-03-12 10:28 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-07-08 04:16 . 2013-08-14 01:00 43008 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-07 02:47 . 2013-07-07 01:56 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-07-07 02:01 . 2013-07-07 02:01 53248 ----a-r- c:\users\doug\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-07-05 23:46 . 2013-07-05 23:46 47496 ----a-w- c:\windows\system32\sbbd.exe
2013-07-05 23:46 . 2013-07-05 23:46 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-06-19 01:50 . 2013-06-19 01:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-19 01:50 . 2012-08-31 03:03 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-11 15:58 . 2013-06-11 15:58 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-11 15:58 . 2013-06-11 21:46 311200 ----a-w- c:\windows\system32\javaws.exe
2013-06-11 15:58 . 2013-06-11 21:46 188832 ----a-w- c:\windows\system32\javaw.exe
2013-06-11 15:58 . 2013-06-11 21:46 188320 ----a-w- c:\windows\system32\java.exe
2013-06-11 15:58 . 2012-09-24 20:34 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-11 15:58 . 2012-09-24 20:34 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-04 13:15 . 2013-06-04 13:15 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2013-06-04 13:15 . 2013-06-04 13:15 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-06-04 02:03 . 2013-07-11 15:24 2775040 ----a-w- c:\windows\system32\win32k.sys
2013-06-01 04:19 . 2013-07-11 15:25 619008 ----a-w- c:\windows\system32\qedit.dll
2013-06-01 04:06 . 2013-07-11 15:25 505344 ----a-w- c:\windows\SysWow64\qedit.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2013-03-03 . 2ACCAA3C3C55370A32F17B3595E1A217 . 1513320 . . [6.0.6002.18799] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_041dfd72d2b022fb\ntfs.sys
[7] 2013-03-03 . AED552361D97B9C49D51902B70CE713D . 1501032 . . [6.0.6002.23070] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_04b41183ebc5d73d\ntfs.sys
[7] 2009-04-11 . BAC869DFB98E499BA4D9BB1FB43270E1 . 1515496 . . [6.0.6002.18005] .. c:\windows\erdnt\cache64\ntfs.sys
[7] 2009-04-11 . BAC869DFB98E499BA4D9BB1FB43270E1 . 1515496 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_047b3e4cd26ad615\ntfs.sys
[7] 2008-01-21 . FE86BA5AC3B50E2CA911E9C60C07B638 . 1540152 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_028fc540d5490ac9\ntfs.sys
[7] 2013-03-03 . 2ACCAA3C3C55370A32F17B3595E1A217 . 1513320 . . [6.0.6000.16386] .. c:\windows\system32\drivers\ntfs.sys
.
[7] 2013-07-05 . C2CB949645C299E23FBFD26CAD3FC96E . 1423808 . . [6.0.6002.18880] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_10ccb5401c2ac785\tcpip.sys
[7] 2013-07-05 . EA8623BDD511A1ACD18DA4883860ADDE . 1417664 . . [6.0.6002.23152] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_11789c6b352e7693\tcpip.sys
[7] 2013-05-08 . C7C60777592EEF169A11647AAE7A91C3 . 1423720 . . [6.0.6002.18835] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_1107c64e1bfdba83\tcpip.sys
[7] 2013-05-08 . 19A5E570048788BE9343FA96C15CEF6F . 1417576 . . [6.0.6002.23106] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_11b2ad2f3502503a\tcpip.sys
[7] 2013-01-04 . 0E970F59D7FBB838316176B19A2ADB82 . 1423720 . . [6.0.6002.18764] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_10e6545a1c16f7d8\tcpip.sys
[7] 2013-01-04 . 2860D16C5021F72130212DDB1C53018F . 1417576 . . [6.0.6002.23013] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_11a4da7f350d22ff\tcpip.sys
[7] 2012-03-30 . AC8D5728E6AD6A7C4819D9A67008337A . 1422720 . . [6.0.6002.22828] .. c:\windows\erdnt\cache64\tcpip.sys
[7] 2012-03-30 . 46D448E9117464E4D3BBF36D7E3FA48E . 1423744 . . [6.0.6002.18604] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_112731fc1be6530b\tcpip.sys
[7] 2012-03-30 . AC8D5728E6AD6A7C4819D9A67008337A . 1422720 . . [6.0.6002.22828] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_119f31fd35108d3a\tcpip.sys
[7] 2011-09-20 . 2CC45D932BD193CD4117321D469AD6B2 . 1426304 . . [6.0.6002.18519] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_1121619c1be9f088\tcpip.sys
[7] 2011-09-20 . 73BED5067ED53A9DF05FA8EAB42578D0 . 1423744 . . [6.0.6002.22719] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_11ab004d35078d79\tcpip.sys
[7] 2011-06-17 . 4DAD14118FBCF7C609F2A4CE21FBCC5F . 1427344 . . [6.0.6002.18484] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_10d0aed01c273845\tcpip.sys
[7] 2011-06-17 . 19A7321E3A5F1DDB215D2815DCC8F8E4 . 1424272 . . [6.0.6002.22662] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_116decc535366aa6\tcpip.sys
[7] 2010-06-16 . D43D5336BE9DD93E02EE124297295713 . 1414544 . . [6.0.6001.22713] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[7] 2010-06-16 . 0011810B5211FDACD784DE585262ECFE . 1424264 . . [6.0.6002.22425] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[7] 2010-06-16 . 973658A2EA9C06B2976884B9046DFC6C . 1426816 . . [6.0.6002.18272] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[7] 2010-06-16 . 7D86275FB640011B372FD566C0EAFA8D . 1420176 . . [6.0.6001.18493] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[7] 2010-04-06 . 150C1A66A7094F84560519261A309BC6 . 1423752 . . [6.0.6002.22377] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_11681899353a0dd5\tcpip.sys
[7] 2010-04-05 . 8E7CD6BA2F09B46CE72D308F166C0B12 . 1414024 . . [6.0.6001.22665] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_0f8a7609380d6a12\tcpip.sys
[7] 2010-02-18 . 4680D08A2E8A2509CD9B751D7AF59606 . 1414032 . . [6.0.6001.22636] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[7] 2013-07-05 . EA8623BDD511A1ACD18DA4883860ADDE . 1417664 . . [6.0.6002.23152] .. c:\windows\system32\drivers\tcpip.sys
.
[7] 2013-07-08 . 5AAC48EAF8EACF247DB44FB61B900D89 . 174592 . . [6.0.6002.18881] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_d3af3c9c5092edcf\cryptsvc.dll
[7] 2013-07-08 . C848E7E63A1A56F092AF5C6032048BD6 . 177664 . . [6.0.6002.23154] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_d45c24116995b634\cryptsvc.dll
[7] 2013-04-24 . 1B22BC0B71F65001479DAB792C3F626C . 174592 . . [6.0.6002.18831] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_d3e54c38506a621a\cryptsvc.dll
[7] 2013-04-24 . F47B316D81160CB2A0BC5F87046B6EFE . 177664 . . [6.0.6002.23101] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_d48f32cf696fde7a\cryptsvc.dll
[7] 2013-04-17 . 6D151DA5731286E52FD2D40DCB8623DB . 174592 . . [6.0.6002.18827] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_d3f61de0505cde33\cryptsvc.dll
[7] 2013-04-17 . F4F2EB4634C783874EFA0516BF3D088F . 177664 . . [6.0.6002.23097] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_d433e35969b374d6\cryptsvc.dll
[7] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6002.18643] .. c:\windows\erdnt\cache64\cryptsvc.dll
[7] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6002.18643] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_d3dc79145070b66b\cryptsvc.dll
[7] 2012-06-01 . 256B8B96B83AEA5213EE90782446DA38 . 177664 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_d45679a969992348\cryptsvc.dll
[7] 2012-04-23 . 62740B9D2A137E8CED41A9E4239A7A31 . 174592 . . [6.0.6002.18618] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_d401ea4a5053e14b\cryptsvc.dll
[7] 2012-04-23 . DD9C01648A6455278A441775CA59E2FD . 177664 . . [6.0.6002.22840] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_d46316e769910757\cryptsvc.dll
[7] 2009-04-11 . 18918613E63F387CDE4D95CA7D49DCF7 . 166912 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[7] 2008-01-21 . 4374F784121D8B3BB466B03F5E5EBD33 . 165376 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[7] 2013-07-08 . 5AAC48EAF8EACF247DB44FB61B900D89 . 174592 . . [6.0.6000.16386] .. c:\windows\system32\cryptsvc.dll
.
[7] 2013-07-25 . EEC97B8A669093E4797ECD0B56DFEC51 . 17832960 . . [9.00.8112.20613] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20613_none_2feb5841317ee612\mshtml.dll
[7] 2013-07-25 . 7D9371E3C8CF927D0A2A1D9E1161C324 . 17830400 . . [9.00.8112.16502] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16502_none_2f6b8b18185a1100\mshtml.dll
[7] 2013-05-29 . 34426D52FBA4F3E31739DB840D2601AD . 17829376 . . [9.00.8112.16496] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16496_none_2f0e3b0e189f74ae\mshtml.dll
[7] 2013-05-29 . 04EFE9DFE4F0318DED06B47479026706 . 17831424 . . [9.00.8112.20606] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20606_none_2ff9290b31741626\mshtml.dll
[7] 2013-05-17 . A820869140978CCAF33CF7770EEE19F5 . 17824768 . . [9.00.8112.16490] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16490_none_2f08395218a4dca4\mshtml.dll
[7] 2013-05-17 . CD451FEE119B7557633039CA39290331 . 17824768 . . [9.00.8112.20600] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20600_none_2ff3274f31797e1c\mshtml.dll
[7] 2013-05-05 . E139A28843F52F383D414BF0AAEF6CE4 . 17819136 . . [9.00.8112.20594] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20594_none_2f95d74531bee1ca\mshtml.dll
[7] 2013-05-05 . 7212340908E00AD2F28E58EA04CEB852 . 17818624 . . [9.00.8112.16484] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16484_none_2f170a661899260f\mshtml.dll
[7] 2013-04-05 . F63D8615292792D36EDF24913636685D . 17818624 . . [9.00.8112.16483] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16483_none_2f160a1c189a0cb8\mshtml.dll
[7] 2013-04-05 . 43FEF944FF64BE0354A5C129C98EB13D . 17818624 . . [9.00.8112.20593] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20593_none_2f94d6fb31bfc873\mshtml.dll
[7] 2013-02-22 . 0E860BF2BCDDD94202A6AB9A10EE95EB . 17817600 . . [9.00.8112.20586] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20586_none_2fa2a7c531b4f887\mshtml.dll
[7] 2013-02-22 . 1154FEFC73880A2EF44295EF0DBDC59F . 17817088 . . [9.00.8112.16476] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16476_none_2f23dae6188f3ccc\mshtml.dll
[7] 2013-02-02 . 1CD82D510D370CB04BB6BD1C660AA96F . 17815040 . . [9.00.8112.20580] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20580_none_2f9ca60931ba607d\mshtml.dll
[7] 2013-02-02 . 460723A080D6F22E56D45BC8C1F15B2A . 17815040 . . [9.00.8112.16470] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16470_none_2f1dd92a1894a4c2\mshtml.dll
[7] 2013-01-09 . 14DEB733ACB08A71CC0783ED02FF1F8D . 17812992 . . [9.00.8112.16464] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16464_none_2f2caa3e1888ee2d\mshtml.dll
[7] 2013-01-09 . B6C5BC6D4E1D79CB8DF107112A9F37CB . 17814528 . . [9.00.8112.20573] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20573_none_2faa76d331af9091\mshtml.dll
[7] 2012-11-14 . CFF3C4ABDCC5356B0674743BDF0FB674 . 17811968 . . [9.00.8112.16457] .. c:\windows\erdnt\cache64\mshtml.dll
[7] 2012-11-14 . CFF3C4ABDCC5356B0674743BDF0FB674 . 17811968 . . [9.00.8112.16457] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16457_none_2f3a7b08187e1e41\mshtml.dll
[7] 2012-11-14 . 5024CACD183E4C0FCCDE6DB8A38EEC7B . 17811968 . . [9.00.8112.20565] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20565_none_2fb7475331a5a74e\mshtml.dll
[7] 2013-07-25 . 7D9371E3C8CF927D0A2A1D9E1161C324 . 17830400 . . [9.00.8112.16421] .. c:\windows\system32\mshtml.dll
.
[7] 2013-07-25 . EF560100034BF6C78A979BBB0FF9641C . 1392640 . . [9.00.8112.20613] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_1e913922b1287cdc\wininet.dll
[7] 2013-07-25 . CA87556BBA37D1B4F67C331186618673 . 1392128 . . [9.00.8112.16502] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_1e116bf99803a7ca\wininet.dll
[7] 2013-05-29 . 5536F6E7B74DA37D3EDBB509DE9CE3F5 . 1392128 . . [9.00.8112.16496] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_1db41bef98490b78\wininet.dll
[7] 2013-05-29 . 6B1D554302FB8A5601D972177D7A866D . 1392640 . . [9.00.8112.20606] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_1e9f09ecb11dacf0\wininet.dll
[7] 2013-05-17 . 4FBE96D97A1E070A06F76F67255C756D . 1392128 . . [9.00.8112.16490] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_1dae1a33984e736e\wininet.dll
[7] 2013-05-17 . 5548A99796DB5DDAA32ED9B53BC3AADC . 1392640 . . [9.00.8112.20600] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_1e990830b12314e6\wininet.dll
[7] 2013-04-05 . 563C71A913CAC0C3DE5FFCD36EDB43A0 . 1392128 . . [9.00.8112.16483] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_1dbbeafd9843a382\wininet.dll
[7] 2013-04-04 . 7FD2D2BE22F9A319AB2FD23DD2C9968A . 1392640 . . [9.00.8112.20593] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_1e3ab7dcb1695f3d\wininet.dll
[7] 2013-02-22 . E6A459C8E90C4A873C923C44F3D9510B . 1392640 . . [9.00.8112.20586] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_1e4888a6b15e8f51\wininet.dll
[7] 2013-02-22 . A4F6142CABA82FB7293ECE5FF864B440 . 1392128 . . [9.00.8112.16476] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_1dc9bbc79838d396\wininet.dll
[7] 2013-02-02 . 4E0669B513805A7C2A303C8EDEDC8E03 . 1392128 . . [9.00.8112.20580] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_1e4286eab163f747\wininet.dll
[7] 2013-02-02 . FA274190682AA41A46B285208ED46A74 . 1392128 . . [9.00.8112.16470] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_1dc3ba0b983e3b8c\wininet.dll
[7] 2013-01-09 . 435E9C764E1EF70058580996452BE6A2 . 1392128 . . [9.00.8112.16464] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_1dd28b1f983284f7\wininet.dll
[7] 2013-01-08 . 43A6A68F1F41B13CA4D580D40DFA57EE . 1392128 . . [9.00.8112.20573] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_1e5057b4b159275b\wininet.dll
[7] 2012-11-14 . 5121DB613E10A46A3C5085B479026AA7 . 1392128 . . [9.00.8112.16457] .. c:\windows\erdnt\cache64\wininet.dll
[7] 2012-11-14 . 5121DB613E10A46A3C5085B479026AA7 . 1392128 . . [9.00.8112.16457] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_1de05be99827b50b\wininet.dll
[7] 2012-11-14 . 5CAF48F12E8CBD96D520F4EFD5B97F76 . 1392128 . . [9.00.8112.20565] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_1e5d2834b14f3e18\wininet.dll
[7] 2012-10-04 . 78ECC235E21DF618234E5CC451E1DBBB . 1392128 . . [9.00.8112.16455] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_1dde5b559829825d\wininet.dll
[7] 2012-10-04 . 40E71E30D6FCFC01AC58C6C4F2578357 . 1392128 . . [9.00.8112.20562] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_1e5a2756b151f213\wininet.dll
[7] 2012-08-24 . 3D165C53E40236A68B7102D1A622D4E0 . 1392128 . . [9.00.8112.16450] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_1dd959e3982e03aa\wininet.dll
[7] 2012-08-24 . 456D4E9006DF149C250D40B813290471 . 1392128 . . [9.00.8112.20557] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_1e69f8b4b14554d5\wininet.dll
[7] 2012-06-28 . 807CAA713A27CDF8ABE91BC367DBB269 . 1392128 . . [9.00.8112.16448] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_1dec2c1f981eb271\wininet.dll
[7] 2012-06-28 . 7BE278BB0CC3DF017DEC2610D1EA228A . 1392128 . . [9.00.8112.20554] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_1e66f7d6b14808d0\wininet.dll
[7] 2012-06-02 . 5A45FA344F4AD99D903F4B20E43B89EC . 1392128 . . [9.00.8112.16447] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_1deb2bd5981f991a\wininet.dll
[7] 2012-06-02 . 571E809181EBF0A04FEFAA9BC9961F5B . 1392128 . . [9.00.8112.20553] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_1e65f78cb148ef79\wininet.dll
[7] 2012-05-18 . 870ECFEBD41C7B8F9C6777748368D51F . 1392128 . . [9.00.8112.16446] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_1dea2b8b98207fc3\wininet.dll
[7] 2012-05-18 . BDC16D105BF011D4B1C3F09CF7A64314 . 1392128 . . [9.00.8112.20551] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_1e63f6f8b14abccb\wininet.dll
[7] 2012-02-28 . 228443FF3A1FB0B974D278F7C6403FAD . 1390080 . . [9.00.8112.16443] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_1de72aad982333be\wininet.dll
[7] 2012-02-28 . B70CDC073F70E6D082A62AB5880D6B07 . 1390080 . . [9.00.8112.20548] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_1e75c8eab13c523b\wininet.dll
[7] 2011-12-14 . B1AC85B6ADC005CF3F9EB4E28DFDCCE6 . 1390080 . . [9.00.8112.16441] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_1de52a1998250110\wininet.dll
[7] 2011-12-14 . C2FA4DBD6BB91D1AFD7D155120654AB9 . 1390080 . . [9.00.8112.20546] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20546_none_1e73c856b13e1f8d\wininet.dll
[7] 2011-11-04 . 244D45F786E33C169A93F70BA63BABF8 . 1390080 . . [9.00.8112.20544] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20544_none_1e71c7c2b13fecdf\wininet.dll
[7] 2011-11-04 . 69151E566295E5A977FE71FFAFD3B3F8 . 1390080 . . [9.00.8112.16440] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_1de429cf9825e7b9\wininet.dll
[7] 2011-09-01 . 271E8FB1354AA205A214F280A6766E30 . 1389056 . . [9.00.8112.16437] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16437_none_1df5fbc198177d29\wininet.dll
[7] 2011-09-01 . 1B2D2D8E611DE70CEB13F104D39814BA . 1389056 . . [9.00.8112.20537] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20537_none_1e7f988cb1351cf3\wininet.dll
[7] 2011-07-22 . 0732B49B250E306F7A6591029AF9885B . 1389056 . . [9.00.8112.16434] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16434_none_1df2fae3981a3124\wininet.dll
[7] 2011-07-22 . 1A5A6898E90546B476D4E8A56626FC96 . 1389056 . . [9.00.8112.20534] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20534_none_1e7c97aeb137d0ee\wininet.dll
[7] 2011-05-27 . 1BF2BCC7E3C26FD4C8EF0C9EFB0CC25D . 1389056 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16421_none_1dfac9f19814c92e\wininet.dll
[7] 2011-02-22 . E3B43B82F025BC3B23DFDE66A4A026F2 . 1150976 . . [8.00.6001.23143] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_4151eaae893949ee\wininet.dll
