Solved Need help removing viruses

[Yellow77]

I recently downloaded a file and susequently infected with Win32/Sirefef.AB and Win64/Sirefef.P. Any help would be appreciated with this issue. What do I need to post to help solve this problem?

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running tools or applying updates other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[Yellow77]

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.15.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
LucasLAP :: LUCASLAP-PC [administrator]

Protection: Enabled

15/06/2012 5:43:49 PM
mbam-log-2012-06-15 (17-43-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208154
Time elapsed: 4 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\LucasLAP\AppData\Local\Temp\nsn477E.tmp (PUP.BundleInstaller.BI) -> Quarantined and deleted successfully.
C:\Users\LucasLAP\Downloads\coretemp_1236.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\LucasLAP\Local Settings\Temporary Internet Files\Content.IE5\W1JAWKPM\bi_downloader[1].exe (PUP.BundleInstaller.BI) -> Quarantined and deleted successfully.
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

(end)

 

[Yellow77]

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by LucasLAP at 17:48:07 on 2012-06-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.7654.5305 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\WBVista.exe
C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\WindowFXSRV.exe
C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\WFX32.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\wltrysvc.exe
C:\Windows\SysWOW64\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Soluto\SolutoService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\wfx64.exe
C:\Program Files\Soluto\soluto.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\RK Launcher\RKLauncher.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\XWidget\xwidget.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files (x86)\RescueTime\RescueTime.exe
C:\Users\LucasLAP\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Windows\SysWOW64\WLTRAY.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\LucasLAP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\LucasLAP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\LucasLAP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\LucasLAP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Users\LucasLAP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\LucasLAP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Dolby PCEE4\pcee4.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\LucasLAP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Users\LucasLAP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\LucasLAP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [RK Launcher] "C:\Program Files (x86)\RK Launcher\RKLauncher.exe"
uRun: [AdobeBridge]
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [XWidget] C:\Program Files (x86)\XWidget\xwidget.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [<NO NAME>]
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\LucasLAP\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\LucasLAP\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\LucasLAP\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RESCUE~1.LNK - C:\Program Files (x86)\RescueTime\RescueTime.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: mswsock.dll
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4C9870A3-B106-4D87-AD4B-B23E14C14A81} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4C9870A3-B106-4D87-AD4B-B23E14C14A81}\3597374756D63323D36596275737 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{4C9870A3-B106-4D87-AD4B-B23E14C14A81}\C457B6563702E4564777F627B6 : DhcpNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO-X64: AMD SteadyVideo BHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
mRun-x64: [(Default)]
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
SSODL-X64: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 Soluto;Soluto;C:\Windows\system32\DRIVERS\Soluto.sys --> C:\Windows\system32\DRIVERS\Soluto.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-15 654408]
R2 OS Selector;Acronis OS Selector activator;C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-5-25 2139400]
R2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2012-4-24 584224]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-4-3 2666880]
R2 WindowFX;Stardock WindowFX;C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\WindowFXSRV.exe [2011-4-11 185648]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S1 bprmpejk;bprmpejk;\??\C:\Windows\system32\drivers\bprmpejk.sys --> C:\Windows\system32\drivers\bprmpejk.sys [?]
S1 dwyphkat;dwyphkat;\??\C:\Windows\system32\drivers\dwyphkat.sys --> C:\Windows\system32\drivers\dwyphkat.sys [?]
S1 gfhhaify;gfhhaify;\??\C:\Windows\system32\drivers\gfhhaify.sys --> C:\Windows\system32\drivers\gfhhaify.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\system32\DRIVERS\ladfGSCamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSCamd64.sys [?]
S3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\system32\DRIVERS\ladfGSRamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSRamd64.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
SUnknown jmgnxuxn;jmgnxuxn; [x]
SUnknown prfrxhis;prfrxhis; [x]
SUnknown xsxltthp;xsxltthp; [x]
.
=============== Created Last 30 ================
.
2012-06-15 21:31:0150000----a-w-C:\Windows\System32\drivers\bprmpejk.sys
2012-06-15 21:25:0150000----a-w-C:\Windows\System32\drivers\gfhhaify.sys
2012-06-15 21:24:4969000----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{124468BC-E3CB-4D6F-ADBF-6ABF30563AFF}\offreg.dll
2012-06-15 21:24:008955792----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{124468BC-E3CB-4D6F-ADBF-6ABF30563AFF}\mpengine.dll
2012-06-15 21:06:08--------d-----w-C:\Users\LucasLAP\AppData\Roaming\Malwarebytes
2012-06-15 21:05:55--------d-----w-C:\ProgramData\Malwarebytes
2012-06-15 21:05:5324904----a-w-C:\Windows\System32\drivers\mbam.sys
2012-06-15 21:05:53--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-15 20:34:5150000----a-w-C:\Windows\System32\drivers\dwyphkat.sys
2012-06-15 14:42:39--------d-sh--w-C:\Windows\SysWow64\%APPDATA%
2012-06-15 11:39:52--------d-----w-C:\Program Files (x86)\Perfect World Entertainment
2012-06-15 11:38:31--------d-----w-C:\Program Files (x86)\NVIDIA Corporation
2012-06-15 11:37:1776888----a-w-C:\Windows\SysWow64\PnkBstrA.exe
2012-06-15 11:37:17189248----a-w-C:\Windows\SysWow64\PnkBstrB.exe
2012-06-15 11:37:17189248----a-w-C:\Windows\SysWow64\PnkBstrB.ex0
2012-06-15 11:37:163130440----a-w-C:\Windows\SysWow64\pbsvc_blr.exe
2012-06-15 02:09:0950000----a-w-C:\Windows\System32\drivers\renhhncu.sys
2012-06-15 00:33:33--------d-----w-C:\Program Files (x86)\Disney Interactive Studios
2012-06-14 22:37:198955792------w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-13 07:41:48927800------w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-06-13 07:41:48927800------w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3F37C43-70F0-4B5B-9EDE-288D1BC54D23}\gapaengine.dll
2012-06-12 19:30:219216----a-w-C:\Windows\System32\rdrmemptylst.exe
2012-06-12 19:29:59210944----a-w-C:\Windows\System32\drivers\rdpwd.sys
2012-06-07 12:20:54419488----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-04 04:20:04--------d-----w-C:\Users\LucasLAP\AppData\Local\Evernote
2012-06-04 04:19:52--------d-----w-C:\Program Files (x86)\Evernote
2012-06-03 21:19:46159744----a-w-C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-06-03 21:19:46159744----a-w-C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-06-03 21:19:46159744----a-w-C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-06-03 21:19:46159744----a-w-C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-06-03 21:19:46159744----a-w-C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-06-03 21:19:46159744----a-w-C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-06-03 21:19:46159744----a-w-C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-06-03 04:16:04--------d-----w-C:\Program Files (x86)\WinPcap
2012-05-29 12:48:40955848----a-w-C:\Windows\System32\npDeployJava1.dll
2012-05-29 12:48:40839112----a-w-C:\Windows\System32\deployJava1.dll
2012-05-26 02:14:5764000----a-w-C:\Windows\System32\Spool\prtprocs\x64\LMABKC4C.DLL
2012-05-19 11:34:12--------d-----w-C:\Users\LucasLAP\AppData\Roaming\.minecraft
2012-05-17 13:06:35--------d-----w-C:\Users\LucasLAP\AppData\Roaming\digipen
2012-05-17 13:06:35--------d-----w-C:\Users\LucasLAP\AppData\Local\digipen
2012-05-17 01:00:22--------d-----w-C:\Users\LucasLAP\AppData\Local\Logitech
2012-05-17 00:59:52--------d-----w-C:\Program Files\Logitech Gaming Software
.
==================== Find3M ====================
.
2012-06-07 12:20:5470304----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-18 02:06:482311680----a-w-C:\Windows\System32\jscript9.dll
2012-05-18 01:59:141392128----a-w-C:\Windows\System32\wininet.dll
2012-05-18 01:58:391494528----a-w-C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22173056----a-w-C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:302382848----a-w-C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:371800192----a-w-C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:471129472----a-w-C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:391427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:452382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2012-05-15 01:32:333146752----a-w-C:\Windows\System32\win32k.sys
2012-05-04 11:06:225559664----a-w-C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:533968368----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:503913072----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20209920----a-w-C:\Windows\System32\profsvc.dll
2012-04-30 11:22:5482240----a-w-C:\Windows\System32\KLWindowsCredentialsProvider.dll
2012-04-29 03:28:0717801----a-w-C:\Windows\SysWow64\drivers\AegisP.sys
2012-04-28 19:32:143584----a-w-C:\Windows\System32\RemoveFocusRect.dll
2012-04-26 05:41:5677312----a-w-C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55149504----a-w-C:\Windows\System32\rdpcorekmts.dll
2012-04-24 21:13:2454728----a-w-C:\Windows\System32\drivers\Soluto.sys
2012-04-24 05:37:37184320----a-w-C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37140288----a-w-C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:361462272----a-w-C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42140288----a-w-C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:421158656----a-w-C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42103936----a-w-C:\Windows\SysWow64\cryptnet.dll
2012-04-19 00:56:3094208----a-w-C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56:3069632----a-w-C:\Windows\SysWow64\QuickTime.qts
2012-04-07 12:31:403216384----a-w-C:\Windows\System32\msi.dll
2012-04-07 11:26:292342400----a-w-C:\Windows\SysWow64\msi.dll
2012-03-30 11:35:471918320----a-w-C:\Windows\System32\drivers\tcpip.sys
2012-03-21 00:44:1298688----a-w-C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-21 00:44:12203888----a-w-C:\Windows\System32\drivers\MpFilter.sys
.
============= FINISH: 17:51:46.50 ===============

 

[Yellow77]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/02/2012 3:23:05 AM
System Uptime: 15/06/2012 4:33:13 PM (1 hours ago)
.
Motherboard: Acer | | Aspire 5560
Processor: AMD A8-3520M APU with Radeon(tm) HD Graphics | Socket FS1 | 1600/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 683 GiB total, 270.084 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: PCI\VEN_14E4&DEV_16BF&SUBSYS_06051025&REV_10\4&3F78A9A&0&0320
Manufacturer:
Name:
PNP Device ID: PCI\VEN_14E4&DEV_16BF&SUBSYS_06051025&REV_10\4&3F78A9A&0&0320
Service:
.
Class GUID:
Description:
Device ID: PCI\VEN_14E4&DEV_16BE&SUBSYS_06051025&REV_10\4&3F78A9A&0&0220
Manufacturer:
Name:
PNP Device ID: PCI\VEN_14E4&DEV_16BE&SUBSYS_06051025&REV_10\4&3F78A9A&0&0220
Service:
.
==== System Restore Points ===================
.
RP101: 14/06/2012 8:33:37 PM - Installed Split/Second
RP102: 15/06/2012 7:34:44 AM - Installed DirectX
RP104: 15/06/2012 7:37:50 AM - Installed NVIDIA PhysX
RP105: 15/06/2012 7:39:55 AM - Installed Blacklight Retribution
RP107: 15/06/2012 3:30:00 PM - Microsoft Antimalware Checkpoint
.
==== Installed Programs ======================
.
.
Acer Crystal Eye Webcam
Acronis Disk Director Home
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe After Effects CS5.5 Third Party Content
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Creative Suite 5.5 Master Collection
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.0) MUI
Adobe Reader X (10.1.1)
Adobe Story
AMD VISION Engine Control Center
Apple Application Support
Apple Software Update
ASIO4ALL
µTorrent
Blacklight Retribution
Broadcom 802.11 Network Adapter
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Multiplayer
Canon Utilities EOS Utility
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
D3DX10
DAEMON Tools Pro
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DiRT 3
Dolby Advanced Audio v2
Dropbox
EasyBCD 2.1.2
eReg
Evernote v. 4.5.6
Fences Pro
FL Studio 10
G-Force
Galerie de photos Windows Live
Google Chrome
Icecream Sandwich Skin Pack 3.0-X64
IconPackager
IL Download Manager
Junk Mail filter update
LogonStudio
Malwarebytes Anti-Malware version 1.61.0.1400
Mesh Runtime
Microsoft AppLocale
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mirror's Edge
MSVCRT
MSVCRT_amd64
MyWinLocker Suite
newsXpresso
Nitronic Rush (2012-03-03) version 20120303.0
NVIDIA PhysX
OpenAL
PDF Settings CS5
PolarClock3 Screen Saver
Portal
PunkBuster Services
QuickTime
Rainmeter
Rapture3D 2.4.8 Game
Realtek High Definition Audio Driver
RescueTime 2.5.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Shredder
SkinStudio 7
Skype™ 5.8
SoundPackager
Split/Second
Steam
Supreme Commander 2
Team Fortress 2
TeamViewer 7
Theme Manager
Tom Clancy's Splinter Cell: Conviction
Tweak7
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VirtualDJ PRO Full
VLC media player 1.1.11
WindowFX
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.2
WinRAR archiver
World of Tanks
XWidget Ver1.32
.
==== Event Viewer Messages From Past Week ========
.
14/06/2012 8:23:10 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:ASX/Wimad.CN&threatid=2147628568 Name: TrojanDownloader:ASX/Wimad.CN ID: 2147628568 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\LucasLAP\Downloads\Battleship 2012 DVDRip\Battleship 2012 DVDRip.avi;file:_C:\Users\LucasLAP\Downloads\Battleship 2012 DVDRip\Battleship 2012 DVDRip.avi->(ASF_Script_Commands) Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Windows\System32\SearchProtocolHost.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070020 Error description: The process cannot access the file because it is being used by another process. Signature Version: AV: 1.127.2024.0, AS: 1.127.2024.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0
14/06/2012 11:29:06 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
12/06/2012 7:32:42 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{4C9870A3-B106-4D87-AD4B-B23E14C14A81} because another computer on the network has the same name. The server could not start.
12/06/2012 7:30:08 PM, Error: BridgeMP [14702] - Bridge [Adapter Broadcom 802.11n Network Adapter]: The bridge could not modify the network adapter's packet filter. The network adapter will not function correctly.
.
==== End Of File ===========================

 

[Broni]

I still need GMER log.