[7] 2011-02-22 . 749C440784B33BC358C8D633AE64A657 . 1147904 . . [8.00.6001.19048] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_40cd4f55701728d7\wininet.dll
[7] 2010-12-18 . 6458A6B10895B0F9E63A6ACB04F2102A . 1150976 . . [8.00.6001.23111] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_417059de8922c36d\wininet.dll
[7] 2010-12-18 . B3365860010DEB30446625E333E9E1CC . 1147904 . . [8.00.6001.19019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_40eebf636ffdee5b\wininet.dll
[7] 2010-11-02 . 63B2D6E23FC6115EA8864C7DC4DC3E00 . 1150976 . . [8.00.6001.23091] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_4119d8988963a5ce\wininet.dll
[7] 2010-11-02 . 7C39BB00E4B011575C345EE1914172E4 . 1147904 . . [8.00.6001.18999] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_409867e1703e9aa1\wininet.dll
[7] 2010-09-08 . B09ACB639AA914378B33E0585EA5C44F . 1150464 . . [8.00.6001.23067] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_41404a188945ea05\wininet.dll
[7] 2010-09-08 . 6BF6EDCB40B6928BB49FEC83C8B24AF1 . 1147904 . . [8.00.6001.18975] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_40aa06917031fd63\wininet.dll
[7] 2010-05-04 . AC03101534D7E281436D19D6AD366BD5 . 1150976 . . [8.00.6001.23019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_41785a48891b90fe\wininet.dll
[7] 2010-05-04 . B59C26C9A03B661E572C137368E3BD71 . 1147904 . . [8.00.6001.18928] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_40e3170b7006bdb3\wininet.dll
[7] 2010-02-23 . 2F7F1BB11E62BA2E3170B6A6B847DF3D . 1150976 . . [8.00.6001.22995] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_411e019e895fd7e8\wininet.dll
[7] 2010-02-23 . A1CDFFE798DA1EBF3479F87F96482160 . 1147904 . . [8.00.6001.18904] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_40f4b5bb6ffa2075\wininet.dll
[7] 2010-01-02 . 305732FEE113625C4F410878786B043B . 1147904 . . [8.00.6001.22973] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_4131a0e289516d58\wininet.dll
[7] 2010-01-02 . EDAF8EE6D81BE3FCCC8B375431D8559C . 1147904 . . [8.00.6001.18882] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_409c33e1703cd028\wininet.dll
[7] 2009-11-21 . 3958F2ACD7C145882861B0CCF9167B8D . 1147904 . . [8.00.6001.22956] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_414a4198893e817b\wininet.dll
[7] 2009-11-21 . 8A0346910DF96622B82E3411BC6DBB72 . 1147904 . . [8.00.6001.18865] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_40b4d4977029e44b\wininet.dll
[7] 2009-08-27 . EDBD07D91010DD925EB352DA66914D98 . 1147904 . . [8.00.6001.22918] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_417781dc891c4465\wininet.dll
[7] 2009-08-27 . CE0D70556096DE3BB8319E75E03E3744 . 1147904 . . [8.00.6001.18828] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_40e315257006c08c\wininet.dll
[7] 2009-07-22 . 5EFC9526905C57907BFD1295DA41BFB8 . 1146880 . . [8.00.6001.22903] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_417d50568918a9c1\wininet.dll
[7] 2009-07-21 . DC6AB393A9C7BCC24C55DBDCEE1033BD . 1146880 . . [8.00.6001.18813] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_40e8e39f700325e8\wininet.dll
[7] 2009-05-12 . AD09F2CDAD189EB379E6B457F3809C92 . 1146368 . . [8.00.6001.22874] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_41329f4689508988\wininet.dll
[7] 2009-05-09 . 18A01A9307257637D8FB4FA86F4A689F . 1146368 . . [8.00.6001.18783] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_409d3245703bec58\wininet.dll
[7] 2009-04-24 . 6FC180D7D8B72C96766F854FCD2CAA5B . 1023488 . . [7.00.6000.16851] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_5bec44d55d319185\wininet.dll
[7] 2009-04-24 . BEF933C0CCBA89A12D24FE11E4FAF9C2 . 1025536 . . [7.00.6000.21046] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_5c858b207642c753\wininet.dll
[7] 2009-04-24 . 331453677C30BE6534FC955E252CEA3C . 1014272 . . [7.00.6001.18248] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_5de4556d5a49b7e6\wininet.dll
[7] 2009-04-24 . C1FCF4D8F9CD2A322F0C67F332A54173 . 1015296 . . [7.00.6001.22418] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_5e8e63e2734f0104\wininet.dll
[7] 2009-04-24 . 6474C9B87A44943EFBCB115352F866A0 . 1014272 . . [7.00.6002.22121] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_606303d87083c0b8\wininet.dll
[7] 2009-04-23 . 3E2312FF315A1DC8783FB327076AB671 . 1014272 . . [7.00.6002.18024] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_5fdc67eb57636cf3\wininet.dll
[7] 2009-04-11 . 1FA5623B49F69207B2E1DA94DB1C5B7D . 1014272 . . [7.00.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_5ff3080d57524e68\wininet.dll
[7] 2009-03-08 . 6BEDD690B7E6EBA0E9E193E17832372F . 1146368 . . [8.00.6001.18702] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_40f2b15b6ffbf379\wininet.dll
[7] 2009-03-03 . 34FEB009DEE9A9219B67D9AC0D90A1A7 . 1014784 . . [7.00.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_5e43b2d27386e0cb\wininet.dll
[7] 2009-03-03 . CC23CB07801611BF6081DED055F3C149 . 1013248 . . [7.00.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_5df7f4b15a3b4d56\wininet.dll
[7] 2009-03-03 . A269DC29C60D8FAF8F370D106BEAE859 . 1022976 . . [7.00.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_5c00e4635d22404c\wininet.dll
[7] 2009-03-03 . BC7CDFE7CC70BEE8F81C7AB54FE4A44D . 1024512 . . [7.00.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_5c982a1a7635436c\wininet.dll
[7] 2009-01-16 . DE2EFEAC81EE3AEF9A0A297D06DEA73C . 1014272 . . [7.00.6001.22355] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_5e60216e7372279c\wininet.dll
[7] 2009-01-15 . 4C45D9EEB15838F96D77178CD6CD4244 . 1013248 . . [7.00.6001.18203] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_5e0a93ab5a2dc96f\wininet.dll
[7] 2009-01-15 . BC8E5ED3269BF174B939B07FC167044E . 1024512 . . [7.00.6000.20996] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_5c4fa362766b1fc6\wininet.dll
[7] 2009-01-15 . A0662CC26EEDC71C8598CBD7C986B09D . 1022464 . . [7.00.6000.16809] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_5c2a56c15d01d088\wininet.dll
[7] 2008-10-16 . 8CDADEC7D01F5AE41FD9C49A7053E89B . 1013248 . . [7.00.6001.18157] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_5dd883515a52bd59\wininet.dll
[7] 2008-10-16 . 80C4706935A12EF0DC73F0D0F5A1E577 . 1014272 . . [7.00.6001.22288] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_5e42b0a27387ca4d\wininet.dll
[7] 2008-10-16 . D9E8399459565B4E8A7FF2B01CB55F8D . 1022464 . . [7.00.6000.16764] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_5be473e15d36fc54\wininet.dll
[7] 2008-10-16 . 428A8BB8016D66089CF1EFFA9970A76C . 1024512 . . [7.00.6000.20937] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_5c91833476399177\wininet.dll
[7] 2008-10-02 . 50020130D79D6829116B0F5084653271 . 1022464 . . [7.00.6000.16757] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_5bf244ab5d2c2c68\wininet.dll
[7] 2008-10-02 . FE420A633F07F015B4D6C5A90346FF5D . 1013248 . . [7.00.6001.18148] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_5de453875a49babf\wininet.dll
[7] 2008-10-02 . 0C3985837353FD84BC2E0B2FFFD75FA2 . 1014272 . . [7.00.6001.22278] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_5e4d808e737fae5c\wininet.dll
[7] 2008-10-02 . 0F2E5251DB62D7D47A553DB329DB4B4B . 1024512 . . [7.00.6000.20927] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_5c9c532076317586\wininet.dll
[7] 2008-04-25 . A549050BABB436A7F3867911D302D19F . 1013248 . . [7.00.6001.18063] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_5dc9b0575a5e76c7\wininet.dll
[7] 2008-04-25 . B2BB90B07E1B87F41A0477ED2432AFB9 . 1013248 . . [7.00.6001.22167] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_5e574e4a73787bed\wininet.dll
[7] 2008-04-25 . EEFC1D846B86CFD92865FFD255B87CFC . 1022464 . . [7.00.6000.16681] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_5bcbd1455d49eb0a\wininet.dll
[7] 2008-04-25 . CB2F683EB47B75F6E83DB0AC87DBFD9A . 1024000 . . [7.00.6000.20823] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_5c98501276351303\wininet.dll
[7] 2008-02-22 . 3CC83953BA4B51B32BD67982A1AF2AF5 . 1013760 . . [7.00.6001.18023] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_5df4f0075a3e0703\wininet.dll
[7] 2008-02-22 . E06F53F091B3567EA83308E5DDFF4094 . 1013760 . . [7.00.6001.22120] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_5e7b8bf4735e5ac8\wininet.dll
[7] 2008-02-22 . 3166E2EE2060D11A783A1B812B6F4945 . 1022976 . . [7.00.6000.20777] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_5c663fb8765a06ed\wininet.dll
[7] 2008-02-21 . 4C48ACC0299116CD22A9522D5C7CFFC4 . 1022464 . . [7.00.6000.16643] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_5bf911895d27adf4\wininet.dll
[7] 2008-01-21 . 364B631BCD934D95CCD2E373F8DD8D7C . 1011712 . . [7.00.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_5e078f015a30831c\wininet.dll
[7] 2013-07-25 . CA87556BBA37D1B4F67C331186618673 . 1392128 . . [9.00.8112.16421] .. c:\windows\system32\wininet.dll
.
[7] 2013-07-08 . 82272D72710ED6A40E9A2A2286A9BBF4 . 4691904 . . [6.0.6002.18881] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18881_none_c9e004d869e6b24e\ntoskrnl.exe
[7] 2013-07-08 . B1AAE884320029A58F72B7CE0ABBDDB2 . 4664256 . . [6.0.6002.23154] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23154_none_ca8cec4d82e97ab3\ntoskrnl.exe
[7] 2013-03-11 . 1F8B1075A863117A35EE94436E2962E7 . 4691304 . . [6.0.6002.18805] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18805_none_ca3a856069a23822\ntoskrnl.exe
[7] 2013-03-11 . 1873B95FCEAA40EC9CADF2C1BB61ABF2 . 4678504 . . [6.0.6002.23076] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23076_none_ca794b2382f7e81c\ntoskrnl.exe
[7] 2013-01-22 . B1266A731C2326EBE8E01F46F18728AC . 4681592 . . [6.0.6002.23025] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23025_none_caae5a7582d04310\ntoskrnl.exe
[7] 2013-01-05 . 8A3AB79510C3384BF14D1731DD1ED963 . 4695400 . . [6.0.6002.18765] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18765_none_c9f9a3f269d2e2a1\ntoskrnl.exe
[7] 2012-08-29 . 1A14913D51571403CF8A3941BDC3BA67 . 4699520 . . [6.0.6002.18686] .. c:\windows\erdnt\cache64\ntoskrnl.exe
[7] 2012-08-29 . 1A14913D51571403CF8A3941BDC3BA67 . 4699520 . . [6.0.6002.18686] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_c9e5027e69e236b3\ntoskrnl.exe
[7] 2012-08-29 . 34C970A45CCC0D65A4A0F8D306E12844 . 4686208 . . [6.0.6002.22920] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_caa980e182d4911b\ntoskrnl.exe
[7] 2012-04-03 . B59E026F49BF06B435795F867AD46009 . 4687232 . . [6.0.6002.22831] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_ca9faf5982dbc93c\ntoskrnl.exe
[7] 2012-04-03 . 7180984A68411B9D2F2495E03561B47E . 4699520 . . [6.0.6002.18607] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_ca3c822869a07082\ntoskrnl.exe
[7] 2012-03-06 . 98581CA6B029D491F60E32A045BC4FF1 . 4699520 . . [6.0.6002.18595] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_c9d9306269eb3c26\ntoskrnl.exe
[7] 2012-03-06 . B448C24F801DC79661E30DBC8E739DB2 . 4687744 . . [6.0.6002.22811] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_cab54f3182cb915a\ntoskrnl.exe
[7] 2011-06-20 . A26DE9288D67E4EAC2D1205043AFD430 . 4699536 . . [6.0.6002.18484] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_c9e2fe1e69e409b7\ntoskrnl.exe
[7] 2011-06-20 . D14B8C4AB6C05B89D430D3911FE2833B . 4688784 . . [6.0.6002.22662] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_ca803c1382f33c18\ntoskrnl.exe
[7] 2010-10-15 . 760A67A51D409EB396D1942D5555435C . 4692368 . . [6.0.6001.18538] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
[7] 2010-10-15 . 4065E920FB6ED05B5F62A1FB6908C6C5 . 4699024 . . [6.0.6002.18327] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
[7] 2010-10-15 . 255A6D981139EFEF605A88E003D1B2A2 . 4689808 . . [6.0.6002.22505] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
[7] 2010-10-15 . 3A22B135BC4341025E19B9ADFB26C02A . 4678032 . . [6.0.6001.22777] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
[7] 2010-06-08 . 04C706018E9F0A2C835A427A8AB6EBA1 . 4688256 . . [6.0.6002.22420] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_caa9776382d49f58\ntoskrnl.exe
[7] 2010-06-08 . 825926D6AD714A529F4069D9EBBD1D3B . 4697992 . . [6.0.6002.18267] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_c9fb9b0869d1238c\ntoskrnl.exe
[7] 2010-06-08 . CCCD9EE56C92778385A3E715DC3D5ABF . 4690832 . . [6.0.6001.18488] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_c80087ac6cba227a\ntoskrnl.exe
[7] 2010-06-08 . 31F137EEB5121654A9448904D89209A2 . 4675976 . . [6.0.6001.22707] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_c8dfa7598597c3b3\ntoskrnl.exe
[7] 2010-02-18 . AF706D838B59A6C30D8B46C5C2D9D2FD . 4411272 . . [6.0.6000.21226] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_c6e29ce788828a41\ntoskrnl.exe
[7] 2010-02-18 . 8E3658ABC4A2053DBEA37C84E416DEB5 . 4424072 . . [6.0.6000.17021] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_c653fcc46f696e9d\ntoskrnl.exe
[7] 2010-02-18 . C0EC74895F90E5E788061C7F305F57D1 . 4678032 . . [6.0.6001.22636] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_c8be356585b10108\ntoskrnl.exe
[7] 2010-02-18 . 413D579C2CDEF19CD842F4DF4A90C4ED . 4690832 . . [6.0.6001.18427] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_c84066ea6c8a617d\ntoskrnl.exe
[7] 2010-02-18 . 72FD908E7D1F176C00F1EF8F3D1445B0 . 4697992 . . [6.0.6002.18209] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_ca3e7b24699eae94\ntoskrnl.exe
[7] 2010-02-18 . AE0C10C55347383C0CD6CFF3F4794FD7 . 4690304 . . [6.0.6002.22341] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_ca94d5ef82e3f36a\ntoskrnl.exe
[7] 2009-12-08 . 6DC7FC9EB17EF1CB809AED351DE91DB9 . 4678232 . . [6.0.6001.22577] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_c893f41985d08cfc\ntoskrnl.exe
[7] 2009-12-08 . 5183EBE8114DA62A532E275CFB3729CC . 4425304 . . [6.0.6000.16973] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_c620159a6f8ff9be\ntoskrnl.exe
[7] 2009-12-08 . 46B167601033C2DB4E1A727569A8CA31 . 4412504 . . [6.0.6000.21175] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_c6ab8b1b88abff78\ntoskrnl.exe
[7] 2009-12-08 . E50C900C7F479886F26FA60ADBEE5852 . 4691032 . . [6.0.6001.18377] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_c80a55686cb2f00b\ntoskrnl.exe
[7] 2009-12-08 . 9668520760E72E1B1B9EDFB7BFB6A691 . 4698184 . . [6.0.6002.18160] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_c9f4971c69d77504\ntoskrnl.exe
[7] 2009-12-08 . CBA7366E93C4DCAA62005A177EEC2FCE . 4691528 . . [6.0.6002.22283] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_ca6b94ed830298b5\ntoskrnl.exe
[7] 2009-08-05 . 5E99FFD02816FF54247294C7C9C003B9 . 4412488 . . [6.0.6000.21101] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_c6f339678876d685\ntoskrnl.exe
[7] 2009-08-05 . C53B06CB817845873A3D32C1BAD33727 . 4425288 . . [6.0.6000.16901] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_c669c47a6f590379\ntoskrnl.exe
[7] 2009-08-05 . 043EB4B7C74C189E06584411B2C9EB8F . 4691016 . . [6.0.6001.18304] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_c85303fe6c7ce06f\ntoskrnl.exe
[7] 2009-08-05 . 0170600F2A613CE3E8CC2B66A6DC7885 . 4682824 . . [6.0.6001.22489] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_c88b22db85d6de74\ntoskrnl.exe
[7] 2009-08-05 . 0DD0FCFB9609403352FF75656826E82F . 4693576 . . [6.0.6002.22191] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_ca5ec287830c84d1\ntoskrnl.exe
[7] 2009-08-04 . 8E43DA6C8040C68446AA4B5D84C8127A . 4698168 . . [6.0.6002.18082] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_c9e0f5f269e5e26d\ntoskrnl.exe
[7] 2009-04-11 . 1B60CCC70788044404EEFBBB389FC111 . 4699608 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
[7] 2009-03-03 . 65252FED486E5BF1E384CA65C16148C7 . 4691424 . . [6.0.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_c88b20f585d6e14d\ntoskrnl.exe
[7] 2009-03-03 . ED97E8551F0B1844250ED1B07393B10D . 4692448 . . [6.0.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_c83f62d46c8b4dd8\ntoskrnl.exe
[7] 2009-03-03 . 8B3095B00E832ABFC7047A04E681CCDE . 4427232 . . [6.0.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_c64852866f7240ce\ntoskrnl.exe
[7] 2009-03-03 . CC172711FF2FCE0673321A951B02C379 . 4413936 . . [6.0.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_c6df983d888543ee\ntoskrnl.exe
[7] 2008-09-18 . 5E31190EF331709EAB9FB66C3683540B . 4694584 . . [6.0.6001.22269] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_c8a0bee785c6ac44\ntoskrnl.exe
[7] 2008-09-18 . 247A2AAF7E5189716192EE19EC6EC6FB . 4694584 . . [6.0.6001.18145] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_c828c0cc6c9c6f3c\ntoskrnl.exe
[7] 2008-09-18 . 2A87B3D380E3800BF247D82E58F0FCBA . 4429368 . . [6.0.6000.16754] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_c636b1f06f7ee0e5\ntoskrnl.exe
[7] 2008-09-18 . EFAAC7A874B65DF3F26B5092291D4859 . 4416056 . . [6.0.6000.20921] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_c6ddbf878886ddfe\ntoskrnl.exe
[7] 2008-04-26 . 6DEA6827709FC6F047580111651DFF02 . 4694584 . . [6.0.6001.18063] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_c8111e7a6cae7749\ntoskrnl.exe
[7] 2008-04-26 . A1DC0EFF401FE35688F1046F10BEE5BF . 4694584 . . [6.0.6001.22167] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_c89ebc6d85c87c6f\ntoskrnl.exe
[7] 2008-01-21 . 6760643D6400CA78640E9DD3824115B1 . 4694072 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_c84efd246c80839e\ntoskrnl.exe
[7] 2013-07-08 . 82272D72710ED6A40E9A2A2286A9BBF4 . 4691904 . . [6.0.6002.18881] .. c:\windows\system32\ntoskrnl.exe
.
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cryptsvc.dll
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6002.18881] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[7] 2013-07-08 . 828805E2E7F529B24849AD52740288DA . 135168 . . [6.0.6002.23154] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[7] 2013-04-24 . 3EDE4C1F9672C972479201544969ADCB . 133120 . . [6.0.6002.18831] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[7] 2013-04-24 . FBE051C07C3D2B9011ECB1C7A73120C1 . 135168 . . [6.0.6002.23101] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll
[7] 2013-04-17 . 58CEF2D243575512657452B9E89A2E1F . 133120 . . [6.0.6002.18827] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[7] 2013-04-17 . CC8E2C87016A07892B5448D764BF8A30 . 135168 . . [6.0.6002.23097] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[7] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6002.22869] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6002.18643] .. c:\windows\erdnt\cache86\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6002.18643] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6002.18618] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6002.22840] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
.
[7] 2013-07-25 . 0E2B5CB2193B6B0057F7D8B3FE02777E . 12334080 . . [9.00.8112.20613] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20613_none_d3ccbcbd792174dc\mshtml.dll
[7] 2013-07-25 . 7161E761E81356C8EF6383CB1AE41B8D . 12334080 . . [9.00.8112.16421] .. c:\windows\SysWOW64\mshtml.dll
[7] 2013-07-25 . 7161E761E81356C8EF6383CB1AE41B8D . 12334080 . . [9.00.8112.16502] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16502_none_d34cef945ffc9fca\mshtml.dll
[7] 2013-05-29 . 4ACB8A0EA4A1BEAA4FA92680BB71C542 . 12335104 . . [9.00.8112.20606] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20606_none_d3da8d877916a4f0\mshtml.dll
[7] 2013-05-29 . 7BD6A6DFA75B665FA8F21BB21E59EC11 . 12333568 . . [9.00.8112.16496] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16496_none_d2ef9f8a60420378\mshtml.dll
[7] 2013-05-16 . A6F5B25905CD01AE714990E02C7205A5 . 12329984 . . [9.00.8112.16490] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16490_none_d2e99dce60476b6e\mshtml.dll
[7] 2013-05-16 . 097654708FE5F07278A1E36D9F78CA94 . 12330496 . . [9.00.8112.20600] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20600_none_d3d48bcb791c0ce6\mshtml.dll
[7] 2013-05-05 . 1152DE9D7FE16EC92A12165D1CBE8406 . 12325888 . . [9.00.8112.20594] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20594_none_d3773bc179617094\mshtml.dll
[7] 2013-05-05 . 26F30066B9FA78C97A0E92803D496211 . 12324864 . . [9.00.8112.16484] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16484_none_d2f86ee2603bb4d9\mshtml.dll
[7] 2013-04-04 . 79B0D843B26BEA808EA89BA2D8A026F2 . 12324864 . . [9.00.8112.16483] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16483_none_d2f76e98603c9b82\mshtml.dll
[7] 2013-04-04 . 4EBF337D1F52EA9202072348BA41CA95 . 12325376 . . [9.00.8112.20593] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20593_none_d3763b777962573d\mshtml.dll
[7] 2013-02-22 . 474D43D76E2A33FEE21C6F4BB7C4A3B7 . 12324864 . . [9.00.8112.20586] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20586_none_d3840c4179578751\mshtml.dll
[7] 2013-02-22 . 658EBC74BD38D16805648C4775F7FA82 . 12324352 . . [9.00.8112.16476] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16476_none_d3053f626031cb96\mshtml.dll
[7] 2013-02-02 . 88C27474E61271B49677F22CEE76FB3E . 12322304 . . [9.00.8112.20580] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20580_none_d37e0a85795cef47\mshtml.dll
[7] 2013-02-02 . 263963D93A3CA8F685EFA5966F1E6581 . 12321792 . . [9.00.8112.16470] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16470_none_d2ff3da66037338c\mshtml.dll
[7] 2013-01-08 . C97434C851C4821BD92D2831FDF1ECBE . 12321280 . . [9.00.8112.16464] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16464_none_d30e0eba602b7cf7\mshtml.dll
[7] 2013-01-08 . B6AD225B3BCC07332FBB2C2824315534 . 12322304 . . [9.00.8112.20573] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20573_none_d38bdb4f79521f5b\mshtml.dll
[7] 2012-11-14 . 07F649CD36F266BBE33B814FA678AA43 . 12320256 . . [9.00.8112.16457] .. c:\windows\erdnt\cache86\mshtml.dll
[7] 2012-11-14 . 07F649CD36F266BBE33B814FA678AA43 . 12320256 . . [9.00.8112.16457] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16457_none_d31bdf846020ad0b\mshtml.dll
[7] 2012-11-14 . 8021EF27048F9ECE5286EA8C8EED23B8 . 12321280 . . [9.00.8112.20565] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20565_none_d398abcf79483618\mshtml.dll
[7] 2012-10-03 . A831FFEF2C5244600373A426576B0604 . 12320768 . . [9.00.8112.16455] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16455_none_d319def060227a5d\mshtml.dll
[7] 2012-10-03 . BCDB83DDE29DD2EF57C71904F11B9554 . 12321280 . . [9.00.8112.20562] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20562_none_d395aaf1794aea13\mshtml.dll
[7] 2012-08-24 . 975D1EA99A0FE8104B72440995B3C20B . 12319744 . . [9.00.8112.20557] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20557_none_d3a57c4f793e4cd5\mshtml.dll
[7] 2012-08-24 . BB197F54A8F69EEA8356B7F70E6D3A20 . 12319744 . . [9.00.8112.16450] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16450_none_d314dd7e6026fbaa\mshtml.dll
.
[7] 2013-07-25 . EFA69C15A411D9794131CBCF6B59EA08 . 1129984 . . [9.00.8112.20613] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_c2729d9ef8cb0ba6\wininet.dll
[7] 2013-07-25 . 6839F14A2507D9273BD13565DD880377 . 1129472 . . [9.00.8112.16421] .. c:\windows\SysWOW64\wininet.dll
[7] 2013-07-25 . 6839F14A2507D9273BD13565DD880377 . 1129472 . . [9.00.8112.16502] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_c1f2d075dfa63694\wininet.dll
[7] 2013-05-29 . 745410A5E043E8F880C932007034F8B6 . 1129984 . . [9.00.8112.20606] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_c2806e68f8c03bba\wininet.dll
[7] 2013-05-29 . EA952A5C277CABCBA69EA806146BB984 . 1129472 . . [9.00.8112.16496] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_c195806bdfeb9a42\wininet.dll
[7] 2013-05-16 . 6A25377A76479A0C0BF3DB6FC42FE09A . 1129472 . . [9.00.8112.16490] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_c18f7eafdff10238\wininet.dll
[7] 2013-05-16 . CC25EA1287613DC45D25A26037B4DBDD . 1129984 . . [9.00.8112.20600] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_c27a6cacf8c5a3b0\wininet.dll
[7] 2013-04-04 . 2C96B3921B4CDE10DBAED5AAD760DB67 . 1129472 . . [9.00.8112.16483] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_c19d4f79dfe6324c\wininet.dll
[7] 2013-04-04 . 28B2DD8DBAEE306290A74ED03DB3768F . 1129984 . . [9.00.8112.20593] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_c21c1c58f90bee07\wininet.dll
[7] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16476] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll
[7] 2013-02-22 . 490E24D5E427DFA55B1C1182F0DB861C . 1129984 . . [9.00.8112.20586] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll
[7] 2013-02-02 . 1284D72C04B553ED5382EA14303D66DB . 1129472 . . [9.00.8112.20580] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll
[7] 2013-02-02 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16470] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll
[7] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16464] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll
[7] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.20573] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll
[7] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16457] .. c:\windows\erdnt\cache86\wininet.dll
[7] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16457] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll
[7] 2012-11-14 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.20565] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll
[7] 2012-10-03 . ED223944D96ED3B4922B8434AEAA94DA . 1129472 . . [9.00.8112.16455] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll
[7] 2012-10-03 . 3A7F37F14E9603A28E98D00115F022DD . 1129472 . . [9.00.8112.20562] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll
[7] 2012-08-24 . 2895E29EFCFC0B1BCF8AEE1A0C67913C . 1129472 . . [9.00.8112.20557] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll
[7] 2012-08-24 . 5553611E2F9EA6F613079177F1233068 . 1129472 . . [9.00.8112.16450] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll
[7] 2012-06-28 . 975129E360241BE751BE93D9E0AC7409 . 1129472 . . [9.00.8112.16448] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll
[7] 2012-06-27 . 015A57A7749B28593E52D80DD60CF90A . 1129472 . . [9.00.8112.20554] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_c2485c52f8ea979a\wininet.dll
[7] 2012-06-02 . 8E87270C4704CF2951E1E7820D6C8A2B . 1129472 . . [9.00.8112.16447] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_c1cc9051dfc227e4\wininet.dll
[7] 2012-06-02 . E430161A632F9A8FE512DE0CA5685559 . 1129472 . . [9.00.8112.20553] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_c2475c08f8eb7e43\wininet.dll
[7] 2012-05-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16446] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll
[7] 2012-05-17 . 43BAC67996D8765A5F1B3A4EA6231E21 . 1129472 . . [9.00.8112.20551] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_c2455b74f8ed4b95\wininet.dll
[7] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16443] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_c1c88f29dfc5c288\wininet.dll
[7] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.20548] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_c2572d66f8dee105\wininet.dll
[7] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16441] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_c1c68e95dfc78fda\wininet.dll
[7] 2011-12-14 . 022A78194E2C7106F5AF9F2BC6AC8774 . 1127424 . . [9.00.8112.20546] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20546_none_c2552cd2f8e0ae57\wininet.dll
[7] 2011-11-03 . 32569DF2F9BEF05DD7D56E30590EDFD9 . 1127424 . . [9.00.8112.20544] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20544_none_c2532c3ef8e27ba9\wininet.dll
[7] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16440] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_c1c58e4bdfc87683\wininet.dll
[7] 2011-09-01 . D
-
Cruel Irony: The commercials kicked in at the exact moment i clicked the submit button
-
Haven't heard any commercials yet today, which is a good sign,
-
- Download RogueKiller (http://tigzy.geekstogo.com/Tools/RogueKiller.exe) on the desktop
- Close all the running programs
- Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
- Otherwise just double-click on RogueKiller.exe
- Pre-scan will start. Let it finish.
- Click on SCAN button.
- A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
- If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
-
RogueKiller V8.6.7 [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Started in : Normal mode
User : doug [Admin rights]
Mode : Scan -- Date : 08/30/2013 16:21:55
| ARK || FAK || MBR |
¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] mHotkey.exe -- C:\Windows\mHotkey.exe [-] -> KILLED [TermProc]
[SUSP PATH] ChiFuncExt.exe -- C:\Windows\ChiFuncExt.exe [-] -> KILLED [TermProc]
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][SUSP PATH] MHotkey : %SystemRoot%\MHotKey.exe
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721075KLA330 ATA Device +++++
--- User ---
[MBR] 0c03f86ab0952cedfe66a9010768ead8
[BSP] 000851c54221a74adfe6614ebbb97709 : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 10001 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20484096 | Size: 705401 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: Hitachi HDS721075KLA330 ATA Device +++++
--- User ---
[MBR] 53223ba7f670c77a3f8ab54cccdbee73
[BSP] d91797ea79f07267507966bebde6ffcc : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238473 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: Hitachi HDS721075KLA330 ATA Device +++++
--- User ---
[MBR] edb29ecba9d7cd926f3dc4c78249707a
[BSP] 3ff123a2d4aed2e8dfd7121dd201d41b : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive3: Hitachi HDS721075KLA330 ATA Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive4: Hitachi HDS721075KLA330 ATA Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[0]_S_08302013_162155.txt >>
-
It started playing commercials just as I was about to post the above.
-
RK asked me if I want to delete the items found in the scan. I assume that I should.
-
RK asked me if I want to delete the items found in the scan. I assume that I should.
Yes please.
What browser are you using?
I'd like to scan your machine with ESET OnlineScan
•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetOnline.png) button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstall.png) to download the ESET Smart Installer. Save it to your desktop.
- Double click on the (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstallDesktopIcon-1.png) icon on your desktop.
•Check (http://i424.photobucket.com/albums/pp322/digistar/esetAcceptTerms.png)
•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetStart.png) button.
•Accept any security warnings from your browser.
- Leave the check mark next to Remove found threats.
•Check (http://i424.photobucket.com/albums/pp322/digistar/esetScanArchives.png)
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push (http://i424.photobucket.com/albums/pp322/digistar/esetListThreats.png)
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetExport.png), and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the (http://i424.photobucket.com/albums/pp322/digistar/esetBack.png) button.
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetFinish.png)
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
-
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=88c68a2159152645825ac545166718b8
# engine=14959
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-31 04:11:41
# local_time=2013-08-31 12:11:41 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 89106493 214521007 0 0
# scanned=790079
# found=0
# cleaned=0
# scan_time=19379
-
How's your computer running now? Still receiving the commercials?
-
Yes I am unfortunately
-
Does this only happen when your browser is open? What browser are you using?
- Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and save it to your Desktop.
- Extract its contents to your desktop.
- Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillernumber1.png)
- If an infected file is detected, the default action will be Cure, click on Continue.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillernumber2.png)
- If a suspicious file is detected, the default action will be Skip, click on Continue.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillernumber3.png)
- It may ask you to reboot the computer to complete the process. Click on Reboot Now.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillerlastone3.png)
- Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory..