 

[Yellow77]

GMER did not produe a log with any information in it. I didnt post it because there was nothing there

 

[Broni]

Well, in that case you have to let me know.
I'm not there

Download Bootkit Remover to your desktop.

• Unzip downloaded file to your Desktop.
• Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
• It will show a Black screen with some data on it.
• Right click on the screen and click Select All.
• Press CTRL+C
• Open a Notepad and press CTRL+V
• Post the output back here.

==================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

[Yellow77]

The bootkit remover has made a debug log, shall I post that also?
aswMBR crashes while running the scan, I am unable to save a log from it.
-------
Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601)
, 64-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000003`ee500000

Size Device Name MBR Status
--------------------------------------------
698 GB \\.\PhysicalDrive0 Controlled by rootkit!

Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]


Done;
Press any key to quit...

 

[Broni]

Download TDSSKiller and save it to your desktop.

• Extract (unzip) its contents to your desktop.
• Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[Yellow77]

11:42:16.0472 5636TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
11:42:16.0844 5636============================================================
11:42:16.0845 5636Current date / time: 2012/06/16 11:42:16.0844
11:42:16.0845 5636SystemInfo:
11:42:16.0845 5636
11:42:16.0845 5636OS Version: 6.1.7601 ServicePack: 1.0
11:42:16.0845 5636Product type: Workstation
11:42:16.0845 5636ComputerName: LUCASLAP-PC
11:42:16.0845 5636UserName: LucasLAP
11:42:16.0845 5636Windows directory: C:\Windows
11:42:16.0845 5636System windows directory: C:\Windows
11:42:16.0845 5636Running under WOW64
11:42:16.0845 5636Processor architecture: Intel x64
11:42:16.0845 5636Number of processors: 4
11:42:16.0845 5636Page size: 0x1000
11:42:16.0845 5636Boot type: Normal boot
11:42:16.0845 5636============================================================
11:42:17.0621 5636Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:42:17.0717 5636============================================================
11:42:17.0717 5636\Device\Harddisk0\DR0:
11:42:17.0721 5636MBR partitions:
11:42:17.0721 5636\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F40800, BlocksNum 0x32000
11:42:17.0721 5636\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F72800, BlocksNum 0x555D2800
11:42:17.0721 5636============================================================
11:42:17.0747 5636C: <-> \Device\Harddisk0\DR0\Partition1
11:42:17.0747 5636============================================================
11:42:17.0747 5636Initialize success
11:42:17.0747 5636============================================================
11:42:42.0020 4324============================================================
11:42:42.0020 4324Scan started
11:42:42.0020 4324Mode: Manual;
11:42:42.0020 4324============================================================
11:42:42.0457 43241394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:42:42.0460 43241394ohci - ok
11:42:42.0537 4324ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:42:42.0551 4324ACPI - ok
11:42:42.0587 4324AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:42:42.0588 4324AcpiPmi - ok
11:42:42.0714 4324AdobeARMservice (11a52cf7b265631deeb24c6149309eff) c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:42:42.0715 4324AdobeARMservice - ok
11:42:42.0766 4324adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:42:42.0772 4324adp94xx - ok
11:42:42.0848 4324adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:42:42.0853 4324adpahci - ok
11:42:42.0898 4324adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:42:42.0909 4324adpu320 - ok
11:42:42.0983 4324AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:42:42.0984 4324AeLookupSvc - ok
11:42:43.0117 4324AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:42:43.0122 4324AFD - ok
11:42:43.0191 4324agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:42:43.0193 4324agp440 - ok
11:42:43.0236 4324ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:42:43.0237 4324ALG - ok
11:42:43.0276 4324aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:42:43.0278 4324aliide - ok
11:42:43.0353 4324ALSysIO - ok
11:42:43.0396 4324AMD External Events Utility (69435b13c11b27420eff135ef07e2545) C:\Windows\system32\atiesrxx.exe
11:42:43.0399 4324AMD External Events Utility - ok
11:42:43.0422 4324amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:42:43.0424 4324amdide - ok
11:42:43.0476 4324AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:42:43.0477 4324AmdK8 - ok
11:42:44.0061 4324amdkmdag (f55484c5b3a79f2514773a3747084fe0) C:\Windows\system32\DRIVERS\atikmdag.sys
11:42:44.0271 4324amdkmdag - ok
11:42:44.0405 4324amdkmdap (dee55afcbb41a340781b3c4a05ae90bd) C:\Windows\system32\DRIVERS\atikmpag.sys
11:42:44.0409 4324amdkmdap - ok
11:42:44.0452 4324AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:42:44.0453 4324AmdPPM - ok
11:42:44.0469 4324amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:42:44.0470 4324amdsata - ok
11:42:44.0490 4324amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:42:44.0492 4324amdsbs - ok
11:42:44.0512 4324amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:42:44.0513 4324amdxata - ok
11:42:44.0546 4324amd_sata (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
11:42:44.0547 4324amd_sata - ok
11:42:44.0645 4324amd_xata (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
11:42:44.0647 4324amd_xata - ok
11:42:44.0660 4324AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:42:44.0661 4324AppID - ok
11:42:44.0696 4324AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:42:44.0697 4324AppIDSvc - ok
11:42:44.0716 4324Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:42:44.0717 4324Appinfo - ok
11:42:44.0816 4324Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:42:44.0818 4324Apple Mobile Device - ok
11:42:44.0841 4324arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:42:44.0843 4324arc - ok
11:42:44.0862 4324arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:42:44.0864 4324arcsas - ok
11:42:45.0031 4324aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:42:45.0033 4324aspnet_state - ok
11:42:45.0100 4324AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:42:45.0102 4324AsyncMac - ok
11:42:45.0111 4324atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:42:45.0112 4324atapi - ok
11:42:45.0166 4324AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
11:42:45.0168 4324AtiHDAudioService - ok
11:42:45.0267 4324AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:42:45.0337 4324AudioEndpointBuilder - ok
11:42:45.0345 4324AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:42:45.0351 4324AudioSrv - ok
11:42:45.0401 4324AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:42:45.0402 4324AxInstSV - ok
11:42:45.0470 4324b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:42:45.0476 4324b06bdrv - ok
11:42:45.0529 4324b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:42:45.0533 4324b57nd60a - ok
11:42:45.0551 4324b57xdbd - ok
11:42:45.0559 4324b57xdmp - ok
11:42:45.0796 4324BCM43XX (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
11:42:45.0889 4324BCM43XX - ok
11:42:45.0995 4324BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:42:45.0996 4324BDESVC - ok
11:42:46.0077 4324Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:42:46.0077 4324Beep - ok
11:42:46.0125 4324BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:42:46.0203 4324BFE - ok
11:42:46.0281 4324BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:42:46.0359 4324BITS - ok
11:42:46.0436 4324blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:42:46.0438 4324blbdrive - ok
11:42:46.0524 4324Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:42:46.0530 4324Bonjour Service - ok
11:42:46.0619 4324bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:42:46.0621 4324bowser - ok
11:42:46.0646 4324BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:42:46.0647 4324BrFiltLo - ok
11:42:46.0677 4324BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:42:46.0678 4324BrFiltUp - ok
11:42:46.0719 4324Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:42:46.0720 4324Bridge - ok
11:42:46.0790 4324BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:42:46.0791 4324BridgeMP - ok
11:42:46.0830 4324Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:42:46.0832 4324Browser - ok
11:42:46.0883 4324Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:42:46.0888 4324Brserid - ok
11:42:46.0925 4324BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:42:46.0927 4324BrSerWdm - ok
11:42:46.0964 4324BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:42:46.0965 4324BrUsbMdm - ok
11:42:46.0980 4324BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:42:46.0981 4324BrUsbSer - ok
11:42:47.0002 4324bScsiMSa - ok
11:42:47.0009 4324bScsiSDa - ok
11:42:47.0053 4324BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:42:47.0055 4324BTHMODEM - ok
11:42:47.0111 4324bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:42:47.0113 4324bthserv - ok
11:42:47.0146 4324cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:42:47.0149 4324cdfs - ok
11:42:47.0267 4324cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:42:47.0268 4324cdrom - ok
11:42:47.0302 4324CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:42:47.0304 4324CertPropSvc - ok
11:42:47.0339 4324circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:42:47.0340 4324circlass - ok
11:42:47.0403 4324CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:42:47.0408 4324CLFS - ok
11:42:47.0539 4324clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:42:47.0541 4324clr_optimization_v2.0.50727_32 - ok
11:42:47.0588 4324clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:42:47.0590 4324clr_optimization_v2.0.50727_64 - ok
11:42:47.0661 4324clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:42:47.0689 4324clr_optimization_v4.0.30319_32 - ok
11:42:47.0723 4324clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:42:47.0726 4324clr_optimization_v4.0.30319_64 - ok
11:42:47.0749 4324CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:42:47.0750 4324CmBatt - ok
11:42:47.0764 4324cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:42:47.0766 4324cmdide - ok
11:42:47.0816 4324CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:42:47.0822 4324CNG - ok
11:42:47.0849 4324Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:42:47.0850 4324Compbatt - ok
11:42:47.0877 4324CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:42:47.0877 4324CompositeBus - ok
11:42:47.0883 4324COMSysApp - ok
11:42:47.0953 4324cpuz135 - ok
11:42:47.0992 4324crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:42:47.0994 4324crcdisk - ok
11:42:48.0061 4324CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:42:48.0064 4324CryptSvc - ok
11:42:48.0125 4324DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:42:48.0133 4324DcomLaunch - ok
11:42:48.0167 4324defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:42:48.0171 4324defragsvc - ok
11:42:48.0249 4324DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:42:48.0250 4324DfsC - ok
11:42:48.0290 4324Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:42:48.0294 4324Dhcp - ok
11:42:48.0324 4324discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:42:48.0325 4324discache - ok
11:42:48.0359 4324Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:42:48.0361 4324Disk - ok
11:42:48.0393 4324Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:42:48.0396 4324Dnscache - ok
11:42:48.0429 4324dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:42:48.0432 4324dot3svc - ok
11:42:48.0442 4324DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:42:48.0444 4324DPS - ok
11:42:48.0478 4324drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:42:48.0479 4324drmkaud - ok
11:42:48.0524 4324dtsoftbus01 (821bf177a24172f5f0ee9b322f58516c) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:42:48.0527 4324dtsoftbus01 - ok
11:42:48.0599 4324DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:42:48.0675 4324DXGKrnl - ok
11:42:48.0704 4324EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:42:48.0706 4324EapHost - ok
11:42:48.0835 4324ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:42:48.0944 4324ebdrv - ok
11:42:49.0062 4324EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:42:49.0064 4324EFS - ok
11:42:49.0170 4324ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:42:49.0195 4324ehRecvr - ok
11:42:49.0213 4324ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:42:49.0215 4324ehSched - ok
11:42:49.0282 4324elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:42:49.0298 4324elxstor - ok
11:42:49.0314 4324ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:42:49.0315 4324ErrDev - ok
11:42:49.0381 4324EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:42:49.0386 4324EventSystem - ok
11:42:49.0410 4324exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:42:49.0413 4324exfat - ok
11:42:49.0452 4324fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:42:49.0455 4324fastfat - ok
11:42:49.0509 4324Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:42:49.0587 4324Fax - ok
11:42:49.0606 4324fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:42:49.0608 4324fdc - ok
11:42:49.0621 4324fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:42:49.0623 4324fdPHost - ok
11:42:49.0654 4324FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:42:49.0655 4324FDResPub - ok
11:42:49.0694 4324FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:42:49.0695 4324FileInfo - ok
11:42:49.0716 4324Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:42:49.0717 4324Filetrace - ok
11:42:49.0805 4324FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:42:49.0829 4324FLEXnet Licensing Service - ok
11:42:49.0849 4324flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:42:49.0850 4324flpydisk - ok
11:42:49.0883 4324FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:42:49.0887 4324FltMgr - ok
11:42:49.0964 4324FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:42:49.0993 4324FontCache - ok
11:42:50.0062 4324FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:42:50.0063 4324FontCache3.0.0.0 - ok
11:42:50.0095 4324FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:42:50.0097 4324FsDepends - ok
11:42:50.0145 4324Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:42:50.0146 4324Fs_Rec - ok
11:42:50.0178 4324fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:42:50.0181 4324fvevol - ok
11:42:50.0198 4324gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:42:50.0200 4324gagp30kx - ok
11:42:50.0242 4324GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:42:50.0243 4324GEARAspiWDM - ok
11:42:50.0304 4324gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:42:50.0383 4324gpsvc - ok
11:42:50.0409 4324hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:42:50.0411 4324hcw85cir - ok
11:42:50.0469 4324HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:42:50.0473 4324HdAudAddService - ok