-
18:38:14.0891 0x1b18 TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
18:38:15.0309 0x1b18 ============================================================
18:38:15.0309 0x1b18 Current date / time: 2013/08/31 18:38:15.0309
18:38:15.0309 0x1b18 SystemInfo:
18:38:15.0309 0x1b18
18:38:15.0309 0x1b18 OS Version: 6.0.6002 ServicePack: 2.0
18:38:15.0309 0x1b18 Product type: Workstation
18:38:15.0309 0x1b18 ComputerName: DOUG-PC
18:38:15.0309 0x1b18 UserName: doug
18:38:15.0309 0x1b18 Windows directory: C:\Windows
18:38:15.0309 0x1b18 System windows directory: C:\Windows
18:38:15.0310 0x1b18 Running under WOW64
18:38:15.0310 0x1b18 Processor architecture: Intel x64
18:38:15.0310 0x1b18 Number of processors: 4
18:38:15.0310 0x1b18 Page size: 0x1000
18:38:15.0310 0x1b18 Boot type: Normal boot
18:38:15.0310 0x1b18 ============================================================
18:38:16.0833 0x1b18 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:38:16.0835 0x1b18 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:38:16.0836 0x1b18 Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:38:16.0888 0x1b18 Drive \Device\Harddisk7\DR7 - Size: 0x774488000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:38:16.0893 0x1b18 ============================================================
18:38:16.0893 0x1b18 \Device\Harddisk0\DR0:
18:38:16.0894 0x1b18 MBR partitions:
18:38:16.0894 0x1b18 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1389000, BlocksNum 0x561BC800
18:38:16.0894 0x1b18 \Device\Harddisk1\DR1:
18:38:16.0902 0x1b18 MBR partitions:
18:38:16.0902 0x1b18 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
18:38:16.0902 0x1b18 \Device\Harddisk2\DR2:
18:38:16.0902 0x1b18 MBR partitions:
18:38:16.0902 0x1b18 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
18:38:16.0902 0x1b18 \Device\Harddisk7\DR7:
18:38:16.0904 0x1b18 MBR partitions:
18:38:16.0904 0x1b18 \Device\Harddisk7\DR7\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BA2420
18:38:16.0904 0x1b18 ============================================================
18:38:16.0927 0x1b18 C: <-> \Device\Harddisk0\DR0\Partition1
18:38:16.0929 0x1b18 D: <-> \Device\Harddisk2\DR2\Partition1
18:38:16.0944 0x1b18 L: <-> \Device\Harddisk1\DR1\Partition1
18:38:16.0944 0x1b18 ============================================================
18:38:16.0944 0x1b18 Initialize success
18:38:16.0944 0x1b18 ============================================================
18:38:19.0716 0x1aa0 ============================================================
18:38:19.0716 0x1aa0 Scan started
18:38:19.0716 0x1aa0 Mode: Manual;
18:38:19.0716 0x1aa0 ============================================================
18:38:20.0211 0x1aa0 ================ Scan system memory ========================
18:38:20.0211 0x1aa0 System memory - ok
18:38:20.0212 0x1aa0 ================ Scan services =============================
18:38:20.0336 0x1aa0 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:38:20.0340 0x1aa0 ACPI - ok
18:38:20.0399 0x1aa0 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
18:38:20.0400 0x1aa0 adfs - ok
18:38:20.0537 0x1aa0 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
18:38:20.0539 0x1aa0 AdobeActiveFileMonitor7.0 - ok
18:38:20.0669 0x1aa0 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:38:20.0670 0x1aa0 AdobeARMservice - ok
18:38:20.0810 0x1aa0 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:38:20.0812 0x1aa0 AdobeFlashPlayerUpdateSvc - ok
18:38:20.0873 0x1aa0 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:38:20.0878 0x1aa0 adp94xx - ok
18:38:20.0903 0x1aa0 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:38:20.0906 0x1aa0 adpahci - ok
18:38:20.0916 0x1aa0 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:38:20.0918 0x1aa0 adpu160m - ok
18:38:20.0937 0x1aa0 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:38:20.0939 0x1aa0 adpu320 - ok
18:38:20.0982 0x1aa0 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:38:20.0982 0x1aa0 AeLookupSvc - ok
18:38:21.0057 0x1aa0 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
18:38:21.0060 0x1aa0 AFD - ok
18:38:21.0101 0x1aa0 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:38:21.0102 0x1aa0 agp440 - ok
18:38:21.0162 0x1aa0 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:38:21.0164 0x1aa0 aic78xx - ok
18:38:21.0195 0x1aa0 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
18:38:21.0196 0x1aa0 ALG - ok
18:38:21.0222 0x1aa0 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
18:38:21.0222 0x1aa0 aliide - ok
18:38:21.0290 0x1aa0 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:38:21.0292 0x1aa0 AMD External Events Utility - ok
18:38:21.0387 0x1aa0 AMD FUEL Service - ok
18:38:21.0415 0x1aa0 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
18:38:21.0415 0x1aa0 amdide - ok
18:38:21.0450 0x1aa0 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
18:38:21.0451 0x1aa0 amdiox64 - ok
18:38:21.0461 0x1aa0 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:38:21.0462 0x1aa0 AmdK8 - ok
18:38:21.0705 0x1aa0 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:38:21.0782 0x1aa0 amdkmdag - ok
18:38:21.0819 0x1aa0 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:38:21.0821 0x1aa0 amdkmdap - ok
18:38:21.0883 0x1aa0 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
18:38:21.0884 0x1aa0 AODDriver4.1 - ok
18:38:21.0940 0x1aa0 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
18:38:21.0941 0x1aa0 Appinfo - ok
18:38:22.0027 0x1aa0 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:38:22.0028 0x1aa0 Apple Mobile Device - ok
18:38:22.0098 0x1aa0 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
18:38:22.0100 0x1aa0 arc - ok
18:38:22.0127 0x1aa0 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:38:22.0129 0x1aa0 arcsas - ok
18:38:22.0157 0x1aa0 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:38:22.0157 0x1aa0 AsyncMac - ok
18:38:22.0202 0x1aa0 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
18:38:22.0203 0x1aa0 atapi - ok
18:38:22.0404 0x1aa0 [ 60216B0E704584DE6D5A9F59E9C34C47 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:38:22.0477 0x1aa0 atikmdag - ok
18:38:22.0518 0x1aa0 [ DB0D3DE15EDC96E7529FC0D3F7760894 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
18:38:22.0518 0x1aa0 AtiPcie - ok
18:38:22.0570 0x1aa0 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:38:22.0575 0x1aa0 AudioEndpointBuilder - ok
18:38:22.0586 0x1aa0 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:38:22.0590 0x1aa0 AudioSrv - ok
18:38:22.0650 0x1aa0 [ 5E76DEBBA4311AC1C44DE83D59A9584E ] AVer88xHD C:\Windows\system32\drivers\AVer88xHD64.sys
18:38:22.0653 0x1aa0 AVer88xHD - ok
18:38:22.0679 0x1aa0 Beep - ok
18:38:22.0738 0x1aa0 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
18:38:22.0742 0x1aa0 BFE - ok
18:38:22.0823 0x1aa0 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll
18:38:22.0833 0x1aa0 BITS - ok
18:38:22.0872 0x1aa0 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:38:22.0873 0x1aa0 blbdrive - ok
18:38:22.0942 0x1aa0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:38:22.0947 0x1aa0 Bonjour Service - ok
18:38:22.0987 0x1aa0 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:38:22.0988 0x1aa0 bowser - ok
18:38:23.0032 0x1aa0 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:38:23.0033 0x1aa0 BrFiltLo - ok
18:38:23.0048 0x1aa0 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:38:23.0048 0x1aa0 BrFiltUp - ok
18:38:23.0212 0x1aa0 [ A61D617F37456D9D32F98BF70EB5D414 ] BrlAPI C:\cygwin\bin\cygrunsrv.exe
18:38:23.0215 0x1aa0 BrlAPI - ok
18:38:23.0249 0x1aa0 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
18:38:23.0250 0x1aa0 Browser - ok
18:38:23.0279 0x1aa0 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
18:38:23.0280 0x1aa0 Brserid - ok
18:38:23.0289 0x1aa0 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:38:23.0290 0x1aa0 BrSerWdm - ok
18:38:23.0312 0x1aa0 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:38:23.0313 0x1aa0 BrUsbMdm - ok
18:38:23.0324 0x1aa0 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:38:23.0325 0x1aa0 BrUsbSer - ok
18:38:23.0333 0x1aa0 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:38:23.0335 0x1aa0 BTHMODEM - ok
18:38:23.0363 0x1aa0 catchme - ok
18:38:23.0408 0x1aa0 [ 551BE1536B27DC056EA4D48275EFB089 ] CAXHWBS2 C:\Windows\system32\DRIVERS\CAXHWBS2.sys
18:38:23.0412 0x1aa0 CAXHWBS2 - ok
18:38:23.0426 0x1aa0 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:38:23.0427 0x1aa0 cdfs - ok
18:38:23.0456 0x1aa0 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:38:23.0457 0x1aa0 cdrom - ok
18:38:23.0507 0x1aa0 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
18:38:23.0508 0x1aa0 CertPropSvc - ok
18:38:23.0541 0x1aa0 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:38:23.0541 0x1aa0 circlass - ok
18:38:23.0589 0x1aa0 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
18:38:23.0592 0x1aa0 CLFS - ok
18:38:23.0673 0x1aa0 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:38:23.0674 0x1aa0 clr_optimization_v2.0.50727_32 - ok
18:38:23.0767 0x1aa0 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:38:23.0769 0x1aa0 clr_optimization_v2.0.50727_64 - ok
18:38:23.0872 0x1aa0 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:38:23.0874 0x1aa0 clr_optimization_v4.0.30319_32 - ok
18:38:23.0935 0x1aa0 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:38:23.0936 0x1aa0 clr_optimization_v4.0.30319_64 - ok
18:38:23.0954 0x1aa0 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:38:23.0954 0x1aa0 cmdide - ok
18:38:23.0973 0x1aa0 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:38:23.0974 0x1aa0 Compbatt - ok
18:38:23.0983 0x1aa0 COMSysApp - ok
18:38:24.0038 0x1aa0 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
18:38:24.0039 0x1aa0 cpuz135 - ok
18:38:24.0053 0x1aa0 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:38:24.0054 0x1aa0 crcdisk - ok
18:38:24.0099 0x1aa0 [ 5AAC48EAF8EACF247DB44FB61B900D89 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:38:24.0102 0x1aa0 CryptSvc - ok
18:38:24.0262 0x1aa0 [ A61D617F37456D9D32F98BF70EB5D414 ] cygserver C:\cygwin\bin\cygrunsrv.exe
18:38:24.0264 0x1aa0 cygserver - ok
18:38:24.0323 0x1aa0 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:38:24.0330 0x1aa0 DcomLaunch - ok
18:38:24.0361 0x1aa0 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:38:24.0362 0x1aa0 DfsC - ok
18:38:24.0491 0x1aa0 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
18:38:24.0518 0x1aa0 DFSR - ok
18:38:24.0563 0x1aa0 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:38:24.0564 0x1aa0 dg_ssudbus - ok
18:38:24.0629 0x1aa0 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:38:24.0631 0x1aa0 Dhcp - ok
18:38:24.0699 0x1aa0 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
18:38:24.0700 0x1aa0 disk - ok
18:38:24.0821 0x1aa0 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:38:24.0823 0x1aa0 Dnscache - ok
18:38:24.0914 0x1aa0 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
18:38:24.0917 0x1aa0 dot3svc - ok
18:38:24.0971 0x1aa0 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
18:38:24.0974 0x1aa0 DPS - ok
18:38:25.0127 0x1aa0 [ 308195495181C8F3D51E6ED5B58D54AC ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
18:38:25.0145 0x1aa0 DragonUpdater - ok
18:38:25.0224 0x1aa0 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:38:25.0225 0x1aa0 drmkaud - ok
18:38:25.0296 0x1aa0 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:38:25.0303 0x1aa0 DXGKrnl - ok
18:38:25.0320 0x1aa0 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
18:38:25.0321 0x1aa0 E1G60 - ok
18:38:25.0351 0x1aa0 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
18:38:25.0352 0x1aa0 EapHost - ok
18:38:25.0412 0x1aa0 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
18:38:25.0413 0x1aa0 Ecache - ok
18:38:25.0519 0x1aa0 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:38:25.0522 0x1aa0 ehRecvr - ok
18:38:25.0573 0x1aa0 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
18:38:25.0574 0x1aa0 ehSched - ok
18:38:25.0632 0x1aa0 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
18:38:25.0633 0x1aa0 ehstart - ok
18:38:25.0669 0x1aa0 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:38:25.0672 0x1aa0 elxstor - ok
18:38:25.0730 0x1aa0 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:38:25.0734 0x1aa0 EMDMgmt - ok
18:38:25.0781 0x1aa0 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:38:25.0782 0x1aa0 ErrDev - ok
18:38:25.0876 0x1aa0 [ 4D06D9A26227AC485305133916888DF1 ] ETService C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
18:38:25.0877 0x1aa0 ETService - ok
18:38:25.0936 0x1aa0 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
18:38:25.0940 0x1aa0 EventSystem - ok
18:38:25.0981 0x1aa0 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
18:38:25.0983 0x1aa0 exfat - ok
18:38:26.0041 0x1aa0 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:38:26.0043 0x1aa0 fastfat - ok
18:38:26.0058 0x1aa0 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:38:26.0059 0x1aa0 fdc - ok
18:38:26.0090 0x1aa0 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
18:38:26.0092 0x1aa0 fdPHost - ok
18:38:26.0106 0x1aa0 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
18:38:26.0108 0x1aa0 FDResPub - ok
18:38:26.0124 0x1aa0 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:38:26.0125 0x1aa0 FileInfo - ok
18:38:26.0135 0x1aa0 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:38:26.0135 0x1aa0 Filetrace - ok
18:38:26.0207 0x1aa0 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:38:26.0212 0x1aa0 FLEXnet Licensing Service - ok
18:38:26.0247 0x1aa0 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:38:26.0248 0x1aa0 flpydisk - ok
18:38:26.0299 0x1aa0 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:38:26.0301 0x1aa0 FltMgr - ok
18:38:26.0393 0x1aa0 [ F20A97F51C104DD0A163251325460747 ] FontCache C:\Windows\system32\FntCache.dll
18:38:26.0403 0x1aa0 FontCache - ok
18:38:26.0503 0x1aa0 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:38:26.0504 0x1aa0 FontCache3.0.0.0 - ok
18:38:26.0542 0x1aa0 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:38:26.0543 0x1aa0 Fs_Rec - ok
18:38:26.0579 0x1aa0 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:38:26.0580 0x1aa0 gagp30kx - ok
18:38:26.0620 0x1aa0 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:38:26.0621 0x1aa0 GEARAspiWDM - ok
18:38:26.0679 0x1aa0 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\Windows\system32\drivers\gfibto.sys
18:38:26.0680 0x1aa0 gfibto - ok
18:38:26.0736 0x1aa0 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
18:38:26.0743 0x1aa0 gpsvc - ok
18:38:26.0822 0x1aa0 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:38:26.0823 0x1aa0 gupdate - ok
18:38:26.0830 0x1aa0 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:38:26.0832 0x1aa0 gupdatem - ok
18:38:26.0888 0x1aa0 [ 49FF998B490B4AEF6C71A669FD10F09B ] hcmon C:\Windows\system32\drivers\hcmon.sys
18:38:26.0889 0x1aa0 hcmon - ok
18:38:26.0940 0x1aa0 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:38:26.0943 0x1aa0 HdAudAddService - ok
18:38:27.0024 0x1aa0 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:38:27.0033 0x1aa0 HDAudBus - ok
18:38:27.0050 0x1aa0 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:38:27.0051 0x1aa0 HidBth - ok
18:38:27.0088 0x1aa0 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:38:27.0089 0x1aa0 HidIr - ok
18:38:27.0126 0x1aa0 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll
18:38:27.0128 0x1aa0 hidserv - ok
18:38:27.0169 0x1aa0 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:38:27.0169 0x1aa0 HidUsb - ok
18:38:27.0196 0x1aa0 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
18:38:27.0198 0x1aa0 hkmsvc - ok
18:38:27.0217 0x1aa0 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:38:27.0218 0x1aa0 HpCISSs - ok
18:38:27.0273 0x1aa0 [ 9C369CBC5F19DA9968223197B5205F68 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
18:38:27.0284 0x1aa0 HSF_DPV - ok
18:38:27.0336 0x1aa0 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:38:27.0341 0x1aa0 HTTP - ok
18:38:27.0356 0x1aa0 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:38:27.0357 0x1aa0 i2omp - ok
18:38:27.0397 0x1aa0 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:38:27.0398 0x1aa0 i8042prt - ok
18:38:27.0431 0x1aa0 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:38:27.0434 0x1aa0 iaStorV - ok
18:38:27.0513 0x1aa0 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:38:27.0520 0x1aa0 idsvc - ok
18:38:27.0527 0x1aa0 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:38:27.0528 0x1aa0 iirsp - ok
18:38:27.0578 0x1aa0 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
18:38:27.0583 0x1aa0 IKEEXT - ok
18:38:27.0660 0x1aa0 [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4 ] int15 C:\Windows\SysWOW64\drivers\int15_64.sys
18:38:27.0660 0x1aa0 int15 - ok
18:38:27.0668 0x1aa0 IntcAzAudAddService - ok
18:38:27.0680 0x1aa0 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
18:38:27.0680 0x1aa0 intelide - ok
18:38:27.0691 0x1aa0 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:38:27.0693 0x1aa0 intelppm - ok
18:38:27.0717 0x1aa0 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:38:27.0718 0x1aa0 IPBusEnum - ok
18:38:27.0760 0x1aa0 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:38:27.0761 0x1aa0 IpFilterDriver - ok
18:38:27.0803 0x1aa0 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:38:27.0805 0x1aa0 iphlpsvc - ok
18:38:27.0814 0x1aa0 IpInIp - ok
18:38:27.0830 0x1aa0 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:38:27.0831 0x1aa0 IPMIDRV - ok
18:38:27.0840 0x1aa0 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:38:27.0842 0x1aa0 IPNAT - ok
18:38:27.0917 0x1aa0 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:38:27.0922 0x1aa0 iPod Service - ok
18:38:27.0930 0x1aa0 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:38:27.0931 0x1aa0 IRENUM - ok
18:38:27.0951 0x1aa0 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:38:27.0952 0x1aa0 isapnp - ok
18:38:28.0006 0x1aa0 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:38:28.0008 0x1aa0 iScsiPrt - ok
18:38:28.0016 0x1aa0 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:38:28.0017 0x1aa0 iteatapi - ok
18:38:28.0025 0x1aa0 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:38:28.0026 0x1aa0 iteraid - ok
18:38:28.0054 0x1aa0 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:38:28.0055 0x1aa0 kbdclass - ok
18:38:28.0088 0x1aa0 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:38:28.0090 0x1aa0 kbdhid - ok
18:38:28.0121 0x1aa0 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
18:38:28.0123 0x1aa0 KeyIso - ok
18:38:28.0166 0x1aa0 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:38:28.0170 0x1aa0 KSecDD - ok
18:38:28.0194 0x1aa0 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:38:28.0195 0x1aa0 ksthunk - ok
18:38:28.0229 0x1aa0 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
18:38:28.0234 0x1aa0 KtmRm - ok
18:38:28.0273 0x1aa0 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:38:28.0276 0x1aa0 LanmanServer - ok
18:38:28.0308 0x1aa0 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:38:28.0311 0x1aa0 LanmanWorkstation - ok
18:38:28.0355 0x1aa0 [ 3C46290F7A5D45BA6EF32C248E22AA69 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
18:38:28.0356 0x1aa0 Lbd - ok
18:38:28.0509 0x1aa0 [ 70FB6254E29150A7A4A39FDFFD306C33 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:38:28.0512 0x1aa0 LBTServ - ok