 

[Yellow77]

11:42:50.0517 4324HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:42:50.0519 4324HDAudBus - ok
11:42:50.0530 4324HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:42:50.0531 4324HidBatt - ok
11:42:50.0589 4324HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:42:50.0591 4324HidBth - ok
11:42:50.0621 4324HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:42:50.0622 4324HidIr - ok
11:42:50.0652 4324hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:42:50.0654 4324hidserv - ok
11:42:50.0685 4324HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:42:50.0686 4324HidUsb - ok
11:42:50.0710 4324hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:42:50.0712 4324hkmsvc - ok
11:42:50.0754 4324HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:42:50.0758 4324HomeGroupListener - ok
11:42:50.0816 4324HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:42:50.0820 4324HomeGroupProvider - ok
11:42:50.0842 4324HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:42:50.0844 4324HpSAMD - ok
11:42:50.0883 4324HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:42:50.0906 4324HTTP - ok
11:42:50.0932 4324hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:42:50.0933 4324hwpolicy - ok
11:42:50.0964 4324i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:42:50.0965 4324i8042prt - ok
11:42:50.0997 4324iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:42:51.0002 4324iaStorV - ok
11:42:51.0072 4324idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:42:51.0150 4324idsvc - ok
11:42:51.0362 4324igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:42:51.0512 4324igfx - ok
11:42:51.0619 4324iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:42:51.0621 4324iirsp - ok
11:42:51.0674 4324IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:42:51.0751 4324IKEEXT - ok
11:42:51.0888 4324IntcAzAudAddService (e7e0e8f2f44bcb48143fbba70106d8c1) C:\Windows\system32\drivers\RTKVHD64.sys
11:42:51.0989 4324IntcAzAudAddService - ok
11:42:52.0086 4324intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:42:52.0088 4324intelide - ok
11:42:52.0107 4324intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
11:42:52.0109 4324intelppm - ok
11:42:52.0150 4324IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:42:52.0152 4324IPBusEnum - ok
11:42:52.0189 4324IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:42:52.0191 4324IpFilterDriver - ok
11:42:52.0254 4324iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:42:52.0262 4324iphlpsvc - ok
11:42:52.0280 4324IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:42:52.0282 4324IPMIDRV - ok
11:42:52.0297 4324IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:42:52.0300 4324IPNAT - ok
11:42:52.0400 4324iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
11:42:52.0476 4324iPod Service - ok
11:42:52.0498 4324IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:42:52.0499 4324IRENUM - ok
11:42:52.0510 4324isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:42:52.0511 4324isapnp - ok
11:42:52.0529 4324iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:42:52.0533 4324iScsiPrt - ok
11:42:52.0613 4324k57nd60a (1d7aab58f4e21697af8f46eaa81823dd) C:\Windows\system32\DRIVERS\k57nd60a.sys
11:42:52.0618 4324k57nd60a - ok
11:42:52.0671 4324kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:42:52.0672 4324kbdclass - ok
11:42:52.0714 4324kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:42:52.0715 4324kbdhid - ok
11:42:52.0761 4324KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:42:52.0763 4324KeyIso - ok
11:42:52.0777 4324KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:42:52.0779 4324KSecDD - ok
11:42:52.0812 4324KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:42:52.0814 4324KSecPkg - ok
11:42:52.0843 4324ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:42:52.0843 4324ksthunk - ok
11:42:52.0869 4324KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:42:52.0875 4324KtmRm - ok
11:42:52.0905 4324L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
11:42:52.0906 4324L1E - ok
11:42:53.0058 4324LADF_CaptureOnly (ce4347e2d90db2e5517b6f2bc720a862) C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
11:42:53.0063 4324LADF_CaptureOnly - ok
11:42:53.0120 4324LADF_RenderOnly (85a9d21d3ae2ea963e111cb150895877) C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
11:42:53.0125 4324LADF_RenderOnly - ok
11:42:53.0165 4324LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:42:53.0170 4324LanmanServer - ok
11:42:53.0202 4324LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:42:53.0206 4324LanmanWorkstation - ok
11:42:53.0280 4324LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
11:42:53.0281 4324LGBusEnum - ok
11:42:53.0330 4324LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
11:42:53.0330 4324LGVirHid - ok
11:42:53.0402 4324LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:42:53.0403 4324LHidFilt - ok
11:42:53.0458 4324lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:42:53.0459 4324lltdio - ok
11:42:53.0516 4324lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:42:53.0520 4324lltdsvc - ok
11:42:53.0561 4324lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:42:53.0563 4324lmhosts - ok
11:42:53.0611 4324LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:42:53.0612 4324LMouFilt - ok
11:42:53.0636 4324LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:42:53.0637 4324LSI_FC - ok
11:42:53.0658 4324LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:42:53.0659 4324LSI_SAS - ok
11:42:53.0665 4324LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:42:53.0666 4324LSI_SAS2 - ok
11:42:53.0680 4324LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:42:53.0681 4324LSI_SCSI - ok
11:42:53.0742 4324luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:42:53.0744 4324luafv - ok
11:42:53.0797 4324MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
11:42:53.0797 4324MBAMProtector - ok
11:42:53.0867 4324MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:42:53.0881 4324MBAMService - ok
11:42:53.0903 4324Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:42:53.0905 4324Mcx2Svc - ok
11:42:53.0933 4324megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:42:53.0934 4324megasas - ok
11:42:53.0956 4324MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:42:53.0960 4324MegaSR - ok
11:42:54.0052 4324Microsoft SharePoint Workspace Audit Service - ok
11:42:54.0075 4324MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:42:54.0077 4324MMCSS - ok
11:42:54.0098 4324Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:42:54.0099 4324Modem - ok
11:42:54.0133 4324monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:42:54.0134 4324monitor - ok
11:42:54.0162 4324mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:42:54.0163 4324mouclass - ok
11:42:54.0228 4324mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:42:54.0228 4324mouhid - ok
11:42:54.0271 4324mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:42:54.0273 4324mountmgr - ok
11:42:54.0364 4324MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
11:42:54.0367 4324MpFilter - ok
11:42:54.0384 4324mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:42:54.0387 4324mpio - ok
11:42:54.0417 4324mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:42:54.0418 4324mpsdrv - ok
11:42:54.0471 4324MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:42:54.0550 4324MpsSvc - ok
11:42:54.0587 4324MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:42:54.0589 4324MRxDAV - ok
11:42:54.0623 4324mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:42:54.0626 4324mrxsmb - ok
11:42:54.0661 4324mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:42:54.0664 4324mrxsmb10 - ok
11:42:54.0688 4324mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:42:54.0689 4324mrxsmb20 - ok
11:42:54.0710 4324msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:42:54.0712 4324msahci - ok
11:42:54.0724 4324msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:42:54.0727 4324msdsm - ok
11:42:54.0776 4324MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:42:54.0779 4324MSDTC - ok
11:42:54.0827 4324Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:42:54.0827 4324Msfs - ok
11:42:54.0856 4324mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:42:54.0857 4324mshidkmdf - ok
11:42:54.0883 4324msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:42:54.0884 4324msisadrv - ok
11:42:54.0917 4324MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:42:54.0920 4324MSiSCSI - ok
11:42:54.0926 4324msiserver - ok
11:42:54.0958 4324MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:42:54.0960 4324MSKSSRV - ok
11:42:55.0014 4324MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:42:55.0015 4324MsMpSvc - ok
11:42:55.0046 4324MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:42:55.0046 4324MSPCLOCK - ok
11:42:55.0066 4324MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:42:55.0067 4324MSPQM - ok
11:42:55.0117 4324MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:42:55.0122 4324MsRPC - ok
11:42:55.0159 4324mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:42:55.0160 4324mssmbios - ok
11:42:55.0214 4324MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:42:55.0215 4324MSTEE - ok
11:42:55.0232 4324MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:42:55.0233 4324MTConfig - ok
11:42:55.0253 4324Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:42:55.0254 4324Mup - ok
11:42:55.0326 4324mxshflli (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\mxshflli.sys
11:42:55.0328 4324mxshflli - ok
11:42:55.0377 4324napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:42:55.0385 4324napagent - ok
11:42:55.0431 4324NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:42:55.0435 4324NativeWifiP - ok
11:42:55.0505 4324NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
11:42:55.0575 4324NDIS - ok
11:42:55.0594 4324NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:42:55.0596 4324NdisCap - ok
11:42:55.0606 4324NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:42:55.0607 4324NdisTapi - ok
11:42:55.0642 4324Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:42:55.0643 4324Ndisuio - ok
11:42:55.0675 4324NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:42:55.0677 4324NdisWan - ok
11:42:55.0704 4324NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:42:55.0705 4324NDProxy - ok
11:42:55.0731 4324NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:42:55.0732 4324NetBIOS - ok
11:42:55.0770 4324NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:42:55.0773 4324NetBT - ok
11:42:55.0795 4324Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:42:55.0797 4324Netlogon - ok
11:42:55.0834 4324Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:42:55.0840 4324Netman - ok
11:42:55.0913 4324NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:42:55.0925 4324NetMsmqActivator - ok
11:42:55.0951 4324NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:42:55.0953 4324NetPipeActivator - ok
11:42:55.0997 4324netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:42:56.0004 4324netprofm - ok
11:42:56.0017 4324NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:42:56.0019 4324NetTcpActivator - ok
11:42:56.0025 4324NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:42:56.0026 4324NetTcpPortSharing - ok
11:42:56.0091 4324nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:42:56.0093 4324nfrd960 - ok
11:42:56.0147 4324NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:42:56.0149 4324NisDrv - ok
11:42:56.0204 4324NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
11:42:56.0208 4324NisSrv - ok
11:42:56.0250 4324NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:42:56.0255 4324NlaSvc - ok
11:42:56.0320 4324NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
11:42:56.0321 4324NPF - ok
11:42:56.0334 4324Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:42:56.0335 4324Npfs - ok
11:42:56.0368 4324nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:42:56.0370 4324nsi - ok
11:42:56.0401 4324nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:42:56.0401 4324nsiproxy - ok
11:42:56.0477 4324Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:42:56.0568 4324Ntfs - ok
11:42:56.0720 4324Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:42:56.0720 4324Null - ok
11:42:56.0764 4324nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:42:56.0767 4324nvraid - ok
11:42:56.0805 4324nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:42:56.0808 4324nvstor - ok
11:42:56.0825 4324nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:42:56.0827 4324nv_agp - ok
11:42:56.0860 4324ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:42:56.0862 4324ohci1394 - ok
11:42:57.0119 4324OS Selector (9bfd0a072459782e3638362a4473e283) C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
11:42:57.0211 4324OS Selector - ok
11:42:57.0300 4324ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:42:57.0303 4324ose - ok
11:42:57.0541 4324osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:42:57.0680 4324osppsvc - ok
11:42:57.0781 4324p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:42:57.0787 4324p2pimsvc - ok
11:42:57.0858 4324p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:42:57.0866 4324p2psvc - ok
11:42:57.0942 4324Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:42:57.0944 4324Parport - ok
11:42:57.0990 4324partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:42:57.0992 4324partmgr - ok
11:42:58.0038 4324PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:42:58.0043 4324PcaSvc - ok