18:38:28.0547 0x1aa0 [ A03B765FF67E58BA75333C7C8C0D7706 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
18:38:28.0549 0x1aa0 LEqdUsb - ok
18:38:28.0576 0x1aa0 [ 389588725D419476F365370BED4FFE5A ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
18:38:28.0577 0x1aa0 LHidEqd - ok
18:38:28.0611 0x1aa0 [ 1470EF17E02E82E4F43346DF9E9F11E1 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:38:28.0612 0x1aa0 LHidFilt - ok
18:38:28.0629 0x1aa0 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:38:28.0630 0x1aa0 lltdio - ok
18:38:28.0654 0x1aa0 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:38:28.0657 0x1aa0 lltdsvc - ok
18:38:28.0674 0x1aa0 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:38:28.0676 0x1aa0 lmhosts - ok
18:38:28.0784 0x1aa0 [ 1DA54699C47501B92941A73A558D9E2A ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
18:38:28.0787 0x1aa0 LMIGuardianSvc - ok
18:38:28.0820 0x1aa0 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
18:38:28.0820 0x1aa0 LMIInfo - ok
18:38:28.0838 0x1aa0 [ 95DC370DBCE48AA1CD61DD999C143CEC ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
18:38:28.0839 0x1aa0 LMIMaint - ok
18:38:28.0892 0x1aa0 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
18:38:28.0893 0x1aa0 lmimirr - ok
18:38:28.0900 0x1aa0 LMIRfsClientNP - ok
18:38:28.0917 0x1aa0 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
18:38:28.0918 0x1aa0 LMIRfsDriver - ok
18:38:28.0956 0x1aa0 [ 12814AE119E959437BEA3110F81BD188 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:38:28.0957 0x1aa0 LMouFilt - ok
18:38:28.0999 0x1aa0 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
18:38:29.0003 0x1aa0 LogMeIn - ok
18:38:29.0035 0x1aa0 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:38:29.0036 0x1aa0 LSI_FC - ok
18:38:29.0044 0x1aa0 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:38:29.0046 0x1aa0 LSI_SAS - ok
18:38:29.0055 0x1aa0 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:38:29.0056 0x1aa0 LSI_SCSI - ok
18:38:29.0083 0x1aa0 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
18:38:29.0085 0x1aa0 luafv - ok
18:38:29.0257 0x1aa0 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
18:38:29.0303 0x1aa0 LVUVC64 - ok
18:38:29.0360 0x1aa0 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:38:29.0361 0x1aa0 MBAMProtector - ok
18:38:29.0397 0x1aa0 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:38:29.0401 0x1aa0 MBAMScheduler - ok
18:38:29.0431 0x1aa0 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:38:29.0437 0x1aa0 MBAMService - ok
18:38:29.0501 0x1aa0 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
18:38:29.0503 0x1aa0 mcdbus - ok
18:38:29.0540 0x1aa0 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:38:29.0542 0x1aa0 Mcx2Svc - ok
18:38:29.0560 0x1aa0 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:38:29.0561 0x1aa0 mdmxsdk - ok
18:38:29.0598 0x1aa0 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
18:38:29.0598 0x1aa0 megasas - ok
18:38:29.0633 0x1aa0 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:38:29.0637 0x1aa0 MegaSR - ok
18:38:29.0714 0x1aa0 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:38:29.0715 0x1aa0 Microsoft Office Groove Audit Service - ok
18:38:29.0734 0x1aa0 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
18:38:29.0736 0x1aa0 MMCSS - ok
18:38:29.0751 0x1aa0 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
18:38:29.0752 0x1aa0 Modem - ok
18:38:29.0766 0x1aa0 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:38:29.0767 0x1aa0 monitor - ok
18:38:29.0783 0x1aa0 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:38:29.0784 0x1aa0 mouclass - ok
18:38:29.0817 0x1aa0 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:38:29.0818 0x1aa0 mouhid - ok
18:38:29.0834 0x1aa0 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:38:29.0835 0x1aa0 MountMgr - ok
18:38:29.0889 0x1aa0 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:38:29.0890 0x1aa0 MozillaMaintenance - ok
18:38:29.0946 0x1aa0 [ FC1D590039EF06A381768710E6C07E75 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:38:29.0949 0x1aa0 MpFilter - ok
18:38:30.0041 0x1aa0 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
18:38:30.0042 0x1aa0 mpio - ok
18:38:30.0096 0x1aa0 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:38:30.0098 0x1aa0 mpsdrv - ok
18:38:30.0237 0x1aa0 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
18:38:30.0243 0x1aa0 MpsSvc - ok
18:38:30.0268 0x1aa0 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:38:30.0269 0x1aa0 Mraid35x - ok
18:38:30.0318 0x1aa0 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:38:30.0319 0x1aa0 MRxDAV - ok
18:38:30.0367 0x1aa0 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:38:30.0370 0x1aa0 mrxsmb - ok
18:38:30.0423 0x1aa0 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:38:30.0426 0x1aa0 mrxsmb10 - ok
18:38:30.0442 0x1aa0 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:38:30.0444 0x1aa0 mrxsmb20 - ok
18:38:30.0451 0x1aa0 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
18:38:30.0452 0x1aa0 msahci - ok
18:38:30.0472 0x1aa0 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:38:30.0473 0x1aa0 msdsm - ok
18:38:30.0500 0x1aa0 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
18:38:30.0502 0x1aa0 MSDTC - ok
18:38:30.0523 0x1aa0 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:38:30.0523 0x1aa0 Msfs - ok
18:38:30.0536 0x1aa0 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:38:30.0537 0x1aa0 msisadrv - ok
18:38:30.0559 0x1aa0 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:38:30.0561 0x1aa0 MSiSCSI - ok
18:38:30.0568 0x1aa0 msiserver - ok
18:38:30.0602 0x1aa0 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:38:30.0603 0x1aa0 MSKSSRV - ok
18:38:30.0671 0x1aa0 [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:38:30.0671 0x1aa0 MsMpSvc - ok
18:38:30.0700 0x1aa0 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:38:30.0700 0x1aa0 MSPCLOCK - ok
18:38:30.0721 0x1aa0 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:38:30.0722 0x1aa0 MSPQM - ok
18:38:30.0755 0x1aa0 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:38:30.0758 0x1aa0 MsRPC - ok
18:38:30.0806 0x1aa0 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:38:30.0807 0x1aa0 mssmbios - ok
18:38:30.0897 0x1aa0 MSSQL$SQLEXPRESS - ok
18:38:31.0016 0x1aa0 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:38:31.0017 0x1aa0 MSSQLServerADHelper100 - ok
18:38:31.0042 0x1aa0 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:38:31.0043 0x1aa0 MSTEE - ok
18:38:31.0235 0x1aa0 [ CB4A082AF58D1A0969F931816D5CFB05 ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
18:38:31.0270 0x1aa0 msvsmon90 - ok
18:38:31.0315 0x1aa0 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
18:38:31.0316 0x1aa0 Mup - ok
18:38:31.0366 0x1aa0 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
18:38:31.0371 0x1aa0 napagent - ok
18:38:31.0425 0x1aa0 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:38:31.0427 0x1aa0 NativeWifiP - ok
18:38:31.0483 0x1aa0 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:38:31.0489 0x1aa0 NDIS - ok
18:38:31.0525 0x1aa0 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:38:31.0526 0x1aa0 NdisTapi - ok
18:38:31.0538 0x1aa0 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:38:31.0539 0x1aa0 Ndisuio - ok
18:38:31.0582 0x1aa0 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:38:31.0583 0x1aa0 NdisWan - ok
18:38:31.0612 0x1aa0 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:38:31.0613 0x1aa0 NDProxy - ok
18:38:31.0624 0x1aa0 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:38:31.0625 0x1aa0 NetBIOS - ok
18:38:31.0663 0x1aa0 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:38:31.0665 0x1aa0 netbt - ok
18:38:31.0687 0x1aa0 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
18:38:31.0689 0x1aa0 Netlogon - ok
18:38:31.0727 0x1aa0 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
18:38:31.0732 0x1aa0 Netman - ok
18:38:31.0751 0x1aa0 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
18:38:31.0754 0x1aa0 netprofm - ok
18:38:31.0796 0x1aa0 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:38:31.0798 0x1aa0 NetTcpPortSharing - ok
18:38:31.0817 0x1aa0 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:38:31.0818 0x1aa0 nfrd960 - ok
18:38:31.0859 0x1aa0 [ 8FB3C853E886E1E4D57271672486111C ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:38:31.0861 0x1aa0 NisDrv - ok
18:38:31.0907 0x1aa0 [ 869A808253726EA11939EC4FE76346A4 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:38:31.0911 0x1aa0 NisSrv - ok
18:38:31.0929 0x1aa0 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
18:38:31.0932 0x1aa0 NlaSvc - ok
18:38:31.0966 0x1aa0 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:38:31.0967 0x1aa0 Npfs - ok
18:38:31.0999 0x1aa0 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
18:38:32.0001 0x1aa0 nsi - ok
18:38:32.0021 0x1aa0 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:38:32.0022 0x1aa0 nsiproxy - ok
18:38:32.0100 0x1aa0 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:38:32.0113 0x1aa0 Ntfs - ok
18:38:32.0140 0x1aa0 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
18:38:32.0141 0x1aa0 Null - ok
18:38:32.0168 0x1aa0 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:38:32.0170 0x1aa0 nvraid - ok
18:38:32.0178 0x1aa0 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:38:32.0179 0x1aa0 nvstor - ok
18:38:32.0188 0x1aa0 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:38:32.0189 0x1aa0 nv_agp - ok
18:38:32.0196 0x1aa0 NwlnkFlt - ok
18:38:32.0205 0x1aa0 NwlnkFwd - ok
18:38:32.0298 0x1aa0 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:38:32.0301 0x1aa0 odserv - ok
18:38:32.0353 0x1aa0 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:38:32.0354 0x1aa0 ohci1394 - ok
18:38:32.0406 0x1aa0 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:38:32.0408 0x1aa0 ose - ok
18:38:32.0485 0x1aa0 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:38:32.0493 0x1aa0 p2pimsvc - ok
18:38:32.0509 0x1aa0 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
18:38:32.0516 0x1aa0 p2psvc - ok
18:38:32.0561 0x1aa0 [ 4C6A7FD04DDF4DB88791048382E3EDB1 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:38:32.0562 0x1aa0 Parport - ok
18:38:32.0595 0x1aa0 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:38:32.0596 0x1aa0 partmgr - ok
18:38:32.0664 0x1aa0 [ 55223EEFABFDB84A926515FEBAB50D9A ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
18:38:32.0664 0x1aa0 pbfilter - ok
18:38:32.0691 0x1aa0 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
18:38:32.0693 0x1aa0 PcaSvc - ok
18:38:32.0728 0x1aa0 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
18:38:32.0730 0x1aa0 pci - ok
18:38:32.0768 0x1aa0 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
18:38:32.0769 0x1aa0 pciide - ok
18:38:32.0796 0x1aa0 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:38:32.0798 0x1aa0 pcmcia - ok
18:38:32.0840 0x1aa0 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:38:32.0845 0x1aa0 PEAUTH - ok
18:38:32.0918 0x1aa0 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:38:32.0920 0x1aa0 PerfHost - ok
18:38:32.0989 0x1aa0 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
18:38:33.0001 0x1aa0 pla - ok
18:38:33.0045 0x1aa0 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:38:33.0049 0x1aa0 PlugPlay - ok
18:38:33.0068 0x1aa0 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:38:33.0077 0x1aa0 PNRPAutoReg - ok
18:38:33.0094 0x1aa0 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:38:33.0103 0x1aa0 PNRPsvc - ok
18:38:33.0152 0x1aa0 [ A6D06378F37BDBA0C0019294C2AABBD0 ] Point64 C:\Windows\system32\DRIVERS\point64k.sys
18:38:33.0153 0x1aa0 Point64 - ok
18:38:33.0217 0x1aa0 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:38:33.0222 0x1aa0 PolicyAgent - ok
18:38:33.0272 0x1aa0 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:38:33.0273 0x1aa0 PptpMiniport - ok
18:38:33.0280 0x1aa0 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:38:33.0281 0x1aa0 Processor - ok
18:38:33.0324 0x1aa0 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
18:38:33.0327 0x1aa0 ProfSvc - ok
18:38:33.0345 0x1aa0 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
18:38:33.0347 0x1aa0 ProtectedStorage - ok
18:38:33.0383 0x1aa0 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:38:33.0384 0x1aa0 PSched - ok
18:38:33.0413 0x1aa0 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:38:33.0414 0x1aa0 PxHlpa64 - ok
18:38:33.0474 0x1aa0 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:38:33.0484 0x1aa0 ql2300 - ok
18:38:33.0495 0x1aa0 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:38:33.0496 0x1aa0 ql40xx - ok
18:38:33.0533 0x1aa0 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
18:38:33.0537 0x1aa0 QWAVE - ok
18:38:33.0555 0x1aa0 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:38:33.0556 0x1aa0 QWAVEdrv - ok
18:38:33.0566 0x1aa0 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:38:33.0566 0x1aa0 RasAcd - ok
18:38:33.0602 0x1aa0 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
18:38:33.0605 0x1aa0 RasAuto - ok
18:38:33.0639 0x1aa0 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:38:33.0640 0x1aa0 Rasl2tp - ok
18:38:33.0668 0x1aa0 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
18:38:33.0672 0x1aa0 RasMan - ok
18:38:33.0724 0x1aa0 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:38:33.0725 0x1aa0 RasPppoe - ok
18:38:33.0770 0x1aa0 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:38:33.0771 0x1aa0 RasSstp - ok
18:38:33.0804 0x1aa0 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:38:33.0807 0x1aa0 rdbss - ok
18:38:33.0832 0x1aa0 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:38:33.0833 0x1aa0 RDPCDD - ok
18:38:33.0870 0x1aa0 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:38:33.0873 0x1aa0 rdpdr - ok
18:38:33.0880 0x1aa0 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:38:33.0881 0x1aa0 RDPENCDD - ok
18:38:33.0937 0x1aa0 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:38:33.0939 0x1aa0 RDPWD - ok
18:38:33.0960 0x1aa0 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:38:33.0963 0x1aa0 RemoteAccess - ok
18:38:33.0992 0x1aa0 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:38:33.0995 0x1aa0 RemoteRegistry - ok
18:38:34.0021 0x1aa0 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
18:38:34.0022 0x1aa0 RpcLocator - ok
18:38:34.0063 0x1aa0 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
18:38:34.0070 0x1aa0 RpcSs - ok
18:38:34.0094 0x1aa0 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:38:34.0096 0x1aa0 rspndr - ok
18:38:34.0131 0x1aa0 RSUSBSTOR - ok
18:38:34.0209 0x1aa0 [ F8DA8FC39CE5859C0D8C0FE6524CE465 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
18:38:34.0210 0x1aa0 RTHDMIAzAudService - ok
18:38:34.0218 0x1aa0 Rts516xIR - ok
18:38:34.0253 0x1aa0 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
18:38:34.0255 0x1aa0 SamSs - ok
18:38:34.0279 0x1aa0 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:38:34.0280 0x1aa0 sbp2port - ok
18:38:34.0326 0x1aa0 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:38:34.0329 0x1aa0 SCardSvr - ok
18:38:34.0392 0x1aa0 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
18:38:34.0400 0x1aa0 Schedule - ok
18:38:34.0438 0x1aa0 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:38:34.0439 0x1aa0 SCPolicySvc - ok
18:38:34.0467 0x1aa0 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:38:34.0469 0x1aa0 SDRSVC - ok
18:38:34.0485 0x1aa0 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:38:34.0486 0x1aa0 secdrv - ok
18:38:34.0507 0x1aa0 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
18:38:34.0509 0x1aa0 seclogon - ok
18:38:34.0522 0x1aa0 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
18:38:34.0525 0x1aa0 SENS - ok
18:38:34.0539 0x1aa0 [ 2449316316411D65BD2C761A6FFB2CE2 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:38:34.0541 0x1aa0 Serenum - ok
18:38:34.0563 0x1aa0 [ 4B438170BE2FC8E0BD35EE87A960F84F ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:38:34.0565 0x1aa0 Serial - ok
18:38:34.0598 0x1aa0 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:38:34.0599 0x1aa0 sermouse - ok
18:38:34.0642 0x1aa0 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
18:38:34.0644 0x1aa0 SessionEnv - ok
18:38:34.0652 0x1aa0 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:38:34.0653 0x1aa0 sffdisk - ok
18:38:34.0661 0x1aa0 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:38:34.0661 0x1aa0 sffp_mmc - ok
18:38:34.0671 0x1aa0 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:38:34.0672 0x1aa0 sffp_sd - ok
18:38:34.0680 0x1aa0 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:38:34.0681 0x1aa0 sfloppy - ok
18:38:34.0715 0x1aa0 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:38:34.0718 0x1aa0 SharedAccess - ok
18:38:34.0772 0x1aa0 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:38:34.0776 0x1aa0 ShellHWDetection - ok
18:38:34.0783 0x1aa0 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:38:34.0784 0x1aa0 SiSRaid2 - ok
18:38:34.0815 0x1aa0 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:38:34.0816 0x1aa0 SiSRaid4 - ok
18:38:34.0877 0x1aa0 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:38:34.0878 0x1aa0 SkypeUpdate - ok
18:38:34.0972 0x1aa0 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
18:38:34.0995 0x1aa0 slsvc - ok
18:38:35.0043 0x1aa0 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:38:35.0045 0x1aa0 SLUINotify - ok
18:38:35.0096 0x1aa0 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:38:35.0098 0x1aa0 Smb - ok
18:38:35.0133 0x1aa0 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:38:35.0135 0x1aa0 SNMPTRAP - ok
18:38:35.0183 0x1aa0 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
18:38:35.0184 0x1aa0 spldr - ok
18:38:35.0245 0x1aa0 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
18:38:35.0249 0x1aa0 Spooler - ok
18:38:35.0369 0x1aa0 [ EB2FD937449B7ACEB39372F875EB8E78 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
18:38:35.0372 0x1aa0 SQLAgent$SQLEXPRESS - ok
18:38:35.0456 0x1aa0 [ 99DE6ACFA5CA83FAD6A765C81C6F129F ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:38:35.0458 0x1aa0 SQLBrowser - ok
18:38:35.0532 0x1aa0 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:38:35.0533 0x1aa0 SQLWriter - ok
18:38:35.0618 0x1aa0 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
18:38:35.0622 0x1aa0 srv - ok
18:38:35.0672 0x1aa0 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:38:35.0674 0x1aa0 srv2 - ok
18:38:35.0733 0x1aa0 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:38:35.0735 0x1aa0 srvnet - ok
18:38:35.0779 0x1aa0 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:38:35.0783 0x1aa0 SSDPSRV - ok
18:38:35.0833 0x1aa0 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:38:35.0836 0x1aa0 SstpSvc - ok
18:38:35.0900 0x1aa0 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:38:35.0902 0x1aa0 ssudmdm - ok
18:38:35.0961 0x1aa0 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
18:38:35.0968 0x1aa0 stisvc - ok
18:38:36.0001 0x1aa0 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:38:36.0002 0x1aa0 swenum - ok
18:38:36.0115 0x1aa0 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:38:36.0119 0x1aa0 SwitchBoard - ok
18:38:36.0191 0x1aa0 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv
-
That doesn't look like the complete log. Please run again. I only need to see the bottom dozen lines from the log.