11:42:58.0085 4324pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:42:58.0088 4324pci - ok
11:42:58.0109 4324pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:42:58.0110 4324pciide - ok
11:42:58.0142 4324pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:42:58.0145 4324pcmcia - ok
11:42:58.0177 4324pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:42:58.0179 4324pcw - ok
11:42:58.0286 4324PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:42:58.0294 4324PEAUTH - ok
11:42:58.0392 4324PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:42:58.0394 4324PerfHost - ok
11:42:58.0511 4324pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:42:58.0608 4324pla - ok
11:42:58.0667 4324PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:42:58.0674 4324PlugPlay - ok
11:42:58.0714 4324PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:42:58.0717 4324PNRPAutoReg - ok
11:42:58.0845 4324PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:42:58.0849 4324PNRPsvc - ok
11:42:58.0883 4324PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:42:58.0890 4324PolicyAgent - ok
11:42:58.0920 4324Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:42:58.0924 4324Power - ok
11:42:58.0981 4324PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:42:58.0982 4324PptpMiniport - ok
11:42:59.0028 4324Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:42:59.0030 4324Processor - ok
11:42:59.0087 4324ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:42:59.0092 4324ProfSvc - ok
11:42:59.0118 4324ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:42:59.0119 4324ProtectedStorage - ok
11:42:59.0168 4324Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:42:59.0170 4324Psched - ok
11:42:59.0363 4324ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:42:59.0452 4324ql2300 - ok
11:42:59.0570 4324ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:42:59.0572 4324ql40xx - ok
11:42:59.0612 4324QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:42:59.0617 4324QWAVE - ok
11:42:59.0632 4324QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:42:59.0633 4324QWAVEdrv - ok
11:42:59.0655 4324RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:42:59.0656 4324RasAcd - ok
11:42:59.0685 4324RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:42:59.0685 4324RasAgileVpn - ok
11:42:59.0702 4324RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:42:59.0705 4324RasAuto - ok
11:42:59.0745 4324Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:42:59.0746 4324Rasl2tp - ok
11:42:59.0779 4324RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:42:59.0785 4324RasMan - ok
11:42:59.0816 4324RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:42:59.0817 4324RasPppoe - ok
11:42:59.0843 4324RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:42:59.0844 4324RasSstp - ok
11:42:59.0886 4324rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:42:59.0890 4324rdbss - ok
11:42:59.0908 4324rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:42:59.0910 4324rdpbus - ok
11:42:59.0921 4324RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:42:59.0922 4324RDPCDD - ok
11:42:59.0938 4324RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:42:59.0939 4324RDPENCDD - ok
11:42:59.0957 4324RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:42:59.0958 4324RDPREFMP - ok
11:43:00.0010 4324RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:43:00.0013 4324RDPWD - ok
11:43:00.0050 4324rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:43:00.0053 4324rdyboost - ok
11:43:00.0073 4324RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:43:00.0075 4324RemoteAccess - ok
11:43:00.0111 4324RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:43:00.0115 4324RemoteRegistry - ok
11:43:00.0203 4324rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe
11:43:00.0205 4324rpcapd - ok
11:43:00.0218 4324RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:43:00.0221 4324RpcEptMapper - ok
11:43:00.0248 4324RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:43:00.0250 4324RpcLocator - ok
11:43:00.0286 4324RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:43:00.0292 4324RpcSs - ok
11:43:00.0329 4324rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:43:00.0330 4324rspndr - ok
11:43:00.0350 4324SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:43:00.0352 4324SamSs - ok
11:43:00.0375 4324sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:43:00.0376 4324sbp2port - ok
11:43:00.0404 4324SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:43:00.0409 4324SCardSvr - ok
11:43:00.0425 4324scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:43:00.0426 4324scfilter - ok
11:43:00.0485 4324Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:43:00.0518 4324Schedule - ok
11:43:00.0542 4324SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:43:00.0543 4324SCPolicySvc - ok
11:43:00.0612 4324sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
11:43:00.0613 4324sdbus - ok
11:43:00.0663 4324SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:43:00.0667 4324SDRSVC - ok
11:43:00.0699 4324secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:43:00.0699 4324secdrv - ok
11:43:00.0741 4324seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:43:00.0744 4324seclogon - ok
11:43:00.0774 4324SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:43:00.0777 4324SENS - ok
11:43:00.0808 4324SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:43:00.0811 4324SensrSvc - ok
11:43:00.0823 4324Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:43:00.0824 4324Serenum - ok
11:43:00.0842 4324Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:43:00.0844 4324Serial - ok
11:43:00.0873 4324sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:43:00.0874 4324sermouse - ok
11:43:00.0899 4324SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:43:00.0903 4324SessionEnv - ok
11:43:00.0923 4324sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:43:00.0923 4324sffdisk - ok
11:43:00.0940 4324sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:43:00.0941 4324sffp_mmc - ok
11:43:00.0952 4324sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:43:00.0953 4324sffp_sd - ok
11:43:00.0989 4324sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:43:00.0991 4324sfloppy - ok
11:43:01.0035 4324SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:43:01.0040 4324SharedAccess - ok
11:43:01.0088 4324ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:43:01.0094 4324ShellHWDetection - ok
11:43:01.0106 4324SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:43:01.0108 4324SiSRaid2 - ok
11:43:01.0141 4324SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:43:01.0143 4324SiSRaid4 - ok
11:43:01.0231 4324SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:43:01.0232 4324SkypeUpdate - ok
11:43:01.0251 4324Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:43:01.0253 4324Smb - ok
11:43:01.0322 4324snapman (427c2b34bf4dd4f813da4c0df154cc94) C:\Windows\system32\DRIVERS\snapman.sys
11:43:01.0326 4324snapman - ok
11:43:01.0350 4324SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:43:01.0352 4324SNMPTRAP - ok
11:43:01.0382 4324Soluto (f9369327409492097b0bb7ce86bd29de) C:\Windows\system32\DRIVERS\Soluto.sys
11:43:01.0383 4324Soluto - ok
11:43:01.0481 4324SolutoService (ed8397986be35c11bfb321636d6991ee) C:\Program Files\Soluto\SolutoService.exe
11:43:01.0497 4324SolutoService - ok
11:43:01.0518 4324spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:43:01.0519 4324spldr - ok
11:43:01.0566 4324Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:43:01.0582 4324Spooler - ok
11:43:01.0754 4324sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:43:01.0865 4324sppsvc - ok
11:43:01.0977 4324sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:43:01.0980 4324sppuinotify - ok
11:43:02.0068 4324srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:43:02.0073 4324srv - ok
11:43:02.0103 4324srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:43:02.0108 4324srv2 - ok
11:43:02.0125 4324srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:43:02.0127 4324srvnet - ok
11:43:02.0159 4324SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:43:02.0163 4324SSDPSRV - ok
11:43:02.0191 4324SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:43:02.0195 4324SstpSvc - ok
11:43:02.0248 4324Steam Client Service - ok
11:43:02.0294 4324stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:43:02.0295 4324stexstor - ok
11:43:02.0352 4324stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:43:02.0368 4324stisvc - ok
11:43:02.0393 4324swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:43:02.0393 4324swenum - ok
11:43:02.0469 4324SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:43:02.0474 4324SwitchBoard - ok
11:43:02.0507 4324swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:43:02.0515 4324swprv - ok
11:43:02.0573 4324SynTP (57b534a913e81e7cf91c3d5854d2f80e) C:\Windows\system32\DRIVERS\SynTP.sys
11:43:02.0578 4324SynTP - ok
11:43:02.0711 4324SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:43:02.0802 4324SysMain - ok
11:43:03.0065 4324TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:43:03.0069 4324TabletInputService - ok
11:43:03.0098 4324TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:43:03.0104 4324TapiSrv - ok
11:43:03.0131 4324TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:43:03.0134 4324TBS - ok
11:43:03.0296 4324Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:43:03.0391 4324Tcpip - ok
11:43:03.0628 4324TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:43:03.0641 4324TCPIP6 - ok
11:43:03.0793 4324tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:43:03.0793 4324tcpipreg - ok
11:43:03.0811 4324TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:43:03.0812 4324TDPIPE - ok
11:43:03.0846 4324TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:43:03.0848 4324TDTCP - ok
11:43:03.0908 4324tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:43:03.0910 4324tdx - ok
11:43:04.0120 4324TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:43:04.0225 4324TeamViewer7 - ok
11:43:04.0338 4324TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:43:04.0340 4324TermDD - ok
11:43:04.0402 4324TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:43:04.0441 4324TermService - ok
11:43:04.0456 4324Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:43:04.0459 4324Themes - ok
11:43:04.0485 4324THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:43:04.0487 4324THREADORDER - ok
11:43:04.0524 4324TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:43:04.0528 4324TrkWks - ok
11:43:04.0593 4324TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:43:04.0595 4324TrustedInstaller - ok
11:43:04.0636 4324tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:43:04.0638 4324tssecsrv - ok
11:43:04.0696 4324TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:43:04.0697 4324TsUsbFlt - ok
11:43:04.0703 4324TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:43:04.0705 4324TsUsbGD - ok
11:43:04.0754 4324tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:43:04.0756 4324tunnel - ok
11:43:04.0762 4324uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:43:04.0764 4324uagp35 - ok
11:43:04.0799 4324udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:43:04.0804 4324udfs - ok
11:43:04.0841 4324UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:43:04.0844 4324UI0Detect - ok
11:43:04.0862 4324uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:43:04.0864 4324uliagpkx - ok
11:43:04.0892 4324umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:43:04.0893 4324umbus - ok
11:43:04.0912 4324UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:43:04.0913 4324UmPass - ok
11:43:04.0974 4324upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:43:04.0980 4324upnphost - ok
11:43:05.0060 4324USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
11:43:05.0061 4324USBAAPL64 - ok
11:43:05.0103 4324usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
11:43:05.0105 4324usbaudio - ok
11:43:05.0142 4324usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:43:05.0143 4324usbccgp - ok
11:43:05.0161 4324usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:43:05.0163 4324usbcir - ok
11:43:05.0188 4324usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:43:05.0189 4324usbehci - ok
11:43:05.0227 4324usbfilter (b7037444dc5138fc7d3d3968b4de5c4b) C:\Windows\system32\DRIVERS\usbfilter.sys
11:43:05.0228 4324usbfilter - ok
11:43:05.0274 4324usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
11:43:05.0278 4324usbhub - ok
11:43:05.0341 4324usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:43:05.0342 4324usbohci - ok
11:43:05.0375 4324usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:43:05.0377 4324usbprint - ok
11:43:05.0431 4324usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:43:05.0433 4324usbscan - ok
11:43:05.0461 4324USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:43:05.0463 4324USBSTOR - ok
11:43:05.0490 4324usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:43:05.0492 4324usbuhci - ok
11:43:05.0526 4324usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:43:05.0529 4324usbvideo - ok
11:43:05.0558 4324UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:43:05.0561 4324UxSms - ok
11:43:05.0584 4324VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:43:05.0585 4324VaultSvc - ok
11:43:05.0599 4324vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:43:05.0600 4324vdrvroot - ok
11:43:05.0634 4324vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:43:05.0711 4324vds - ok

 

[Yellow77]

11:43:05.0738 4324vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:43:05.0739 4324vga - ok
11:43:05.0762 4324VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:43:05.0763 4324VgaSave - ok
11:43:05.0776 4324vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:43:05.0779 4324vhdmp - ok
11:43:05.0784 4324viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:43:05.0785 4324viaide - ok
11:43:05.0817 4324volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:43:05.0818 4324volmgr - ok
11:43:05.0874 4324volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:43:05.0878 4324volmgrx - ok
11:43:05.0903 4324volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:43:05.0907 4324volsnap - ok
11:43:05.0932 4324vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:43:05.0935 4324vsmraid - ok
11:43:06.0033 4324VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:43:06.0125 4324VSS - ok
11:43:06.0260 4324vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:43:06.0261 4324vwifibus - ok
11:43:06.0278 4324vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:43:06.0279 4324vwififlt - ok
11:43:06.0327 4324W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:43:06.0333 4324W32Time - ok
11:43:06.0351 4324WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:43:06.0352 4324WacomPen - ok
11:43:06.0366 4324WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:43:06.0367 4324WANARP - ok
11:43:06.0382 4324Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:43:06.0384 4324Wanarpv6 - ok
11:43:06.0501 4324WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:43:06.0582 4324WatAdminSvc - ok
11:43:06.0742 4324wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:43:06.0837 4324wbengine - ok
11:43:06.0941 4324WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:43:06.0946 4324WbioSrvc - ok
11:43:06.0977 4324wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:43:06.0983 4324wcncsvc - ok
11:43:07.0004 4324WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:43:07.0007 4324WcsPlugInService - ok
11:43:07.0055 4324Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:43:07.0056 4324Wd - ok
11:43:07.0105 4324Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:43:07.0117 4324Wdf01000 - ok
11:43:07.0143 4324WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:43:07.0147 4324WdiServiceHost - ok
11:43:07.0151 4324WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:43:07.0154 4324WdiSystemHost - ok
11:43:07.0184 4324WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:43:07.0189 4324WebClient - ok
11:43:07.0215 4324Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:43:07.0220 4324Wecsvc - ok
11:43:07.0234 4324wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:43:07.0237 4324wercplsupport - ok
11:43:07.0251 4324WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:43:07.0255 4324WerSvc - ok
11:43:07.0320 4324WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:43:07.0321 4324WfpLwf - ok
11:43:07.0339 4324WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:43:07.0340 4324WIMMount - ok
11:43:07.0406 4324WinDefend - ok
11:43:07.0489 4324WindowBlinds (97c7f30787a30cfa760b0247631a5463) C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
11:43:07.0493 4324WindowBlinds - ok
11:43:07.0557 4324WindowFX (f8265dc5b3f30879030f12fefe113f45) C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\WindowFXSRV.exe
11:43:07.0559 4324WindowFX - ok
11:43:07.0583 4324WinHttpAutoProxySvc - ok
11:43:07.0655 4324Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:43:07.0658 4324Winmgmt - ok
11:43:07.0764 4324WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:43:07.0862 4324WinRM - ok
11:43:08.0003 4324WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:43:08.0005 4324WinUsb - ok
11:43:08.0090 4324Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:43:08.0147 4324Wlansvc - ok
11:43:08.0216 4324wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:43:08.0218 4324wlcrasvc - ok
11:43:08.0388 4324wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:43:08.0483 4324wlidsvc - ok
11:43:08.0638 4324wltrysvc - ok
11:43:08.0684 4324WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:43:08.0685 4324WmiAcpi - ok
11:43:08.0748 4324wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:43:08.0750 4324wmiApSrv - ok
11:43:08.0796 4324WMPNetworkSvc - ok
11:43:08.0825 4324WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:43:08.0828 4324WPCSvc - ok
11:43:08.0847 4324WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:43:08.0851 4324WPDBusEnum - ok
11:43:08.0882 4324ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:43:08.0884 4324ws2ifsl - ok
11:43:08.0909 4324wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:43:08.0912 4324wscsvc - ok
11:43:08.0927 4324WSearch - ok
11:43:09.0113 4324wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
11:43:09.0194 4324wuauserv - ok
11:43:09.0303 4324WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:43:09.0304 4324WudfPf - ok
11:43:09.0335 4324WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:43:09.0337 4324WUDFRd - ok
11:43:09.0371 4324wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:43:09.0374 4324wudfsvc - ok
11:43:09.0397 4324WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:43:09.0403 4324WwanSvc - ok
11:43:09.0447 4324MBR (0x1B8) (3e0a9b8449a315e0044be2adf3d12596) \Device\Harddisk0\DR0
11:43:09.0641 4324\Device\Harddisk0\DR0 - ok
11:43:09.0645 4324Boot (0x1200) (84ba7c8dbbc60c88de76c61c23eac360) \Device\Harddisk0\DR0\Partition0
11:43:09.0646 4324\Device\Harddisk0\DR0\Partition0 - ok
11:43:09.0660 4324Boot (0x1200) (e597a7b36cf16d4b4b4e757758ba1d4e) \Device\Harddisk0\DR0\Partition1
11:43:09.0661 4324\Device\Harddisk0\DR0\Partition1 - ok
11:43:09.0662 4324============================================================
11:43:09.0662 4324Scan finished
11:43:09.0662 4324============================================================
11:43:09.0678 6236Detected object count: 0
11:43:09.0678 6236Actual detected object count: 0
11:43:45.0714 5940============================================================
11:43:45.0714 5940Scan started
11:43:45.0714 5940Mode: Manual; SigCheck; TDLFS;
11:43:45.0714 5940============================================================
11:43:46.0007 59401394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:43:46.0081 59401394ohci - ok
11:43:46.0127 5940ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:43:46.0147 5940ACPI - ok
11:43:46.0170 5940AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:43:46.0216 5940AcpiPmi - ok
11:43:46.0342 5940AdobeARMservice (11a52cf7b265631deeb24c6149309eff) c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:43:46.0354 5940AdobeARMservice - ok
11:43:46.0408 5940adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:43:46.0431 5940adp94xx - ok
11:43:46.0496 5940adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:43:46.0515 5940adpahci - ok
11:43:46.0529 5940adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:43:46.0546 5940adpu320 - ok
11:43:46.0599 5940AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:43:46.0806 5940AeLookupSvc - ok
11:43:46.0875 5940AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:43:46.0926 5940AFD - ok
11:43:46.0951 5940agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:43:46.0965 5940agp440 - ok
11:43:46.0983 5940ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:43:47.0035 5940ALG - ok
11:43:47.0048 5940aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:43:47.0061 5940aliide - ok
11:43:47.0118 5940ALSysIO - ok
11:43:47.0151 5940AMD External Events Utility (69435b13c11b27420eff135ef07e2545) C:\Windows\system32\atiesrxx.exe
11:43:47.0216 5940AMD External Events Utility - ok
11:43:47.0227 5940amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:43:47.0241 5940amdide - ok
11:43:47.0269 5940AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:43:47.0296 5940AmdK8 - ok
11:43:47.0743 5940amdkmdag (f55484c5b3a79f2514773a3747084fe0) C:\Windows\system32\DRIVERS\atikmdag.sys
11:43:47.0940 5940amdkmdag - ok
11:43:48.0079 5940amdkmdap (dee55afcbb41a340781b3c4a05ae90bd) C:\Windows\system32\DRIVERS\atikmpag.sys
11:43:48.0113 5940amdkmdap - ok
11:43:48.0135 5940AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:43:48.0172 5940AmdPPM - ok
11:43:48.0198 5940amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:43:48.0212 5940amdsata - ok
11:43:48.0242 5940amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:43:48.0259 5940amdsbs - ok
11:43:48.0272 5940amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:43:48.0286 5940amdxata - ok
11:43:48.0317 5940amd_sata (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
11:43:48.0337 5940amd_sata - ok
11:43:48.0350 5940amd_xata (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
11:43:48.0361 5940amd_xata - ok
11:43:48.0377 5940AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:43:48.0483 5940AppID - ok
11:43:48.0513 5940AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:43:48.0577 5940AppIDSvc - ok
11:43:48.0610 5940Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:43:48.0668 5940Appinfo - ok
11:43:48.0745 5940Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:43:48.0757 5940Apple Mobile Device - ok
11:43:48.0781 5940arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:43:48.0795 5940arc - ok
11:43:48.0813 5940arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:43:48.0827 5940arcsas - ok
11:43:48.0914 5940aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:43:48.0926 5940aspnet_state - ok
11:43:48.0950 5940AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:43:49.0008 5940AsyncMac - ok
11:43:49.0027 5940atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:43:49.0040 5940atapi - ok
11:43:49.0086 5940AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
11:43:49.0099 5940AtiHDAudioService - ok
11:43:49.0166 5940AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:43:49.0242 5940AudioEndpointBuilder - ok
11:43:49.0251 5940AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:43:49.0299 5940AudioSrv - ok
11:43:49.0325 5940AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:43:49.0384 5940AxInstSV - ok
11:43:49.0436 5940b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:43:49.0475 5940b06bdrv - ok
11:43:49.0505 5940b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:43:49.0550 5940b57nd60a - ok
11:43:49.0554 5940b57xdbd - ok
11:43:49.0560 5940b57xdmp - ok
11:43:49.0800 5940BCM43XX (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
11:43:49.0895 5940BCM43XX - ok
11:43:50.0012 5940BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:43:50.0054 5940BDESVC - ok
11:43:50.0104 5940Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:43:50.0157 5940Beep - ok
11:43:50.0217 5940BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:43:50.0278 5940BFE - ok
11:43:50.0341 5940BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:43:50.0414 5940BITS - ok
11:43:50.0464 5940blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:43:50.0485 5940blbdrive - ok
11:43:50.0580 5940Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:43:50.0598 5940Bonjour Service - ok
11:43:50.0621 5940bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:43:50.0663 5940bowser - ok
11:43:50.0672 5940BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:43:50.0718 5940BrFiltLo - ok
11:43:50.0748 5940BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:43:50.0776 5940BrFiltUp - ok
11:43:50.0798 5940Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:43:50.0854 5940Bridge - ok
11:43:50.0859 5940BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:43:50.0902 5940BridgeMP - ok
11:43:50.0932 5940Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:43:50.0987 5940Browser - ok
11:43:51.0028 5940Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:43:51.0072 5940Brserid - ok
11:43:51.0084 5940BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:43:51.0117 5940BrSerWdm - ok
11:43:51.0147 5940BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:43:51.0174 5940BrUsbMdm - ok
11:43:51.0185 5940BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:43:51.0211 5940BrUsbSer - ok
11:43:51.0216 5940bScsiMSa - ok
11:43:51.0221 5940bScsiSDa - ok
11:43:51.0246 5940BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:43:51.0270 5940BTHMODEM - ok
11:43:51.0305 5940bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:43:51.0347 5940bthserv - ok
11:43:51.0373 5940cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:43:51.0422 5940cdfs - ok
11:43:51.0540 5940cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:43:51.0566 5940cdrom - ok
11:43:51.0585 5940CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:43:51.0655 5940CertPropSvc - ok
11:43:51.0678 5940circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:43:51.0708 5940circlass - ok
11:43:51.0740 5940CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:43:51.0760 5940CLFS - ok
11:43:51.0809 5940clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:43:51.0822 5940clr_optimization_v2.0.50727_32 - ok
11:43:51.0841 5940clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:43:51.0853 5940clr_optimization_v2.0.50727_64 - ok
11:43:51.0913 5940clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:43:51.0925 5940clr_optimization_v4.0.30319_32 - ok
11:43:51.0962 5940clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:43:51.0975 5940clr_optimization_v4.0.30319_64 - ok
11:43:51.0999 5940CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:43:52.0025 5940CmBatt - ok
11:43:52.0036 5940cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:43:52.0050 5940cmdide - ok
11:43:52.0095 5940CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:43:52.0125 5940CNG - ok
11:43:52.0143 5940Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:43:52.0157 5940Compbatt - ok
11:43:52.0180 5940CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:43:52.0204 5940CompositeBus - ok
11:43:52.0208 5940COMSysApp - ok
11:43:52.0235 5940cpuz135 - ok
11:43:52.0253 5940crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:43:52.0266 5940crcdisk - ok
11:43:52.0321 5940CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:43:52.0368 5940CryptSvc - ok
11:43:52.0428 5940DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:43:52.0483 5940DcomLaunch - ok
11:43:52.0519 5940defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:43:52.0574 5940defragsvc - ok
11:43:52.0610 5940DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:43:52.0667 5940DfsC - ok
11:43:52.0709 5940Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:43:52.0766 5940Dhcp - ok
11:43:52.0785 5940discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:43:52.0837 5940discache - ok
11:43:52.0875 5940Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:43:52.0890 5940Disk - ok
11:43:52.0922 5940Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:43:52.0955 5940Dnscache - ok
11:43:52.0990 5940dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:43:53.0047 5940dot3svc - ok
11:43:53.0056 5940DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:43:53.0111 5940DPS - ok
11:43:53.0138 5940drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:43:53.0170 5940drmkaud - ok
11:43:53.0207 5940dtsoftbus01 (821bf177a24172f5f0ee9b322f58516c) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:43:53.0224 5940dtsoftbus01 - ok
11:43:53.0286 5940DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:43:53.0317 5940DXGKrnl - ok
11:43:53.0343 5940EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:43:53.0403 5940EapHost - ok
11:43:53.0563 5940ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:43:53.0638 5940ebdrv - ok
11:43:53.0732 5940EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:43:53.0771 5940EFS - ok
11:43:53.0841 5940ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:43:53.0897 5940ehRecvr - ok
11:43:53.0918 5940ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:43:53.0942 5940ehSched - ok
11:43:54.0014 5940elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:43:54.0036 5940elxstor - ok
11:43:54.0052 5940ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:43:54.0076 5940ErrDev - ok
11:43:54.0123 5940EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:43:54.0179 5940EventSystem - ok
11:43:54.0215 5940exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:43:54.0266 5940exfat - ok
11:43:54.0291 5940fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:43:54.0344 5940fastfat - ok
11:43:54.0400 5940Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:43:54.0454 5940Fax - ok
11:43:54.0466 5940fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:43:54.0492 5940fdc - ok
11:43:54.0515 5940fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:43:54.0557 5940fdPHost - ok
11:43:54.0569 5940FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:43:54.0619 5940FDResPub - ok
11:43:54.0643 5940FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:43:54.0657 5940FileInfo - ok
11:43:54.0676 5940Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:43:54.0739 5940Filetrace - ok
11:43:54.0829 5940FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:43:54.0851 5940FLEXnet Licensing Service - ok
11:43:54.0864 5940flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:43:54.0892 5940flpydisk - ok
11:43:54.0924 5940FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:43:54.0942 5940FltMgr - ok
11:43:55.0029 5940FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:43:55.0080 5940FontCache - ok
11:43:55.0133 5940FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:43:55.0145 5940FontCache3.0.0.0 - ok
11:43:55.0177 5940FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:43:55.0191 5940FsDepends - ok
11:43:55.0227 5940Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:43:55.0241 5940Fs_Rec - ok
11:43:55.0263 5940fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:43:55.0284 5940fvevol - ok
11:43:55.0302 5940gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:43:55.0317 5940gagp30kx - ok
11:43:55.0357 5940GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:43:55.0368 5940GEARAspiWDM - ok
11:43:55.0430 5940gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:43:55.0480 5940gpsvc - ok
11:43:55.0503 5940hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:43:55.0527 5940hcw85cir - ok
11:43:55.0556 5940HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:43:55.0588 5940HdAudAddService - ok
11:43:55.0607 5940HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:43:55.0638 5940HDAudBus - ok
11:43:55.0656 5940HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:43:55.0681 5940HidBatt - ok
11:43:55.0704 5940HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:43:55.0735 5940HidBth - ok
11:43:55.0758 5940HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:43:55.0774 5940HidIr - ok
11:43:55.0801 5940hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:43:55.0843 5940hidserv - ok
11:43:55.0856 5940HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:43:55.0870 5940HidUsb - ok
11:43:55.0891 5940hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:43:55.0944 5940hkmsvc - ok
11:43:55.0968 5940HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:43:56.0006 5940HomeGroupListener - ok
11:43:56.0035 5940HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:43:56.0065 5940HomeGroupProvider - ok
11:43:56.0080 5940HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:43:56.0095 5940HpSAMD - ok
11:43:56.0139 5940HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:43:56.0195 5940HTTP - ok
11:43:56.0225 5940hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:43:56.0239 5940hwpolicy - ok
11:43:56.0257 5940i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:43:56.0271 5940i8042prt - ok
11:43:56.0307 5940iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:43:56.0328 5940iaStorV - ok
11:43:56.0412 5940idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:43:56.0439 5940idsvc - ok
11:43:56.0838 5940igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:43:56.0946 5940igfx - ok
11:43:57.0056 5940iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:43:57.0070 5940iirsp - ok
11:43:57.0144 5940IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:43:57.0196 5940IKEEXT - ok