-
21:58:59.0675 7900 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:59:00.0261 7900 ============================================================
21:59:00.0261 7900 Current date / time: 2013/08/31 21:59:00.0261
21:59:00.0261 7900 SystemInfo:
21:59:00.0261 7900
21:59:00.0261 7900 OS Version: 6.0.6002 ServicePack: 2.0
21:59:00.0261 7900 Product type: Workstation
21:59:00.0262 7900 ComputerName: DOUG-PC
21:59:00.0262 7900 UserName: doug
21:59:00.0262 7900 Windows directory: C:\Windows
21:59:00.0262 7900 System windows directory: C:\Windows
21:59:00.0262 7900 Running under WOW64
21:59:00.0262 7900 Processor architecture: Intel x64
21:59:00.0262 7900 Number of processors: 4
21:59:00.0262 7900 Page size: 0x1000
21:59:00.0262 7900 Boot type: Normal boot
21:59:00.0262 7900 ============================================================
21:59:02.0335 7900 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:59:02.0348 7900 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:59:04.0000 7900 Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:59:04.0055 7900 Drive \Device\Harddisk7\DR7 - Size: 0x774488000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:59:04.0060 7900 ============================================================
21:59:04.0060 7900 \Device\Harddisk0\DR0:
21:59:04.0121 7900 MBR partitions:
21:59:04.0121 7900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1389000, BlocksNum 0x561BC800
21:59:04.0121 7900 \Device\Harddisk1\DR1:
21:59:04.0130 7900 MBR partitions:
21:59:04.0130 7900 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
21:59:04.0130 7900 \Device\Harddisk2\DR2:
21:59:04.0130 7900 MBR partitions:
21:59:04.0131 7900 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
21:59:04.0131 7900 \Device\Harddisk7\DR7:
21:59:04.0132 7900 MBR partitions:
21:59:04.0132 7900 \Device\Harddisk7\DR7\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BA2420
21:59:04.0132 7900 ============================================================
21:59:04.0135 7900 C: <-> \Device\Harddisk0\DR0\Partition1
21:59:06.0516 7900 D: <-> \Device\Harddisk2\DR2\Partition1
21:59:06.0543 7900 L: <-> \Device\Harddisk1\DR1\Partition1
21:59:06.0544 7900 ============================================================
21:59:06.0544 7900 Initialize success
21:59:06.0544 7900 ============================================================
21:59:09.0261 7496 ============================================================
21:59:09.0261 7496 Scan started
21:59:09.0261 7496 Mode: Manual;
21:59:09.0261 7496 ============================================================
21:59:09.0920 7496 ================ Scan system memory ========================
21:59:09.0920 7496 System memory - ok
21:59:09.0921 7496 ================ Scan services =============================
21:59:10.0544 7496 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
21:59:10.0548 7496 ACPI - ok
21:59:10.0616 7496 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
21:59:10.0633 7496 adfs - ok
21:59:10.0921 7496 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
21:59:10.0946 7496 AdobeActiveFileMonitor7.0 - ok
21:59:11.0094 7496 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:59:11.0111 7496 AdobeARMservice - ok
21:59:11.0319 7496 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:59:11.0340 7496 AdobeFlashPlayerUpdateSvc - ok
21:59:11.0406 7496 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:59:11.0412 7496 adp94xx - ok
21:59:11.0462 7496 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:59:11.0465 7496 adpahci - ok
21:59:11.0490 7496 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:59:11.0512 7496 adpu160m - ok
21:59:11.0604 7496 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:59:11.0625 7496 adpu320 - ok
21:59:11.0665 7496 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:59:11.0667 7496 AeLookupSvc - ok
21:59:11.0816 7496 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
21:59:11.0819 7496 AFD - ok
21:59:11.0860 7496 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:59:11.0862 7496 agp440 - ok
21:59:11.0913 7496 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:59:11.0932 7496 aic78xx - ok
21:59:11.0945 7496 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
21:59:11.0947 7496 ALG - ok
21:59:11.0980 7496 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
21:59:11.0981 7496 aliide - ok
21:59:12.0048 7496 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:59:12.0052 7496 AMD External Events Utility - ok
21:59:12.0212 7496 AMD FUEL Service - ok
21:59:12.0257 7496 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
21:59:12.0258 7496 amdide - ok
21:59:12.0325 7496 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
21:59:12.0327 7496 amdiox64 - ok
21:59:12.0346 7496 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:59:12.0347 7496 AmdK8 - ok
21:59:13.0041 7496 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:59:13.0117 7496 amdkmdag - ok
21:59:13.0160 7496 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:59:13.0163 7496 amdkmdap - ok
21:59:13.0225 7496 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:59:13.0226 7496 AODDriver4.1 - ok
21:59:13.0282 7496 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
21:59:13.0285 7496 Appinfo - ok
21:59:13.0369 7496 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:59:13.0371 7496 Apple Mobile Device - ok
21:59:13.0432 7496 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
21:59:13.0434 7496 arc - ok
21:59:13.0480 7496 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:59:13.0482 7496 arcsas - ok
21:59:13.0518 7496 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:59:13.0532 7496 AsyncMac - ok
21:59:13.0577 7496 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
21:59:13.0578 7496 atapi - ok
21:59:13.0826 7496 [ 60216B0E704584DE6D5A9F59E9C34C47 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:59:13.0931 7496 atikmdag - ok
21:59:13.0968 7496 [ DB0D3DE15EDC96E7529FC0D3F7760894 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
21:59:13.0969 7496 AtiPcie - ok
21:59:14.0021 7496 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:59:14.0031 7496 AudioEndpointBuilder - ok
21:59:14.0051 7496 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:59:14.0055 7496 AudioSrv - ok
21:59:14.0109 7496 [ 5E76DEBBA4311AC1C44DE83D59A9584E ] AVer88xHD C:\Windows\system32\drivers\AVer88xHD64.sys
21:59:14.0114 7496 AVer88xHD - ok
21:59:14.0154 7496 Beep - ok
21:59:14.0214 7496 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
21:59:14.0222 7496 BFE - ok
21:59:14.0298 7496 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll
21:59:14.0315 7496 BITS - ok
21:59:14.0355 7496 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:59:14.0357 7496 blbdrive - ok
21:59:14.0426 7496 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:59:14.0435 7496 Bonjour Service - ok
21:59:14.0479 7496 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:59:14.0482 7496 bowser - ok
21:59:14.0524 7496 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:59:14.0525 7496 BrFiltLo - ok
21:59:14.0573 7496 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:59:14.0573 7496 BrFiltUp - ok
21:59:14.0945 7496 [ A61D617F37456D9D32F98BF70EB5D414 ] BrlAPI C:\cygwin\bin\cygrunsrv.exe
21:59:14.0948 7496 BrlAPI - ok
21:59:14.0982 7496 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
21:59:14.0984 7496 Browser - ok
21:59:15.0022 7496 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
21:59:15.0046 7496 Brserid - ok
21:59:15.0073 7496 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:59:15.0074 7496 BrSerWdm - ok
21:59:15.0095 7496 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:59:15.0096 7496 BrUsbMdm - ok
21:59:15.0116 7496 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:59:15.0117 7496 BrUsbSer - ok
21:59:15.0130 7496 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:59:15.0131 7496 BTHMODEM - ok
21:59:15.0176 7496 catchme - ok
21:59:15.0217 7496 [ 551BE1536B27DC056EA4D48275EFB089 ] CAXHWBS2 C:\Windows\system32\DRIVERS\CAXHWBS2.sys
21:59:15.0220 7496 CAXHWBS2 - ok
21:59:15.0234 7496 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:59:15.0236 7496 cdfs - ok
21:59:15.0264 7496 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:59:15.0266 7496 cdrom - ok
21:59:15.0316 7496 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
21:59:15.0318 7496 CertPropSvc - ok
21:59:15.0349 7496 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:59:15.0350 7496 circlass - ok
21:59:15.0398 7496 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
21:59:15.0401 7496 CLFS - ok
21:59:15.0515 7496 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:59:15.0517 7496 clr_optimization_v2.0.50727_32 - ok
21:59:15.0609 7496 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:59:15.0611 7496 clr_optimization_v2.0.50727_64 - ok
21:59:15.0714 7496 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:59:15.0718 7496 clr_optimization_v4.0.30319_32 - ok
21:59:15.0785 7496 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:59:15.0788 7496 clr_optimization_v4.0.30319_64 - ok
21:59:15.0812 7496 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:59:15.0814 7496 cmdide - ok
21:59:15.0831 7496 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:59:15.0833 7496 Compbatt - ok
21:59:15.0842 7496 COMSysApp - ok
21:59:15.0897 7496 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
21:59:15.0898 7496 cpuz135 - ok
21:59:15.0920 7496 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:59:15.0922 7496 crcdisk - ok
21:59:15.0974 7496 [ 5AAC48EAF8EACF247DB44FB61B900D89 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:59:15.0978 7496 CryptSvc - ok
21:59:16.0111 7496 [ A61D617F37456D9D32F98BF70EB5D414 ] cygserver C:\cygwin\bin\cygrunsrv.exe
21:59:16.0113 7496 cygserver - ok
21:59:16.0182 7496 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
21:59:16.0195 7496 DcomLaunch - ok
21:59:16.0228 7496 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:59:16.0231 7496 DfsC - ok
21:59:16.0357 7496 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
21:59:16.0405 7496 DFSR - ok
21:59:16.0463 7496 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:59:16.0466 7496 dg_ssudbus - ok
21:59:16.0529 7496 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:59:16.0535 7496 Dhcp - ok
21:59:16.0591 7496 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
21:59:16.0593 7496 disk - ok
21:59:16.0647 7496 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:59:16.0650 7496 Dnscache - ok
21:59:16.0748 7496 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
21:59:16.0770 7496 dot3svc - ok
21:59:16.0805 7496 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
21:59:16.0808 7496 DPS - ok
21:59:16.0985 7496 [ 308195495181C8F3D51E6ED5B58D54AC ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
21:59:17.0018 7496 DragonUpdater - ok
21:59:17.0066 7496 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:59:17.0067 7496 drmkaud - ok
21:59:17.0121 7496 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:59:17.0128 7496 DXGKrnl - ok
21:59:17.0145 7496 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
21:59:17.0148 7496 E1G60 - ok
21:59:17.0167 7496 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
21:59:17.0170 7496 EapHost - ok
21:59:17.0228 7496 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
21:59:17.0231 7496 Ecache - ok
21:59:17.0285 7496 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:59:17.0292 7496 ehRecvr - ok
21:59:17.0315 7496 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
21:59:17.0318 7496 ehSched - ok
21:59:17.0357 7496 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
21:59:17.0359 7496 ehstart - ok
21:59:17.0403 7496 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:59:17.0410 7496 elxstor - ok
21:59:17.0471 7496 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:59:17.0478 7496 EMDMgmt - ok
21:59:17.0523 7496 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:59:17.0524 7496 ErrDev - ok
21:59:17.0602 7496 [ 4D06D9A26227AC485305133916888DF1 ] ETService C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
21:59:17.0603 7496 ETService - ok
21:59:17.0661 7496 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
21:59:17.0668 7496 EventSystem - ok
21:59:17.0698 7496 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
21:59:17.0702 7496 exfat - ok
21:59:17.0750 7496 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:59:17.0754 7496 fastfat - ok
21:59:17.0800 7496 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:59:17.0802 7496 fdc - ok
21:59:17.0840 7496 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
21:59:17.0842 7496 fdPHost - ok
21:59:17.0856 7496 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
21:59:17.0858 7496 FDResPub - ok
21:59:17.0891 7496 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:59:17.0894 7496 FileInfo - ok
21:59:17.0902 7496 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:59:17.0904 7496 Filetrace - ok
21:59:17.0973 7496 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:59:17.0984 7496 FLEXnet Licensing Service - ok
21:59:18.0014 7496 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:59:18.0016 7496 flpydisk - ok
21:59:18.0066 7496 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:59:18.0071 7496 FltMgr - ok
21:59:18.0167 7496 [ F20A97F51C104DD0A163251325460747 ] FontCache C:\Windows\system32\FntCache.dll
21:59:18.0185 7496 FontCache - ok
21:59:18.0297 7496 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:59:18.0299 7496 FontCache3.0.0.0 - ok
21:59:18.0334 7496 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:59:18.0336 7496 Fs_Rec - ok
21:59:18.0371 7496 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:59:18.0373 7496 gagp30kx - ok
21:59:18.0412 7496 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:59:18.0414 7496 GEARAspiWDM - ok
21:59:18.0479 7496 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\Windows\system32\drivers\gfibto.sys
21:59:18.0481 7496 gfibto - ok
21:59:18.0536 7496 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
21:59:18.0549 7496 gpsvc - ok
21:59:18.0622 7496 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:18.0625 7496 gupdate - ok
21:59:18.0631 7496 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:18.0633 7496 gupdatem - ok
21:59:18.0689 7496 [ 49FF998B490B4AEF6C71A669FD10F09B ] hcmon C:\Windows\system32\drivers\hcmon.sys
21:59:18.0691 7496 hcmon - ok
21:59:18.0741 7496 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:59:18.0746 7496 HdAudAddService - ok
21:59:18.0815 7496 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:59:18.0830 7496 HDAudBus - ok
21:59:18.0884 7496 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:59:18.0885 7496 HidBth - ok
21:59:18.0922 7496 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:59:18.0924 7496 HidIr - ok
21:59:18.0960 7496 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll
21:59:18.0962 7496 hidserv - ok
21:59:19.0002 7496 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:59:19.0004 7496 HidUsb - ok
21:59:19.0055 7496 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
21:59:19.0058 7496 hkmsvc - ok
21:59:19.0084 7496 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:59:19.0086 7496 HpCISSs - ok
21:59:19.0140 7496 [ 9C369CBC5F19DA9968223197B5205F68 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
21:59:19.0162 7496 HSF_DPV - ok
21:59:19.0212 7496 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:59:19.0222 7496 HTTP - ok
21:59:19.0235 7496 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:59:19.0236 7496 i2omp - ok
21:59:19.0255 7496 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:59:19.0258 7496 i8042prt - ok
21:59:19.0290 7496 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:59:19.0296 7496 iaStorV - ok
21:59:19.0380 7496 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:59:19.0394 7496 idsvc - ok
21:59:19.0404 7496 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:59:19.0406 7496 iirsp - ok
21:59:19.0453 7496 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
21:59:19.0463 7496 IKEEXT - ok
21:59:19.0552 7496 [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4 ] int15 C:\Windows\SysWOW64\drivers\int15_64.sys
21:59:19.0553 7496 int15 - ok
21:59:19.0561 7496 IntcAzAudAddService - ok
21:59:19.0571 7496 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
21:59:19.0573 7496 intelide - ok
21:59:19.0582 7496 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:59:19.0584 7496 intelppm - ok
21:59:19.0601 7496 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:59:19.0605 7496 IPBusEnum - ok
21:59:19.0635 7496 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:59:19.0637 7496 IpFilterDriver - ok
21:59:19.0686 7496 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:59:19.0692 7496 iphlpsvc - ok
21:59:19.0699 7496 IpInIp - ok
21:59:19.0722 7496 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:59:19.0725 7496 IPMIDRV - ok
21:59:19.0757 7496 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:59:19.0760 7496 IPNAT - ok
21:59:19.0834 7496 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:59:19.0844 7496 iPod Service - ok
21:59:19.0852 7496 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:59:19.0854 7496 IRENUM - ok
21:59:19.0876 7496 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:59:19.0878 7496 isapnp - ok
21:59:19.0931 7496 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:59:19.0936 7496 iScsiPrt - ok
21:59:19.0944 7496 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:59:19.0946 7496 iteatapi - ok
21:59:19.0956 7496 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:59:19.0958 7496 iteraid - ok
21:59:19.0996 7496 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:59:19.0998 7496 kbdclass - ok
21:59:20.0047 7496 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:59:20.0048 7496 kbdhid - ok
21:59:20.0080 7496 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
21:59:20.0082 7496 KeyIso - ok
21:59:20.0124 7496 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:59:20.0133 7496 KSecDD - ok
21:59:20.0153 7496 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:59:20.0155 7496 ksthunk - ok
21:59:20.0188 7496 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
21:59:20.0197 7496 KtmRm - ok
21:59:20.0240 7496 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:59:20.0245 7496 LanmanServer - ok
21:59:20.0275 7496 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:59:20.0280 7496 LanmanWorkstation - ok
21:59:20.0330 7496 [ 3C46290F7A5D45BA6EF32C248E22AA69 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
21:59:20.0333 7496 Lbd - ok
21:59:20.0493 7496 [ 70FB6254E29150A7A4A39FDFFD306C33 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:59:20.0500 7496 LBTServ - ok
21:59:20.0539 7496 [ A03B765FF67E58BA75333C7C8C0D7706 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
21:59:20.0542 7496 LEqdUsb - ok
21:59:20.0576 7496 [ 389588725D419476F365370BED4FFE5A ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
21:59:20.0578 7496 LHidEqd - ok
21:59:20.0627 7496 [ 1470EF17E02E82E4F43346DF9E9F11E1 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:59:20.0630 7496 LHidFilt - ok
21:59:20.0654 7496 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:59:20.0657 7496 lltdio - ok
21:59:20.0679 7496 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:59:20.0686 7496 lltdsvc - ok
21:59:20.0708 7496 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:59:20.0710 7496 lmhosts - ok
21:59:20.0817 7496 [ 1DA54699C47501B92941A73A558D9E2A ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
21:59:20.0824 7496 LMIGuardianSvc - ok
21:59:20.0847 7496 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
21:59:20.0848 7496 LMIInfo - ok
21:59:20.0863 7496 [ 95DC370DBCE48AA1CD61DD999C143CEC ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
21:59:20.0867 7496 LMIMaint - ok
21:59:20.0904 7496 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
21:59:20.0905 7496 lmimirr - ok
21:59:20.0913 7496 LMIRfsClientNP - ok
21:59:20.0942 7496 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
21:59:20.0944 7496 LMIRfsDriver - ok
21:59:20.0982 7496 [ 12814AE119E959437BEA3110F81BD188 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:59:20.0984 7496 LMouFilt - ok
21:59:21.0041 7496 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
21:59:21.0048 7496 LogMeIn - ok
21:59:21.0102 7496 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:59:21.0104 7496 LSI_FC - ok
21:59:21.0122 7496 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:59:21.0124 7496 LSI_SAS - ok
21:59:21.0142 7496 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:59:21.0145 7496 LSI_SCSI - ok
21:59:21.0184 7496 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
21:59:21.0186 7496 luafv - ok
21:59:21.0364 7496 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:59:21.0461 7496 LVUVC64 - ok
21:59:21.0502 7496 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:59:21.0503 7496 MBAMProtector - ok
21:59:21.0540 7496 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:59:21.0548 7496 MBAMScheduler - ok
21:59:21.0580 7496 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:59:21.0592 7496 MBAMService - ok
21:59:21.0660 7496 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
21:59:21.0664 7496 mcdbus - ok
21:59:21.0707 7496 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:59:21.0710 7496 Mcx2Svc - ok
21:59:21.0735 7496 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:59:21.0737 7496 mdmxsdk - ok
21:59:21.0759 7496 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
21:59:21.0761 7496 megasas - ok
21:59:21.0800 7496 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
21:59:21.0808 7496 MegaSR - ok
21:59:21.0889 7496 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:59:21.0892 7496 Microsoft Office Groove Audit Service - ok
21:59:21.0909 7496 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
21:59:21.0911 7496 MMCSS - ok
21:59:21.0926 7496 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
21:59:21.0929 7496 Modem - ok
21:59:21.0958 7496 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:59:21.0960 7496 monitor - ok
21:59:21.0975 7496 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:59:21.0977 7496 mouclass - ok
21:59:22.0017 7496 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:59:22.0019 7496 mouhid - ok
21:59:22.0042 7496 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:59:22.0045 7496 MountMgr - ok
21:59:22.0106 7496 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:59:22.0109 7496 MozillaMaintenance - ok
21:59:22.0147 7496 [ FC1D590039EF06A381768710E6C07E75 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:59:22.0151 7496 MpFilter - ok
21:59:22.0174 7496 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
21:59:22.0177 7496 mpio - ok
21:59:22.0205 7496 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:59:22.0207 7496 mpsdrv - ok
21:59:22.0253 7496 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
21:59:22.0265 7496 MpsSvc - ok
21:59:22.0274 7496 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:59:22.0276 7496 Mraid35x - ok
21:59:22.0318 7496 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:59:22.0322 7496 MRxDAV - ok
21:59:22.0376 7496 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:59:22.0380 7496 mrxsmb - ok
21:59:22.0432 7496 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:59:22.0437 7496 mrxsmb10 - ok
21:59:22.0484 7496 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:59:22.0487 7496 mrxsmb20 - ok
21:59:22.0507 7496 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
21:59:22.0509 7496 msahci - ok
21:59:22.0520 7496 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:59:22.0523 7496 msdsm - ok
21:59:22.0558 7496 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
21:59:22.0562 7496 MSDTC - ok
21:59:22.0578 7496 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:59:22.0580 7496 Msfs - ok
21:59:22.0619 7496 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:59:22.0621 7496 msisadrv - ok
21:59:22.0643 7496 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:59:22.0648 7496 MSiSCSI - ok
21:59:22.0659 7496 msiserver - ok
21:59:22.0685 7496 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:59:22.0687 7496 MSKSSRV - ok
21:59:22.0763 7496 [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:59:22.0764 7496 MsMpSvc - ok
21:59:22.0783 7496 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:59:22.0784 7496 MSPCLOCK - ok
21:59:22.0804 7496 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:59:22.0806 7496 MSPQM - ok
21:59:22.0838 7496 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:59:22.0844 7496 MsRPC - ok
21:59:22.0873 7496 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:59:22.0875 7496 mssmbios - ok
21:59:22.0964 7496 MSSQL$SQLEXPRESS - ok
21:59:23.0083 7496 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:59:23.0085 7496 MSSQLServerADHelper100 - ok
21:59:23.0117 7496 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:59:23.0118 7496 MSTEE - ok
21:59:23.0318 7496 [ CB4A082AF58D1A0969F931816D5CFB05 ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
21:59:23.0400 7496 msvsmon90 - ok
21:59:23.0456 7496 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
21:59:23.0458 7496 Mup - ok
21:59:23.0517 7496 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
21:59:23.0526 7496 napagent - ok
21:59:23.0584 7496 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:59:23.0588 7496 NativeWifiP - ok
21:59:23.0658 7496 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:59:23.0669 7496 NDIS - ok
21:59:23.0709 7496 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:59:23.0711 7496 NdisTapi - ok
21:59:23.0730 7496 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:59:23.0732 7496 Ndisuio - ok
21:59:23.0774 7496 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:59:23.0777 7496 NdisWan - ok
21:59:23.0812 7496 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:59:23.0814 7496 NDProxy - ok
21:59:23.0832 7496 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:59:23.0834 7496 NetBIOS - ok
21:59:23.0880 7496 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:59:23.0884 7496 netbt - ok
21:59:23.0912 7496 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
21:59:23.0914 7496 Netlogon - ok
21:59:23.0952 7496 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
21:59:23.0959 7496 Netman - ok
21:59:23.0984 7496 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
21:59:23.0991 7496 netprofm - ok
21:59:24.0038 7496 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:59:24.0041 7496 NetTcpPortSharing - ok
21:59:24.0059 7496 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:59:24.0061 7496 nfrd960 - ok
21:59:24.0109 7496 [ 8FB3C853E886E1E4D57271672486111C ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:59:24.0112 7496 NisDrv - ok
21:59:24.0166 7496 [ 869A808253726EA11939EC4FE76346A4 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
21:59:24.0169 7496 NisSrv - ok
21:59:24.0188 7496 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
21:59:24.0194 7496 NlaSvc - ok
21:59:24.0232 7496 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:59:24.0234 7496 Npfs - ok
21:59:24.0258 7496 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
21:59:24.0260 7496 nsi - ok
21:59:24.0279 7496 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:59:24.0281 7496 nsiproxy - ok
21:59:24.0357 7496 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:59:24.0379 7496 Ntfs - ok
21:59:24.0407 7496 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
21:59:24.0409 7496 Null - ok
21:59:24.0443 7496 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:59:24.0447 7496 nvraid - ok
21:59:24.0457 7496 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:59:24.0459 7496 nvstor - ok
21:59:24.0492 7496 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:59:24.0495 7496 nv_agp - ok
21:59:24.0503 7496 NwlnkFlt - ok
21:59:24.0516 7496 NwlnkFwd - ok
21:59:24.0606 7496 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:59:24.0615 7496 odserv - ok
21:59:24.0661 7496 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:59:24.0663 7496 ohci1394 - ok
21:59:24.0715 7496 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:59:24.0718 7496 ose - ok
21:59:24.0793 7496 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:59:24.0807 7496 p2pimsvc - ok
21:59:24.0825 7496 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
21:59:24.0834 7496 p2psvc - ok
21:59:24.0878 7496 [ 4C6A7FD04DDF4DB88791048382E3EDB1 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:59:24.0881 7496 Parport - ok
21:59:24.0920 7496 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:59:24.0923 7496 partmgr - ok
21:59:24.0989 7496 [ 55223EEFABFDB84A926515FEBAB50D9A ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
21:59:24.0990 7496 pbfilter - ok
21:59:25.0024 7496 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
21:59:25.0027 7496 PcaSvc - ok
21:59:25.0070 7496 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
21:59:25.0074 7496 pci - ok
21:59:25.0127 7496 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
21:59:25.0128 7496 pciide - ok
21:59:25.0155 7496 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:59:25.0160 7496 pcmcia - ok
21:59:25.0198 7496 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:59:25.0210 7496 PEAUTH - ok
21:59:25.0293 7496 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:59:25.0296 7496 PerfHost - ok
21:59:25.0373 7496 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
21:59:25.0401 7496 pla - ok
21:59:25.0445 7496 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:59:25.0453 7496 PlugPlay - ok
21:59:25.0475 7496 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:59:25.0484 7496 PNRPAutoReg - ok
21:59:25.0504 7496 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:59:25.0513 7496 PNRPsvc - ok
21:59:25.0569 7496 [ A6D06378F37BDBA0C0019294C2AABBD0 ] Point64 C:\Windows\system32\DRIVERS\point64k.sys
21:59:25.0571 7496 Point64 - ok
21:59:25.0625 7496 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:59:25.0635 7496 PolicyAgent - ok
21:59:25.0680 7496 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:59:25.0683 7496 PptpMiniport - ok
21:59:25.0715 7496 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:59:25.0716 7496 Processor - ok
21:59:25.0750 7496 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
21:59:25.0754 7496 ProfSvc - ok
21:59:25.0779 7496 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
21:59:25.0781 7496 ProtectedStorage - ok
21:59:25.0816 7496 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:59:25.0817 7496 PSched - ok
21:59:25.0847 7496 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
21:59:25.0849 7496 PxHlpa64 - ok
21:59:25.0907 7496 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:59:25.0926 7496 ql2300 - ok
21:59:25.0936 7496 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:59:25.0939 7496 ql40xx - ok
21:59:25.0983 7496 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
21:59:25.0990 7496 QWAVE - ok
21:59:26.0021 7496 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:59:26.0023 7496 QWAVEdrv - ok
21:59:26.0040 7496 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:59:26.0042 7496 RasAcd - ok
21:59:26.0086 7496 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
21:59:26.0090 7496 RasAuto - ok
21:59:26.0122 7496 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:59:26.0125 7496 Rasl2tp - ok
21:59:26.0151 7496 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
21:59:26.0158 7496 RasMan - ok
21:59:26.0207 7496 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:59:26.0209 7496 RasPppoe - ok
21:59:26.0254 7496 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:59:26.0256 7496 RasSstp - ok
21:59:26.0287 7496 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:59:26.0293 7496 rdbss - ok
21:59:26.0323 7496 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:59:26.0325 7496 RDPCDD - ok
21:59:26.0361 7496 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:59:26.0367 7496 rdpdr - ok
21:59:26.0375 7496 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:59:26.0377 7496 RDPENCDD - ok
21:59:26.0428 7496 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:59:26.0434 7496 RDPWD - ok
21:59:26.0452 7496 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:59:26.0456 7496 RemoteAccess - ok
21:59:26.0492 7496 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:59:26.0498 7496 RemoteRegistry - ok
21:59:26.0537 7496 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
21:59:26.0539 7496 RpcLocator - ok
21:59:26.0590 7496 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
21:59:26.0598 7496 RpcSs - ok
21:59:26.0627 7496 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:59:26.0629 7496 rspndr - ok
21:59:26.0659 7496 RSUSBSTOR - ok
21:59:26.0701 7496 [ F8DA8FC39CE5859C0D8C0FE6524CE465 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
21:59:26.0704 7496 RTHDMIAzAudService - ok
21:59:26.0712 7496 Rts516xIR - ok
21:59:26.0737 7496 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
21:59:26.0738 7496 SamSs - ok
21:59:26.0770 7496 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:59:26.0773 7496 sbp2port - ok
21:59:26.0818 7496 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:59:26.0823 7496 SCardSvr - ok
21:59:26.0884 7496 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
21:59:26.0899 7496 Schedule - ok
21:59:26.0938 7496 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:59:26.0940 7496 SCPolicySvc - ok
21:59:26.0958 7496 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:59:26.0963 7496 SDRSVC - ok
21:59:26.0977 7496 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:59:26.0979 7496 secdrv - ok
21:59:27.0015 7496 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
21:59:27.0018 7496 seclogon - ok
21:59:27.0031 7496 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
21:59:27.0034 7496 SENS - ok
21:59:27.0048 7496 [ 2449316316411D65BD2C761A6FFB2CE2 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:59:27.0050 7496 Serenum - ok
21:59:27.0063 7496 [ 4B438170BE2FC8E0BD35EE87A960F84F ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:59:27.0066 7496 Serial - ok
21:59:27.0098 7496 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:59:27.0100 7496 sermouse - ok
21:59:27.0142 7496 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
21:59:27.0145 7496 SessionEnv - ok
21:59:27.0153 7496 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:59:27.0155 7496 sffdisk - ok
21:59:27.0164 7496 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:59:27.0166 7496 sffp_mmc - ok
21:59:27.0179 7496 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:59:27.0180 7496 sffp_sd - ok
21:59:27.0190 7496 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:59:27.0192 7496 sfloppy - ok
21:59:27.0215 7496 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:59:27.0223 7496 SharedAccess - ok
21:59:27.0280 7496 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:59:27.0287 7496 ShellHWDetection - ok
21:59:27.0295 7496 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:59:27.0298 7496 SiSRaid2 - ok
21:59:27.0331 7496 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:59:27.0334 7496 SiSRaid4 - ok
21:59:27.0393 7496 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:59:27.0397 7496 SkypeUpdate - ok
21:59:27.0496 7496 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
21:59:27.0537 7496 slsvc - ok
21:59:27.0584 7496 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:59:27.0588 7496 SLUINotify - ok
21:59:27.0637 7496 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:59:27.0640 7496 Smb - ok
21:59:27.0683 7496 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:59:27.0685 7496 SNMPTRAP - ok
21:59:27.0724 7496 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
21:59:27.0726 7496 spldr - ok
21:59:27.0778 7496 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
21:59:27.0785 7496 Spooler - ok
21:59:27.0828 7496 [ EB2FD937449B7ACEB39372F875EB8E78 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:59:27.0835 7496 SQLAgent$SQLEXPRESS - ok
21:59:27.0915 7496 [ 99DE6ACFA5CA83FAD6A765C81C6F129F ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:59:27.0920 7496 SQLBrowser - ok
21:59:27.0990 7496 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:59:27.0994 7496 SQLWriter - ok
21:59:28.0051 7496 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
21:59:28.0059 7496 srv - ok
21:59:28.0105 7496 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:59:28.0109 7496 srv2 - ok
21:59:28.0133 7496 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:59:28.0137 7496 srvnet - ok
21:59:28.0179 7496 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:59:28.0184 7496 SSDPSRV - ok
21:59:28.0225 7496 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:59:28.0229 7496 SstpSvc - ok
21:59:28.0300 7496 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:59:28.0304 7496 ssudmdm - ok
21:59:28.0361 7496 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
21:59:28.0371 7496 stisvc - ok
21:59:28.0401 7496 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:59:28.0403 7496 swenum - ok
21:59:28.0506 7496 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:59:28.0517 7496 SwitchBoard - ok
21:59:28.0575 7496 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
21:59:28.0585 7496 swprv - ok
21:59:28.0603 7496 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:59:28.0605 7496 Symc8xx - ok
21:59:28.0615 7496 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:59:28.0617 7496 Sym_hi - ok
21:59:28.0627 7496 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:59:28.0629 7496 Sym_u3 - ok
21:59:28.0678 7496 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
21:59:28.0695 7496 SysMain - ok
21:59:28.0716 7496 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:59:28.0720 7496 TabletInputService - ok
21:59:28.0772 7496 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:59:28.0779 7496 TapiSrv - ok
21:59:28.0807 7496 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
21:59:28.0810 7496 TBS - ok
21:59:28.0879 7496&
-
Please run AdwCleaner and MBAM again and post the logs.
-
# AdwCleaner v3.002 - Report created 02/09/2013 at 21:27:44
# Updated 01/09/2013 by Xplode
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : doug - DOUG-PC
# Running from : C:\Users\doug\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16502
-\\ Mozilla Firefox v23.0.1 (en-US)
[ File : C:\Users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\prefs.js ]
-\\ Google Chrome v29.0.1547.62
[ File : C:\Users\doug\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [12777 octets] - [28/08/2013 20:54:28]
AdwCleaner[R1].txt - [1116 octets] - [02/09/2013 21:24:16]
AdwCleaner[S0].txt - [9783 octets] - [28/08/2013 21:01:25]
AdwCleaner[S1].txt - [1040 octets] - [02/09/2013 21:27:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1100 octets] ##########
-
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.09.02.09
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
doug :: DOUG-PC [administrator]
9/2/2013 9:39:25 PM
mbam-log-2013-09-02 (21-39-25).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 254634
Time elapsed: 13 minute(s), 16 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
Does this happen only when your browser is open? What browser are you using?
-
I always have a browser open, actually I always have 2 open:
- Firefox
- plus i use a browser based on Chrome called Comodo Dragon (because I cannot install Chrome on my machine for reasons I cannot fathom).
,
Should I try shutting the browsers down to see if it breaks it off?
-
It happened again so I shut down my browsers and the sound persisted.
-
Please uninstall Firefox and see if that helps.
-
No luck.
I have What's Running set up so the next time it happens I'll be able to see where it's connecting.
-
Found this weird thing in What's running Startup folder. See attached pic. I do have the Dropbox plugin on my computer. The chinese writing is scary.
[recovering disk space, attachment deleted by admin]
-
Found this weird thing in What's running Startup folder. See attached pic. I do have the Dropbox plugin on my computer. The chinese writing is scary.
That is weird. Can you disable it?
-
I disabled it and I still get it! This is getting creepy.
-
I disabled it and I still get it! This is getting creepy.
Can you uninstall dropbox?
-
I uninstalled Dropbox last night and have not heard anything so far today, which is about 3 hours.
-
Fsck all! It started again.
-
Fsck all! It started again.
Does it still do when IE is opened?
-
I don't use IE but I can leave it open.
Here is a strange thing, a couple of days ago I shut down every process in Task manager (except for the system ones, which cannot be stopped) while the audio was running; everything was stopped including my desktop, which entirely disappeared, and I could still hear the audio.
-
hah no luck
-
everything was stopped including my desktop, which entirely disappeared, and I could still hear the audio.
The only one you shouldn't stop is explorer. This is really a puzzle. Please try this. Physically disconnect from the internet and see if you can still hear the audio.
-
It started playing, so I disconnected the internet and it stopped about 5 seconds later. I left it off for about 3 minutes, and when I plugged it back it, it started playing again within 5 seconds.
-
I'm going t check with a colleague about this problem.
-
Well thank you I appreciate it. My online investigation suggests that theTDSSKiller should have done the job, but I suppose I have a variant. In any event, I'm beginning to brace myself for the possibility that I will have to reinstall.
-
Well thank you I appreciate it. My online investigation suggests that theTDSSKiller should have done the job, but I suppose I have a variant. In any event, I'm beginning to brace myself for the possibility that I will have to reinstall.
That's always a possibility. You should backup all your important data. Also could you run ComboFix and TDSSKiller and post the logs. I only need to see the bottom ten lines of TDSS.
-
TDSS
23:24:28.0599 7808 ================ Scan VBR ==================================
23:24:28.0617 7808 [ AB2522FC70605093AF8A9F7397AFBB75 ] \Device\Harddisk0\DR0\Partition1
23:24:28.0618 7808 \Device\Harddisk0\DR0\Partition1 - ok
23:24:28.0640 7808 [ F5BE331CDEDDC5FE4288744E7456CB28 ] \Device\Harddisk1\DR1\Partition1
23:24:28.0642 7808 \Device\Harddisk1\DR1\Partition1 - ok
23:24:28.0648 7808 [ 27693C0DC8219674FFDA01A04EF5AF78 ] \Device\Harddisk2\DR2\Partition1
23:24:28.0650 7808 \Device\Harddisk2\DR2\Partition1 - ok
23:24:28.0655 7808 ============================================================
23:24:28.0655 7808 Scan finished
23:24:28.0655 7808 ============================================================
23:24:28.0689 4336 Detected object count: 0
23:24:28.0689 4336 Actual detected object count: 0
-
Good, could you run ComboFix again and post the log?
Please download Farbar Service Scanner (http://download.bleepingcomputer.com/farbar/FSS.exe) and run it on the computer with the issue.
- Press "Scan".
- It will create a log (FSS.txt) in the same directory the tool is run.
- Please copy and paste the log to your reply.
-
ComboFix 13-09-08.02 - doug 09/08/2013 15:12:02.4.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.7934.5378 [GMT -4:00]
Running from: c:\users\doug\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-08-08 to 2013-09-08 )))))))))))))))))))))))))))))))
.
.
2013-09-08 19:40 . 2013-09-08 19:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-09-08 19:40 . 2013-09-08 19:40 -------- d-----w- c:\users\doug taylor\AppData\Local\temp
2013-09-08 19:40 . 2013-09-08 19:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-08 19:40 . 2013-09-08 19:40 -------- d-----w- c:\users\AppData\AppData\Local\temp
2013-09-08 16:00 . 2013-09-08 16:00 -------- d-----w- c:\program files (x86)\ConvertHelper
2013-09-08 06:24 . 2013-09-08 06:24 119808 ----a-r- c:\users\doug\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2013-09-08 06:12 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3DE85584-98F4-43CC-A37C-56526BAB3EC3}\mpengine.dll
2013-09-07 00:02 . 2013-09-07 00:07 -------- d-----w- c:\program files (x86)\KeePass Password Safe
2013-09-06 23:57 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-06 23:20 . 2013-09-06 23:46 -------- d-----w- c:\program files (x86)\KeePass Password Safe 2
2013-09-05 21:45 . 2013-09-05 21:41 965008 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5D26914A-9449-4EAD-A67D-247F900B5C43}\gapaengine.dll
2013-09-03 20:38 . 2013-09-05 16:05 -------- d-----w- c:\program files (x86)\WhatsRunning
2013-09-03 20:29 . 2013-09-03 20:29 -------- d-----w- c:\users\doug\AppData\Roaming\SUPERAntiSpyware.com
2013-09-03 04:22 . 2013-09-03 04:22 -------- d-----w- c:\programdata\Epubsoft
2013-09-03 04:21 . 2013-09-03 04:21 -------- d-----w- c:\program files (x86)\EPUBSOFT
2013-09-03 01:38 . 2013-09-03 01:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-03 01:38 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-30 22:44 . 2013-08-30 22:44 -------- d-----w- c:\program files (x86)\ESET
2013-08-29 23:23 . 2013-08-29 23:23 -------- d-----w- c:\windows\ERUNT
2013-08-29 00:54 . 2013-09-03 01:27 -------- d-----w- C:\AdwCleaner
2013-08-28 18:48 . 2013-08-28 18:48 -------- d-----w- c:\users\doug\AppData\Roaming\webex
2013-08-28 18:46 . 2013-08-28 18:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-28 15:15 . 2013-08-02 14:06 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-28 15:15 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-08-25 19:51 . 2013-08-25 19:51 -------- d-----w- c:\users\doug\{fae33a4d-6b95-46a1-a648-2d889c683668}
2013-08-25 17:21 . 2013-09-08 19:21 -------- d-----w- c:\users\doug\AppData\Local\GC
2013-08-25 17:21 . 2013-08-25 17:23 -------- d-----w- c:\program files (x86)\GC
2013-08-15 20:42 . 2013-08-15 20:43 -------- d-----w- c:\program files\jEdit
2013-08-15 20:38 . 2013-08-15 20:38 -------- d-----w- c:\users\doug\AppData\Roaming\KDE
2013-08-15 20:38 . 2013-08-15 20:38 -------- d-----w- c:\programdata\KDE
2013-08-14 13:58 . 2013-07-25 02:25 104448 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-08-14 13:58 . 2013-07-25 02:25 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2013-08-14 13:58 . 2013-07-25 03:30 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2013-08-14 13:58 . 2013-07-25 02:25 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2013-08-14 13:58 . 2013-07-25 03:30 887808 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2013-08-14 13:58 . 2013-07-25 03:54 17830400 ----a-w- c:\windows\system32\mshtml.dll
2013-08-14 13:58 . 2013-07-25 03:35 10926080 ----a-w- c:\windows\system32\ieframe.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-28 18:45 . 2012-06-24 14:54 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-08-28 18:45 . 2010-05-16 18:32 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-23 12:08 . 2013-03-12 10:28 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-08-21 16:36 . 2012-04-13 14:55 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-21 16:36 . 2011-05-22 15:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-14 14:08 . 2006-11-02 12:35 78161360 ----a-w- c:\windows\system32\mrt.exe
2013-08-01 15:21 . 2013-08-01 15:21 57096 ----a-w- c:\windows\system32\certsentry.dll
2013-08-01 15:21 . 2013-08-01 15:21 48392 ----a-w- c:\windows\SysWow64\certsentry.dll
2013-08-01 15:21 . 2013-08-01 15:21 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-07-08 04:16 . 2013-08-14 01:00 43008 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-07 02:47 . 2013-07-07 01:56 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-07-07 02:01 . 2013-07-07 02:01 53248 ----a-r- c:\users\doug\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-07-05 23:46 . 2013-07-05 23:46 47496 ----a-w- c:\windows\system32\sbbd.exe
2013-07-05 23:46 . 2013-07-05 23:46 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-06-21 00:07 . 2013-08-03 06:34 203672 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-06-21 00:07 . 2013-08-03 06:34 103448 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-06-19 01:50 . 2013-06-19 01:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-19 01:50 . 2012-08-31 03:03 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-11 15:58 . 2013-06-11 15:58 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-11 15:58 . 2013-06-11 21:46 311200 ----a-w- c:\windows\system32\javaws.exe
2013-06-11 15:58 . 2013-06-11 21:46 188832 ----a-w- c:\windows\system32\javaw.exe
2013-06-11 15:58 . 2013-06-11 21:46 188320 ----a-w- c:\windows\system32\java.exe
2013-06-11 15:58 . 2012-09-24 20:34 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-11 15:58 . 2012-09-24 20:34 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 495616]
"Pidgin"="c:\program files (x86)\Pidgin\pidgin.exe" [2012-07-06 49321]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"KeePass Password Safe"="c:\program files (x86)\KeePass Password Safe\KeePass.exe" [2013-07-12 2074112]
"SansaDispatch"="c:\users\doug\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2013-07-29 613888]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LchDrvKey"="LchDrvKey.exe" [2007-03-29 36864]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2013-07-20 2010624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 00:25 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 16:36]
.