 

[Yellow77]

11:43:57.0362 5940IntcAzAudAddService (e7e0e8f2f44bcb48143fbba70106d8c1) C:\Windows\system32\drivers\RTKVHD64.sys
11:43:57.0428 5940IntcAzAudAddService - ok
11:43:57.0535 5940intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:43:57.0548 5940intelide - ok
11:43:57.0567 5940intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
11:43:57.0596 5940intelppm - ok
11:43:57.0620 5940IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:43:57.0678 5940IPBusEnum - ok
11:43:57.0692 5940IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:43:57.0740 5940IpFilterDriver - ok
11:43:57.0778 5940iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:43:57.0840 5940iphlpsvc - ok
11:43:57.0861 5940IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:43:57.0886 5940IPMIDRV - ok
11:43:57.0914 5940IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:43:57.0973 5940IPNAT - ok
11:43:58.0074 5940iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
11:43:58.0101 5940iPod Service - ok
11:43:58.0125 5940IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:43:58.0161 5940IRENUM - ok
11:43:58.0181 5940isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:43:58.0194 5940isapnp - ok
11:43:58.0214 5940iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:43:58.0232 5940iScsiPrt - ok
11:43:58.0295 5940k57nd60a (1d7aab58f4e21697af8f46eaa81823dd) C:\Windows\system32\DRIVERS\k57nd60a.sys
11:43:58.0314 5940k57nd60a - ok
11:43:58.0342 5940kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:43:58.0357 5940kbdclass - ok
11:43:58.0375 5940kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:43:58.0406 5940kbdhid - ok
11:43:58.0433 5940KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:43:58.0448 5940KeyIso - ok
11:43:58.0462 5940KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:43:58.0476 5940KSecDD - ok
11:43:58.0497 5940KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:43:58.0513 5940KSecPkg - ok
11:43:58.0537 5940ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:43:58.0590 5940ksthunk - ok
11:43:58.0624 5940KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:43:58.0686 5940KtmRm - ok
11:43:58.0708 5940L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
11:43:58.0739 5940L1E - ok
11:43:58.0790 5940LADF_CaptureOnly (ce4347e2d90db2e5517b6f2bc720a862) C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
11:43:58.0808 5940LADF_CaptureOnly - ok
11:43:58.0834 5940LADF_RenderOnly (85a9d21d3ae2ea963e111cb150895877) C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
11:43:58.0851 5940LADF_RenderOnly - ok
11:43:58.0890 5940LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:43:58.0945 5940LanmanServer - ok
11:43:58.0962 5940LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:43:59.0018 5940LanmanWorkstation - ok
11:43:59.0062 5940LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
11:43:59.0074 5940LGBusEnum - ok
11:43:59.0124 5940LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
11:43:59.0135 5940LGVirHid - ok
11:43:59.0184 5940LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:43:59.0198 5940LHidFilt - ok
11:43:59.0230 5940lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:43:59.0287 5940lltdio - ok
11:43:59.0345 5940lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:43:59.0397 5940lltdsvc - ok
11:43:59.0422 5940lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:43:59.0464 5940lmhosts - ok
11:43:59.0505 5940LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:43:59.0518 5940LMouFilt - ok
11:43:59.0620 5940LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:43:59.0635 5940LSI_FC - ok
11:43:59.0652 5940LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:43:59.0667 5940LSI_SAS - ok
11:43:59.0674 5940LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:43:59.0688 5940LSI_SAS2 - ok
11:43:59.0709 5940LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:43:59.0724 5940LSI_SCSI - ok
11:43:59.0749 5940luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:43:59.0806 5940luafv - ok
11:43:59.0846 5940MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
11:43:59.0860 5940MBAMProtector - ok
11:43:59.0938 5940MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:43:59.0960 5940MBAMService - ok
11:43:59.0987 5940Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:44:00.0012 5940Mcx2Svc - ok
11:44:00.0038 5940megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:44:00.0052 5940megasas - ok
11:44:00.0076 5940MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:44:00.0094 5940MegaSR - ok
11:44:00.0167 5940Microsoft SharePoint Workspace Audit Service - ok
11:44:00.0202 5940MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:44:00.0261 5940MMCSS - ok
11:44:00.0280 5940Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:44:00.0338 5940Modem - ok
11:44:00.0360 5940monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:44:00.0385 5940monitor - ok
11:44:00.0400 5940mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:44:00.0414 5940mouclass - ok
11:44:00.0432 5940mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:44:00.0453 5940mouhid - ok
11:44:00.0487 5940mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:44:00.0502 5940mountmgr - ok
11:44:00.0546 5940MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
11:44:00.0565 5940MpFilter - ok
11:44:00.0591 5940mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:44:00.0607 5940mpio - ok
11:44:00.0622 5940mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:44:00.0664 5940mpsdrv - ok
11:44:00.0725 5940MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:44:00.0783 5940MpsSvc - ok
11:44:00.0799 5940MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:44:00.0832 5940MRxDAV - ok
11:44:00.0857 5940mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:44:00.0897 5940mrxsmb - ok
11:44:00.0926 5940mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:44:00.0943 5940mrxsmb10 - ok
11:44:00.0957 5940mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:44:00.0987 5940mrxsmb20 - ok
11:44:01.0015 5940msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:44:01.0029 5940msahci - ok
11:44:01.0056 5940msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:44:01.0071 5940msdsm - ok
11:44:01.0101 5940MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:44:01.0125 5940MSDTC - ok
11:44:01.0148 5940Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:44:01.0190 5940Msfs - ok
11:44:01.0199 5940mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:44:01.0251 5940mshidkmdf - ok
11:44:01.0277 5940msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:44:01.0290 5940msisadrv - ok
11:44:01.0332 5940MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:44:01.0382 5940MSiSCSI - ok
11:44:01.0386 5940msiserver - ok
11:44:01.0407 5940MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:44:01.0464 5940MSKSSRV - ok
11:44:01.0508 5940MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:44:01.0521 5940MsMpSvc - ok
11:44:01.0529 5940MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:44:01.0589 5940MSPCLOCK - ok
11:44:01.0605 5940MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:44:01.0658 5940MSPQM - ok
11:44:01.0690 5940MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:44:01.0709 5940MsRPC - ok
11:44:01.0730 5940mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:44:01.0744 5940mssmbios - ok
11:44:01.0753 5940MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:44:01.0811 5940MSTEE - ok
11:44:01.0837 5940MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:44:01.0863 5940MTConfig - ok
11:44:01.0880 5940Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:44:01.0894 5940Mup - ok
11:44:01.0943 5940mxshflli (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\mxshflli.sys
11:44:01.0954 5940mxshflli - ok
11:44:01.0999 5940napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:44:02.0057 5940napagent - ok
11:44:02.0095 5940NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:44:02.0135 5940NativeWifiP - ok
11:44:02.0207 5940NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
11:44:02.0238 5940NDIS - ok
11:44:02.0256 5940NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:44:02.0298 5940NdisCap - ok
11:44:02.0312 5940NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:44:02.0369 5940NdisTapi - ok
11:44:02.0393 5940Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:44:02.0444 5940Ndisuio - ok
11:44:02.0470 5940NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:44:02.0526 5940NdisWan - ok
11:44:02.0554 5940NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:44:02.0595 5940NDProxy - ok
11:44:02.0615 5940NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:44:02.0668 5940NetBIOS - ok
11:44:02.0689 5940NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:44:02.0731 5940NetBT - ok
11:44:02.0756 5940Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:44:02.0770 5940Netlogon - ok
11:44:02.0811 5940Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:44:02.0866 5940Netman - ok
11:44:02.0940 5940NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:44:02.0953 5940NetMsmqActivator - ok
11:44:02.0958 5940NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:44:02.0971 5940NetPipeActivator - ok
11:44:03.0020 5940netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:44:03.0080 5940netprofm - ok
11:44:03.0085 5940NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:44:03.0098 5940NetTcpActivator - ok
11:44:03.0103 5940NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:44:03.0116 5940NetTcpPortSharing - ok
11:44:03.0175 5940nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:44:03.0189 5940nfrd960 - ok
11:44:03.0232 5940NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:44:03.0244 5940NisDrv - ok
11:44:03.0298 5940NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
11:44:03.0317 5940NisSrv - ok
11:44:03.0359 5940NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:44:03.0415 5940NlaSvc - ok
11:44:03.0459 5940NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
11:44:03.0471 5940NPF - ok
11:44:03.0484 5940Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:44:03.0527 5940Npfs - ok
11:44:03.0540 5940nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:44:03.0593 5940nsi - ok
11:44:03.0617 5940nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:44:03.0669 5940nsiproxy - ok
11:44:03.0766 5940Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:44:03.0809 5940Ntfs - ok
11:44:03.0914 5940Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:44:03.0971 5940Null - ok
11:44:03.0990 5940nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:44:04.0006 5940nvraid - ok
11:44:04.0019 5940nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:44:04.0036 5940nvstor - ok
11:44:04.0052 5940nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:44:04.0068 5940nv_agp - ok
11:44:04.0087 5940ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:44:04.0113 5940ohci1394 - ok
11:44:04.0313 5940OS Selector (9bfd0a072459782e3638362a4473e283) C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
11:44:04.0362 5940OS Selector - ok
11:44:04.0451 5940ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:44:04.0464 5940ose - ok
11:44:04.0764 5940osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:44:04.0865 5940osppsvc - ok
11:44:04.0989 5940p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:44:05.0024 5940p2pimsvc - ok
11:44:05.0070 5940p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:44:05.0090 5940p2psvc - ok
11:44:05.0137 5940Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:44:05.0152 5940Parport - ok
11:44:05.0195 5940partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:44:05.0209 5940partmgr - ok
11:44:05.0249 5940PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:44:05.0278 5940PcaSvc - ok
11:44:05.0297 5940pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:44:05.0314 5940pci - ok
11:44:05.0325 5940pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:44:05.0339 5940pciide - ok
11:44:05.0365 5940pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:44:05.0383 5940pcmcia - ok
11:44:05.0404 5940pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:44:05.0418 5940pcw - ok
11:44:05.0458 5940PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:44:05.0515 5940PEAUTH - ok
11:44:05.0586 5940PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:44:05.0616 5940PerfHost - ok
11:44:05.0737 5940pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:44:05.0806 5940pla - ok
11:44:05.0843 5940PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:44:05.0882 5940PlugPlay - ok
11:44:05.0907 5940PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:44:05.0939 5940PNRPAutoReg - ok
11:44:05.0963 5940PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:44:05.0982 5940PNRPsvc - ok
11:44:06.0022 5940PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:44:06.0084 5940PolicyAgent - ok
11:44:06.0114 5940Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:44:06.0173 5940Power - ok
11:44:06.0230 5940PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:44:06.0281 5940PptpMiniport - ok
11:44:06.0294 5940Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:44:06.0318 5940Processor - ok
11:44:06.0362 5940ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:44:06.0422 5940ProfSvc - ok
11:44:06.0466 5940ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:44:06.0481 5940ProtectedStorage - ok
11:44:06.0513 5940Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:44:06.0571 5940Psched - ok
11:44:06.0766 5940ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:44:06.0807 5940ql2300 - ok
11:44:06.0928 5940ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:44:06.0944 5940ql40xx - ok
11:44:06.0973 5940QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:44:06.0996 5940QWAVE - ok
11:44:07.0014 5940QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:44:07.0051 5940QWAVEdrv - ok
11:44:07.0071 5940RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:44:07.0117 5940RasAcd - ok
11:44:07.0145 5940RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:44:07.0202 5940RasAgileVpn - ok
11:44:07.0228 5940RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:44:07.0277 5940RasAuto - ok
11:44:07.0294 5940Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:44:07.0346 5940Rasl2tp - ok
11:44:07.0381 5940RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:44:07.0437 5940RasMan - ok
11:44:07.0465 5940RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:44:07.0516 5940RasPppoe - ok
11:44:07.0536 5940RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:44:07.0578 5940RasSstp - ok
11:44:07.0598 5940rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:44:07.0654 5940rdbss - ok
11:44:07.0680 5940rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:44:07.0711 5940rdpbus - ok
11:44:07.0726 5940RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:44:07.0767 5940RDPCDD - ok
11:44:07.0777 5940RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:44:07.0824 5940RDPENCDD - ok
11:44:07.0840 5940RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:44:07.0881 5940RDPREFMP - ok
11:44:07.0933 5940RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:44:07.0962 5940RDPWD - ok
11:44:07.0997 5940rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:44:08.0015 5940rdyboost - ok
11:44:08.0032 5940RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:44:08.0091 5940RemoteAccess - ok
11:44:08.0126 5940RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:44:08.0181 5940RemoteRegistry - ok
11:44:08.0252 5940rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe
11:44:08.0265 5940rpcapd - ok
11:44:08.0279 5940RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:44:08.0333 5940RpcEptMapper - ok
11:44:08.0353 5940RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:44:08.0368 5940RpcLocator - ok
11:44:08.0414 5940RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:44:08.0462 5940RpcSs - ok
11:44:08.0491 5940rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:44:08.0540 5940rspndr - ok
11:44:08.0567 5940SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:44:08.0581 5940SamSs - ok
11:44:08.0602 5940sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:44:08.0617 5940sbp2port - ok
11:44:08.0656 5940SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:44:08.0701 5940SCardSvr - ok
11:44:08.0719 5940scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:44:08.0776 5940scfilter - ok
11:44:08.0839 5940Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:44:08.0905 5940Schedule - ok
11:44:08.0931 5940SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:44:08.0972 5940SCPolicySvc - ok
11:44:09.0004 5940sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
11:44:09.0033 5940sdbus - ok
11:44:09.0065 5940SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:44:09.0091 5940SDRSVC - ok
11:44:09.0115 5940secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:44:09.0162 5940secdrv - ok
11:44:09.0179 5940seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:44:09.0229 5940seclogon - ok
11:44:09.0257 5940SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:44:09.0313 5940SENS - ok
11:44:09.0336 5940SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:44:09.0380 5940SensrSvc - ok
11:44:09.0405 5940Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:44:09.0429 5940Serenum - ok
11:44:09.0448 5940Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:44:09.0476 5940Serial - ok
11:44:09.0500 5940sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:44:09.0530 5940sermouse - ok
11:44:09.0595 5940SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:44:09.0653 5940SessionEnv - ok
11:44:09.0672 5940sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:44:09.0706 5940sffdisk - ok
11:44:09.0723 5940sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:44:09.0753 5940sffp_mmc - ok
11:44:09.0768 5940sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:44:09.0801 5940sffp_sd - ok
11:44:09.0816 5940sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:44:09.0837 5940sfloppy - ok
11:44:09.0886 5940SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:44:09.0951 5940SharedAccess - ok
11:44:09.0992 5940ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:44:10.0055 5940ShellHWDetection - ok
11:44:10.0067 5940SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:44:10.0081 5940SiSRaid2 - ok
11:44:10.0112 5940SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:44:10.0127 5940SiSRaid4 - ok
11:44:10.0193 5940SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:44:10.0206 5940SkypeUpdate - ok
11:44:10.0223 5940Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:44:10.0272 5940Smb - ok
11:44:10.0338 5940snapman (427c2b34bf4dd4f813da4c0df154cc94) C:\Windows\system32\DRIVERS\snapman.sys
11:44:10.0353 5940snapman - ok
11:44:10.0378 5940SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:44:10.0409 5940SNMPTRAP - ok
11:44:10.0433 5940Soluto (f9369327409492097b0bb7ce86bd29de) C:\Windows\system32\DRIVERS\Soluto.sys
11:44:10.0447 5940Soluto - ok
11:44:10.0532 5940SolutoService (ed8397986be35c11bfb321636d6991ee) C:\Program Files\Soluto\SolutoService.exe
11:44:10.0554 5940SolutoService - ok
11:44:10.0578 5940spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:44:10.0592 5940spldr - ok
11:44:10.0651 5940Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:44:10.0700 5940Spooler - ok
11:44:10.0867 5940sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:44:10.0966 5940sppsvc - ok
11:44:11.0072 5940sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:44:11.0127 5940sppuinotify - ok
11:44:11.0199 5940srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:44:11.0248 5940srv - ok
11:44:11.0277 5940srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:44:11.0302 5940srv2 - ok
11:44:11.0320 5940srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:44:11.0343 5940srvnet - ok
11:44:11.0375 5940SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:44:11.0426 5940SSDPSRV - ok
11:44:11.0441 5940SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:44:11.0486 5940SstpSvc - ok
11:44:11.0543 5940Steam Client Service - ok
11:44:11.0588 5940stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:44:11.0601 5940stexstor - ok
11:44:11.0646 5940stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:44:11.0675 5940stisvc - ok
11:44:11.0686 5940swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:44:11.0700 5940swenum - ok
11:44:11.0762 5940SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:44:11.0790 5940SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
11:44:11.0790 5940SwitchBoard - detected UnsignedFile.Multi.Generic (1)
11:44:11.0828 5940swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:44:11.0877 5940swprv - ok
11:44:11.0922 5940SynTP (57b534a913e81e7cf91c3d5854d2f80e) C:\Windows\system32\DRIVERS\SynTP.sys
11:44:11.0940 5940SynTP - ok
11:44:12.0036 5940SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:44:12.0096 5940SysMain - ok
11:44:12.0191 5940TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:44:12.0213 5940TabletInputService - ok
11:44:12.0241 5940TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:44:12.0300 5940TapiSrv - ok
11:44:12.0324 5940TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:44:12.0368 5940TBS - ok
11:44:12.0512 5940Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:44:12.0561 5940Tcpip - ok
11:44:12.0774 5940TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:44:12.0822 5940TCPIP6 - ok
11:44:12.0988 5940tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:44:13.0035 5940tcpipreg - ok
11:44:13.0061 5940TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:44:13.0093 5940TDPIPE - ok
11:44:13.0129 5940TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:44:13.0157 5940TDTCP - ok
11:44:13.0192 5940tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:44:13.0241 5940tdx - ok
11:44:13.0440 5940TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:44:13.0499 5940TeamViewer7 - ok
11:44:13.0610 5940TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:44:13.0624 5940TermDD - ok
11:44:13.0677 5940TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:44:13.0742 5940TermService - ok
11:44:13.0762 5940Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:44:13.0783 5940Themes - ok
11:44:13.0813 5940THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:44:13.0856 5940THREADORDER - ok
11:44:13.0885 5940TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:44:13.0928 5940TrkWks - ok
11:44:13.0983 5940TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:44:14.0037 5940TrustedInstaller - ok
11:44:14.0052 5940tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:44:14.0099 5940tssecsrv - ok
11:44:14.0133 5940TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:44:14.0151 5940TsUsbFlt - ok
11:44:14.0156 5940TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:44:14.0181 5940TsUsbGD - ok
11:44:14.0203 5940tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:44:14.0258 5940tunnel - ok
11:44:14.0264 5940uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:44:14.0279 5940uagp35 - ok
11:44:14.0314 5940udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:44:14.0372 5940udfs - ok
11:44:14.0402 5940UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:44:14.0418 5940UI0Detect - ok
11:44:14.0434 5940uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:44:14.0448 5940uliagpkx - ok
11:44:14.0475 5940umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:44:14.0489 5940umbus - ok
11:44:14.0506 5940UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:44:14.0527 5940UmPass - ok
11:44:14.0576 5940upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:44:14.0640 5940upnphost - ok
11:44:14.0685 5940USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
11:44:14.0725 5940USBAAPL64 - ok
11:44:14.0772 5940usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
11:44:14.0797 5940usbaudio - ok
11:44:14.0833 5940usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:44:14.0847 5940usbccgp - ok
11:44:14.0863 5940usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:44:14.0881 5940usbcir - ok
11:44:14.0893 5940usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:44:14.0916 5940usbehci - ok
11:44:14.0942 5940usbfilter (b7037444dc5138fc7d3d3968b4de5c4b) C:\Windows\system32\DRIVERS\usbfilter.sys
11:44:14.0954 5940usbfilter - ok
11:44:14.0983 5940usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
11:44:15.0008 5940usbhub - ok
11:44:15.0045 5940usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:44:15.0073 5940usbohci - ok
11:44:15.0092 5940usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:44:15.0125 5940usbprint - ok
11:44:15.0159 5940usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:44:15.0176 5940usbscan - ok
11:44:15.0210 5940USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:44:15.0246 5940USBSTOR - ok
11:44:15.0262 5940usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:44:15.0290 5940usbuhci - ok
11:44:15.0309 5940usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:44:15.0328 5940usbvideo - ok
11:44:15.0363 5940UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:44:15.0419 5940UxSms - ok
11:44:15.0445 5940VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:44:15.0459 5940VaultSvc - ok
11:44:15.0470 5940vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:44:15.0484 5940vdrvroot - ok
11:44:15.0518 5940vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:44:15.0575 5940vds - ok
11:44:15.0609 5940vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:44:15.0627 5940vga - ok
11:44:15.0645 5940VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:44:15.0694 5940VgaSave - ok
11:44:15.0794 5940vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:44:15.0811 5940vhdmp - ok
11:44:15.0816 5940viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:44:15.0830 5940viaide - ok
11:44:15.0845 5940volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:44:15.0859 5940volmgr - ok
11:44:15.0902 5940volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:44:15.0922 5940volmgrx - ok
11:44:15.0953 5940volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:44:15.0972 5940volsnap - ok
11:44:15.0993 5940vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:44:16.0009 5940vsmraid - ok
11:44:16.0115 5940VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:44:16.0185 5940VSS - ok
11:44:16.0299 5940vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:44:16.0331 5940vwifibus - ok
11:44:16.0350 5940vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:44:16.0384 5940vwififlt - ok
11:44:16.0435 5940W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:44:16.0483 5940W32Time - ok
11:44:16.0512 5940WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:44:16.0542 5940WacomPen - ok
11:44:16.0562 5940WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:44:16.0611 5940WANARP - ok
11:44:16.0615 5940Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:44:16.0655 5940Wanarpv6 - ok
11:44:16.0742 5940WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:44:16.0777 5940WatAdminSvc - ok
11:44:16.0875 5940wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:44:16.0923 5940wbengine - ok
11:44:17.0036 5940WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:44:17.0074 5940WbioSrvc - ok
11:44:17.0108 5940wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:44:17.0140 5940wcncsvc - ok
11:44:17.0154 5940WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:44:17.0182 5940WcsPlugInService - ok
11:44:17.0238 5940Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:44:17.0251 5940Wd - ok
11:44:17.0298 5940Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:44:17.0324 5940Wdf01000 - ok
11:44:17.0348 5940WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:44:17.0430 5940WdiServiceHost - ok
11:44:17.0434 5940WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:44:17.0456 5940WdiSystemHost - ok
11:44:17.0478 5940WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:44:17.0514 5940WebClient - ok
11:44:17.0539 5940Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:44:17.0599 5940Wecsvc - ok
11:44:17.0617 5940wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:44:17.0662 5940wercplsupport - ok
11:44:17.0679 5940WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:44:17.0724 5940WerSvc - ok
11:44:17.0769 5940WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:44:17.0811 5940WfpLwf - ok
11:44:17.0835 5940WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:44:17.0849 5940WIMMount - ok
11:44:17.0889 5940WinDefend - ok
11:44:17.0999 5940WindowBlinds (97c7f30787a30cfa760b0247631a5463) C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
11:44:18.0016 5940WindowBlinds - ok
11:44:18.0076 5940WindowFX (f8265dc5b3f30879030f12fefe113f45) C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\WindowFXSRV.exe
11:44:18.0090 5940WindowFX - ok
11:44:18.0101 5940WinHttpAutoProxySvc - ok
11:44:18.0165 5940Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:44:18.0209 5940Winmgmt - ok
11:44:18.0326 5940WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:44:18.0393 5940WinRM - ok
11:44:18.0520 5940WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:44:18.0558 5940WinUsb - ok
11:44:18.0622 5940Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:44:18.0670 5940Wlansvc - ok
11:44:18.0733 5940wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:44:18.0745 5940wlcrasvc - ok
11:44:18.0911 5940wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:44:18.0963 5940wlidsvc - ok
11:44:19.0035 5940wltrysvc - ok
11:44:19.0077 5940WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:44:19.0102 5940WmiAcpi - ok
11:44:19.0164 5940wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:44:19.0195 5940wmiApSrv - ok
11:44:19.0223 5940WMPNetworkSvc - ok
11:44:19.0252 5940WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:44:19.0282 5940WPCSvc - ok
11:44:19.0308 5940WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:44:19.0326 5940WPDBusEnum - ok
11:44:19.0354 5940ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:44:19.0395 5940ws2ifsl - ok
11:44:19.0414 5940wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:44:19.0451 5940wscsvc - ok
11:44:19.0455 5940WSearch - ok
11:44:19.0587 5940wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
11:44:19.0673 5940wuauserv - ok
11:44:19.0789 5940WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:44:19.0863 5940WudfPf - ok
11:44:19.0896 5940WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:44:19.0938 5940WUDFRd - ok
11:44:19.0965 5940wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:44:20.0007 5940wudfsvc - ok
11:44:20.0027 5940WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:44:20.0065 5940WwanSvc - ok
11:44:20.0086 5940MBR (0x1B8) (3e0a9b8449a315e0044be2adf3d12596) \Device\Harddisk0\DR0
11:44:21.0075 5940\Device\Harddisk0\DR0 - ok
11:44:21.0104 5940Boot (0x1200) (84ba7c8dbbc60c88de76c61c23eac360) \Device\Harddisk0\DR0\Partition0
11:44:21.0106 5940\Device\Harddisk0\DR0\Partition0 - ok
11:44:21.0143 5940Boot (0x1200) (e597a7b36cf16d4b4b4e757758ba1d4e) \Device\Harddisk0\DR0\Partition1
11:44:21.0144 5940\Device\Harddisk0\DR0\Partition1 - ok
11:44:21.0145 5940============================================================
11:44:21.0145 5940Scan finished
11:44:21.0145 5940============================================================
11:44:21.0157 4248Detected object count: 1
11:44:21.0157 4248Actual detected object count: 1
11:44:31.0665 4248SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
11:44:31.0665 4248SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