2013-09-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1499011048-2565338764-885293594-1000Core.job
- c:\users\doug\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-25 04:19]
.
2013-09-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1499011048-2565338764-885293594-1000UA.job
- c:\users\doug\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-25 04:19]
.
2013-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-21 02:04]
.
2013-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-21 02:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-21 1356240]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
LSP: %windir%\system32\vsocklib.dll
Trusted Zone: google.com\mail
TCP: Interfaces\{69DE6067-93A0-4FFF-AD69-C6EE7006F35F}: NameServer = 8.8.8.8,8.8.4.4
DPF: {EBF1BFCB-F60B-4DCB-9C96-E53C543CB645} - hxxp://www.ivienterprise.com:8080/qcbin/ALM-Platform-Loader.11.cab
FF - ProfilePath - c:\users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\
FF - prefs.js: browser.search.selectedEngine - Urban Dictionary
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-07-08 20:14; [email protected]; c:\users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\extensions\[email protected]
FF - ExtSQL: 2013-07-10 20:43; [email protected]; c:\users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\extensions\[email protected]
FF - ExtSQL: 2013-07-12 23:46; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-08-17 00:32; *Blocked Russian URL*; *Blocked Russian URL*.xpi
FF - ExtSQL: 2013-08-26 18:15; [email protected]; c:\users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\extensions\[email protected]
FF - ExtSQL: 2013-08-29 09:44; {64161300-e22b-11db-8314-0800200c9a66}; c:\users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF - ExtSQL: 2013-09-06 13:06; [email protected]; c:\users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\drledbvc.default-1363375022659\extensions\[email protected]
.
.
------- File Associations -------
.
.txt=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Freecorder4.1 - c:\windows\Freecorder\uninstall.exe
AddRemove-Software Informer_is1 - c:\program files (x86)\Software Informer\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-09-08 15:45:43
ComboFix-quarantined-files.txt 2013-09-08 19:45
ComboFix2.txt 2013-09-08 04:43
ComboFix3.txt 2013-08-30 01:20
ComboFix4.txt 2012-12-24 21:48
.
Pre-Run: 292,035,256,320 bytes free
Post-Run: 292,014,505,984 bytes free
.
- - End Of File - - C1280B2869062A7C4AA98C3A1CC9E67C
B751AF1ACDDD7A1A71313731839F4ECB
-
Farbar Service Scanner Version: 05-09-2013
Ran by doug (administrator) on 08-09-2013 at 16:11:18
Running from "C:\Users\doug\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-09-17 19:45] - [2009-04-11 03:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7
C:\Windows\System32\drivers\afd.sys
[2012-02-16 00:42] - [2012-01-03 10:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-08-13 21:00] - [2013-07-04 23:58] - 1417664 ____A (Microsoft Corporation) EA8623BDD511A1ACD18DA4883860ADDE
C:\Windows\System32\dnsrslvr.dll
[2011-04-15 14:02] - [2011-03-02 12:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-09-17 19:47] - [2009-04-11 03:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF
**** End of log ****
-
Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx (http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
Attach the file to your next reply.
-
Process CPU Private Bytes Working Set PID Description Company Name Command Line
System Idle Process 23.28 0 K 24 K 0
System 0.75 0 K 55,732 K 4
Interrupts 0.38 0 K 0 K n/a Hardware Interrupts and DPCs
smss.exe 580 K 1,092 K 448
csrss.exe 3,160 K 7,324 K 544
wininit.exe 1,960 K 5,296 K 632
services.exe 0.38 3,932 K 8,872 K 688
svchost.exe 29.33 5,204 K 9,204 K 864 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k DcomLaunch
mobsync.exe 8,928 K 9,536 K 4196 Microsoft Sync Center Microsoft Corporation C:\Windows\System32\mobsync.exe -Embedding
wmplayer.exe 1.13 33,968 K 46,216 K 4476 Windows Media Player Microsoft Corporation "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /SkipFUE /RemoteOCXLaunch /SuppressDialogs
svchost.exe 5,532 K 9,188 K 924 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k rpcss
MsMpEng.exe 0.75 79,076 K 81,692 K 976 Antimalware Service Executable Microsoft Corporation "c:\Program Files\Microsoft Security Client\MsMpEng.exe"
atiesrxx.exe 1,824 K 4,472 K 132 AMD External Events Service Module AMD C:\Windows\system32\atiesrxx.exe
atieclxx.exe 3,720 K 6,528 K 1912
svchost.exe 21,348 K 20,420 K 680 Host Process for Windows Services Microsoft Corporation C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
audiodg.exe 13,400 K 16,208 K 1076
svchost.exe 2.63 224,296 K 229,760 K 908 Host Process for Windows Services Microsoft Corporation C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
WUDFHost.exe 6,352 K 10,044 K 1292
WUDFHost.exe 5,396 K 10,868 K 3216
dwm.exe 1,888 K 4,768 K 3968 Desktop Window Manager Microsoft Corporation "C:\Windows\system32\Dwm.exe"
svchost.exe 29,100 K 41,940 K 644 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k netsvcs
taskeng.exe 3,108 K 7,768 K 2036
taskeng.exe 11,224 K 13,156 K 3792 Task Scheduler Engine Microsoft Corporation taskeng.exe {7B7A3079-ACFA-41BD-9913-81B9B023BF8E}
wuauclt.exe 3,400 K 6,680 K 5316 Windows Update Microsoft Corporation "C:\Windows\system32\wuauclt.exe"
taskeng.exe 2,296 K 5,788 K 480 Task Scheduler Engine Microsoft Corporation taskeng.exe {ADAFDA34-10D5-428E-8D05-264F4AEA0B69}
runner.exe 4,404 K 9,052 K 6836 WebStroller runner module WebStroller inc. "C:\Program Files (x86)\GC\Runner.exe"
chrome.exe 0.75 37,636 K 50,732 K 6888 Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --user-data-dir=C:\Users\doug\AppData\Local\GC\Horsy
chrome.exe 0.38 26,320 K 34,624 K 2344 Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prerender/PrerenderEnabled/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_43/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --user-data-dir="C:\Users\doug\AppData\Local\GC\Horsy" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6888.0.2066690245\1669816675" /prefetch:673131151
chrome.exe < 0.01 23,664 K 21,452 K 6812 Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prerender/PrerenderEnabled/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_43/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --user-data-dir="C:\Users\doug\AppData\Local\GC\Horsy" --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6888.1.435594069\265044850" /prefetch:673131151
chrome.exe 8,220 K 10,664 K 6396 Google Chrome Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\doug\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin/convenience.dll" --lang=en-US --channel="6888.9.1660304995\784124598" --user-data-dir="C:\Users\doug\AppData\Local\GC\Horsy" /prefetch:-390060480
Clicker.exe < 0.01 3,756 K 6,796 K 2540 WebStroller Stroller module WebStroller Clicker.exe
svchost.exe 3,084 K 6,668 K 1100 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k GPSvcGroup
SLsvc.exe 9,184 K 14,232 K 1116 Microsoft Software Licensing Service Microsoft Corporation C:\Windows\system32\SLsvc.exe
svchost.exe 12,532 K 19,900 K 1172 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k LocalService
svchost.exe 21,416 K 22,792 K 1356 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k NetworkService
spoolsv.exe 8,456 K 14,064 K 1588 Spooler SubSystem App Microsoft Corporation C:\Windows\System32\spoolsv.exe
svchost.exe 26,720 K 31,256 K 1612 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
PhotoshopElementsFileAgent.exe 4,612 K 1,292 K 2028 Adobe Photoshop Elements 7.0 (component) Adobe Systems Incorporated C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
armsvc.exe 3,052 K 5,932 K 1896 Adobe Acrobat Update Service Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
Fuel.Service.exe 2,508 K 6,524 K 956 AMD Fuel Service Advanced Micro Devices, Inc. C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService
AppleMobileDeviceService.exe 5,012 K 10,912 K 1212 MobileDeviceService Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
mDNSResponder.exe 2,752 K 6,040 K 1464 Bonjour Service Apple Inc. "C:\Program Files\Bonjour\mDNSResponder.exe"
BrowserDefender.exe 3,852 K 7,488 K 1428 Application Manager PerformerSoft LLC C:\ProgramData\BrowserDefender\2.6.1562.221\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
BrowserDefender.exe 0.38 9,620 K 13,556 K 3512
cygrunsrv.exe 7,688 K 8,664 K 2016 C:\cygwin\bin\cygrunsrv.exe
dragon_updater.exe 4,844 K 10,884 K 2088 C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
ETService.exe 31,064 K 20,392 K 2196 Acer Empowering Technology Framework Service C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
LMIGuardianSvc.exe 2,716 K 6,668 K 2280 LMIGuardianSvc LogMeIn, Inc. "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
mbamscheduler.exe 4,852 K 9,176 K 2448 Malwarebytes Anti-Malware Malwarebytes Corporation "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
sqlservr.exe 60,820 K 1,476 K 2504 SQL Server Windows NT Microsoft Corporation "c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
svchost.exe 3,416 K 7,332 K 2576 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
sqlwriter.exe 4,624 K 9,196 K 2684 SQL Server VSS Writer - 64 Bit Microsoft Corporation "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
svchost.exe 4.89 7,156 K 10,612 K 2744 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k imgsvc
updateBrowseFox.exe 28,332 K 26,304 K 2828 BrowseFox BrowseFox "C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe"
vmnat.exe 4,176 K 7,760 K 2984 C:\Windows\system32\vmnat.exe
svchost.exe 1,496 K 3,420 K 3032 Host Process for Windows Services Microsoft Corporation C:\Windows\System32\svchost.exe -k WerSvcGroup
SearchIndexer.exe 0.75 191,468 K 141,972 K 2108 Microsoft Windows Search Indexer Microsoft Corporation C:\Windows\system32\SearchIndexer.exe /Embedding
SearchProtocolHost.exe 7,652 K 12,916 K 6436
SearchFilterHost.exe 4,716 K 8,732 K 6388
XAudio64.exe 1,664 K 3,448 K 2544 Modem Audio Service Conexant Systems, Inc. C:\Windows\system32\DRIVERS\xaudio64.exe
rundll32.exe 0.38 5,572 K 7,956 K 2608 RUNDLL32.EXE ykx64coinst,serviceStartProc
vmware-authd.exe 7,852 K 11,924 K 3112 VMware Authorization Service VMware, Inc. "C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
vmnetdhcp.exe 3,712 K 7,076 K 3312 C:\Windows\system32\vmnetdhcp.exe
vmware-usbarbitrator64.exe 5,984 K 8,412 K 3376 VMware USB Arbitration Service VMware, Inc. "C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
NisSrv.exe 9,920 K 4,648 K 4056 Microsoft Network Realtime Inspection Service Microsoft Corporation "c:\Program Files\Microsoft Security Client\NisSrv.exe"
wmpnetwk.exe 8,572 K 15,532 K 4520 Windows Media Player Network Sharing Service Microsoft Corporation "C:\Program Files\Windows Media Player\wmpnetwk.exe"
svchost.exe 2,984 K 59,448 K 1344 Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
lsass.exe 5,548 K 4,556 K 700 Local Security Authority Process Microsoft Corporation C:\Windows\system32\lsass.exe
lsm.exe 3,412 K 5,668 K 708
csrss.exe 23,832 K 25,064 K 652
winlogon.exe 3,336 K 7,968 K 520
cygserver.exe 5,368 K 4,548 K 2116
explorer.exe 4.14 67,584 K 85,976 K 240 Windows Explorer Microsoft Corporation C:\Windows\Explorer.EXE
msseces.exe 8,812 K 15,012 K 4020 Microsoft Security Client User Interface Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
SetPoint.exe < 0.01 9,664 K 20,076 K 4012 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. "C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
KHALMNPR.exe < 0.01 7,596 K 12,892 K 2628 Logitech KHAL Main Process Logitech, Inc. KHALMNPR.EXE /API
TSVNCache.exe < 0.01 4,208 K 7,212 K 3884 TortoiseSVN status cache http://tortoisesvn.net "C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
PrintScreen.exe 4,044 K 12,824 K 2708 Gadwin PrintScreen Gadwin Systems, Inc "C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
splwow64.exe 2,128 K 5,024 K 4336 Thunking Spooler APIS from 32 to 64 Process Microsoft Corporation splwow64
pidgin.exe 16,536 K 28,072 K 1484 Pidgin The Pidgin developer community "C:\Program Files (x86)\Pidgin\pidgin.exe"
Skype.exe 0.75 90,196 K 92,008 K 1640 Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
KeePass.exe < 0.01 7,792 K 18,228 K 2024 KeePass Password Safe 1.26 Dominik Reichl "C:\Program Files (x86)\KeePass Password Safe\KeePass.exe"
wmpnscfg.exe 2,492 K 6,524 K 3896 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation "C:\Program Files\Windows Media Player\wmpnscfg.exe"
SansaDispatch.exe 5,716 K 8,944 K 4236 Sansa Dispatcher SanDisk Corporation "C:\Users\doug\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe"
Kies.exe 0.38 26,572 K 29,620 K 4244 Kies Samsung "C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
firefox.exe < 0.01 354,296 K 361,328 K 2228 Firefox Mozilla Corporation "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
dragon.exe < 0.01 100,556 K 125,660 K 5124 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe"
dragon.exe < 0.01 104,304 K 108,580 K 4780 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --disable-databases --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --disable-html-notifications --disable-accelerated-video-decode --channel="5124.0.1751541116\1067586024" /prefetch:673131151
dragon.exe 23,884 K 28,124 K 4556 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.1.1555051201\492569239" /prefetch:673131151
dragon.exe 23,932 K 27,972 K 4052 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.2.335876265\322448858" /prefetch:673131151
dragon.exe 30,008 K 36,252 K 2704 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.3.1012085665\1144532263" /prefetch:673131151
dragon.exe 23,944 K 28,004 K 5496 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.4.380300272\369878127" /prefetch:673131151
dragon.exe 23,752 K 27,260 K 3436 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.5.481272259\695965767" /prefetch:673131151
dragon.exe 25,512 K 30,928 K 4856 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.6.1860942155\79941906" /prefetch:673131151
dragon.exe 23,800 K 27,220 K 6092 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.7.134441649\12151953" /prefetch:673131151
dragon.exe 63,772 K 69,768 K 4808 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.8.1688867690\110531675" /prefetch:673131151
dragon.exe 23,948 K 27,580 K 4392 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.9.586991473\168513548" /prefetch:673131151
dragon.exe 25,396 K 29,948 K 4692 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.10.365712874\644138465" /prefetch:673131151
dragon.exe 25,340 K 30,960 K 3848 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --disable-html-notifications --disable-accelerated-video-decode --channel="5124.11.151482321\1251338912" /prefetch:673131151
dragon.exe 58,504 K 67,648 K 6448 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --disable-databases --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --disable-html-notifications --disable-accelerated-video-decode --channel="5124.13.73542365\850066563" /prefetch:673131151
dragon.exe < 0.01 62,824 K 75,684 K 5624 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --disable-databases --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --disable-html-notifications --disable-accelerated-video-decode --channel="5124.19.1330728909\1442621807" /prefetch:673131151
dragon.exe < 0.01 37,252 K 40,920 K 6328 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --lang=en-US --channel="5124.23.329830406\1095823025" /prefetch:-390060480
dragon.exe 22,332 K 28,232 K 6584 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --disable-databases --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --disable-html-notifications --disable-accelerated-video-decode --channel="5124.24.1835325372\895175932" /prefetch:673131151
dragon.exe < 0.01 8,480 K 14,088 K 6692 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll" --lang=en-US --channel="5124.25.1151867093\1250965280" /prefetch:-390060480
AcroRd32.exe < 0.01 8,144 K 14,368 K 1900 Adobe Reader Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" /o /eo /l /b /id 6692
AcroRd32.exe < 0.01 59,908 K 67,528 K 5552 Adobe Reader Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" --channel=1900.0037F6A0.887128957 --type=renderer /o /eo /l /b /id 6692
dragon.exe < 0.01 59,368 K 68,148 K 3720 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --disable-databases --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --disable-html-notifications --disable-accelerated-video-decode --channel="5124.26.807157130\140228043" /prefetch:673131151
dragon.exe < 0.01 40,816 K 50,608 K 5464 Comodo Dragon Comodo "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --disable-databases --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderNoUse/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --disable-html-notifications --disable-accelerated-video-decode --channel="5124.28.459245070\1791278822" /prefetch:673131151
notepad++.exe < 0.01 17,076 K 23,564 K 6204 Notepad++ : a free (GNU) source code editor Don HO [email protected] "C:\Program Files (x86)\Notepad++\notepad++.exe"
7zFM.exe < 0.01 8,300 K 15,336 K 6896 7-Zip File Manager Igor Pavlov "C:\Program Files (x86)\7-Zip\7zFM.exe" "C:\Users\doug\Desktop\ProcessExplorer.zip"
procexp.exe 6,324 K 10,496 K 2416 Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Users\doug\Desktop\procexp.exe"
procexp64.exe 2.26 24,328 K 36,476 K 2020 Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Users\doug\Desktop\procexp.exe"
KiesTrayAgent.exe 8,404 K 17,148 K 4432 Kies TrayAgent Application Samsung Electronics Co., Ltd. "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
jusched.exe 3,436 K 6,576 K 4504 Java(TM) Update Scheduler Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
KeePass.exe 26.33 28,748 K 21,600 K 4660 KeePass Dominik Reichl "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mHotkey.exe < 0.01 8,944 K 10,492 K 4992 Multimedia Keyboard Driver C:\Windows\MHotkey.exe
ChiFuncExt.exe 3,292 K 6,224 K 4300 Input Assistant Software Kernel Chicony C:\Windows\ChiFuncExt.exe
TSVNCache.exe 3,784 K 7,040 K 5440
MpCmdRun.exe 4,876 K 9,220 K 6012
[recovering disk space, attachment deleted by admin]
-
Dave I had to bail out on this and do an reinstall this morning. The thing was beginning to bog down so badly it barely worked. Thanks for your help and sorry for wasting your time.
-
Dave I had to bail out on this and do an reinstall this morning. The thing was beginning to bog down so badly it barely worked. Thanks for your help and sorry for wasting your time.
Hey, no problem. It was a learning experience for you and I. Good luck.