 

[Broni]

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

• • 
    Startup Repair
    System Restore
    Windows Complete PC Restore
    Windows Memory Diagnostic Tool
    Command Prompt
• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

 

[Yellow77]

Scan result of Farbar Recovery Scan Tool Version: 16-06-2012
Ran by SYSTEM at 16-06-2012 13:40:29
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet002

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12681320 2011-08-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2830120 2011-10-03] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [KeyLemon LemonScreen] C:\Program Files\KeyLemon\KLLockEngine.exe atstartup [992576 2012-04-30] ()
HKLM\...\Run: [KeyLemon Updater] C:\Program Files\KeyLemon\KLUpdater.exe [702272 2012-04-30] ()
HKLM\...\Run: [DVD or CD Sharing] "F:\DVD Sharing\ODSAgent.exe" [x]
HKLM\...\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [5889816 2011-12-07] (Logitech Inc.)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY [x]
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKU\LucasLAP\...\Run: [RK Launcher] "C:\Program Files (x86)\RK Launcher\RKLauncher.exe" [708608 2007-03-16] (RaduKing)
HKU\LucasLAP\...\Run: [AdobeBridge] [x]
HKU\LucasLAP\...\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun [4527424 2011-08-16] (DT Soft Ltd)
HKU\LucasLAP\...\Run: [XWidget] C:\Program Files (x86)\XWidget\xwidget.exe [4920832 2012-02-17] (xwidget.com)
HKU\LucasLAP\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17148552 2012-02-29] (Skype Technologies S.A.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit [1716784 2012-04-24] (Soluto)
Winlogon\Notify\WB: C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll [X]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
AppInit_DLLs: RemoveFocusRect.dll
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\All Users\Start Menu\Programs\Startup\RescueTime.lnk
ShortcutTarget: RescueTime.lnk -> C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.)
Startup: C:\Users\LucasLAP\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\LucasLAP\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

==================== Services (Whitelisted) ======

2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
2 OS Selector; "C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe" [2139400 2010-05-25] ()
2 SolutoService; "C:\Program Files\Soluto\SolutoService.exe" [584224 2012-04-24] (Soluto)
2 WindowBlinds; C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe [337144 2009-06-04] (Stardock Corporation)
2 WindowFX; C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\WindowFXSRV.exe [185648 2011-04-11] (Stardock Corporation)
2 wltrysvc; C:\Windows\SysWow64\wltrysvc.exe C:\Windows\SysWow64\bcmwltry.exe [827499 2004-12-21] (Broadcom Corporation)
3 rpcapd; "C:\Program Files (x86)\WinPcap\rpcapd.exe" -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" [x]

========================== Drivers (Whitelisted) =============

1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [271424 2012-02-16] (DT Soft Ltd)
3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCamd64.sys [410184 2011-04-11] (Logitech)
3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRamd64.sys [341832 2011-04-11] (Logitech)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
1 mxshflli; C:\Windows\System32\Drivers\mxshflli.sys [50000 2012-06-16] (Microsoft Corporation)
2 NPF; C:\Windows\System32\Drivers\NPF.sys [35344 2010-06-25] (CACE Technologies, Inc.)
0 snapman; C:\Windows\System32\Drivers\snapman.sys [276576 2012-02-15] (Acronis)
0 Soluto; C:\Windows\System32\Drivers\Soluto.sys [54728 2012-04-24] (Soluto LTD.)
3 ALSysIO; \??\C:\Users\LucasLAP\AppData\Local\Temp\ALSysIO64.sys [x]
3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [x]
3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [x]
3 bScsiMSa; C:\Windows\System32\DRIVERS\bScsiMSa.sys [x]
3 bScsiSDa; C:\Windows\System32\DRIVERS\bScsiSDa.sys [x]
3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-16 13:40 - 2012-06-16 13:40 - 00000000 ____D C:\FRST
2012-06-16 07:45 - 2012-06-16 07:45 - 00127602 ____A C:\Users\LucasLAP\Desktop\kaspersky_rootkit_log.txt
2012-06-16 07:42 - 2012-06-16 07:45 - 00255288 ____A C:\TDSSKiller.2.7.40.0_16.06.2012_11.42.16_log.txt
2012-06-16 07:41 - 2012-06-16 07:41 - 02109032 ____A C:\Users\LucasLAP\Downloads\tdsskiller.zip
2012-06-16 07:38 - 2012-06-16 07:39 - 00000000 ____D C:\Users\LucasLAP\Desktop\Underground Survival
2012-06-16 05:54 - 2012-06-16 07:41 - 00000000 ____D C:\Users\LucasLAP\Desktop\Virus Help Stuff
2012-06-16 00:20 - 2012-06-16 00:20 - 00050000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mxshflli.sys
2012-06-15 17:41 - 2012-06-15 17:41 - 00000000 ____D C:\Program Files (x86)\HiJackThis
2012-06-15 17:39 - 2012-06-15 17:40 - 16409960 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\spybotsd162.exe
2012-06-15 17:39 - 2012-06-15 17:40 - 07966432 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\runalyz-1.6.1.24.exe
2012-06-15 17:39 - 2012-06-15 17:39 - 04333832 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\filealyz-2.0.5.57.exe
2012-06-15 17:39 - 2012-06-15 17:39 - 01752632 ____A (Safer-Networking Ltd. ) C:\Users\LucasLAP\Downloads\regalyz-1.6.2.16.exe
2012-06-15 17:38 - 2012-06-15 17:38 - 01402880 ____A C:\Users\LucasLAP\Downloads\HijackThis.msi
2012-06-15 17:14 - 2012-06-15 17:14 - 04731392 ____A (AVAST Software) C:\Users\LucasLAP\Downloads\aswMBR.exe
2012-06-15 17:12 - 2012-06-15 17:12 - 00044607 ____A C:\Users\LucasLAP\Downloads\bootkit_remover.zip
2012-06-15 14:20 - 2012-06-15 14:20 - 00302592 ____A C:\Users\LucasLAP\Downloads\enlccdcs.exe
2012-06-15 13:18 - 2012-06-15 13:18 - 00302592 ____A C:\Users\LucasLAP\Downloads\3n3tpxu8.exe
2012-06-15 13:13 - 2012-06-15 13:13 - 00302592 ____A C:\Users\LucasLAP\Downloads\vog1wqt8.exe
2012-06-15 13:06 - 2012-06-15 13:06 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Malwarebytes
2012-06-15 13:05 - 2012-06-15 13:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-15 13:05 - 2012-06-15 13:05 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-15 13:05 - 2012-04-04 11:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-15 13:03 - 2012-06-15 13:03 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\LucasLAP\Downloads\mbam-setup-1.61.0.1400.exe
2012-06-15 12:59 - 2012-06-15 12:59 - 00595968 ____A (OldTimer Tools) C:\Users\LucasLAP\Downloads\OTL.exe
2012-06-15 12:36 - 2012-06-15 12:36 - 12621696 ____A (Microsoft Corporation) C:\Users\LucasLAP\Downloads\mseinstall.exe
2012-06-15 06:59 - 2012-06-15 06:59 - 00220264 ____A C:\Users\LucasLAP\Desktop\Tina Gale regarding virgin account.pdf
2012-06-15 06:42 - 2012-06-15 06:42 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-15 06:33 - 2012-06-15 06:35 - 00006516 ____A C:\Users\LucasLAP\Documents\GALog.txt
2012-06-15 06:17 - 2012-06-15 06:17 - 00017039 ____A C:\Users\LucasLAP\Downloads\[isoHunt] Splice.v1.0.cracked-THETA.torrent
2012-06-15 03:45 - 2012-06-15 03:45 - 00364373 ____A C:\Users\LucasLAP\Downloads\PDF_519280934_6_2012-06-08_0000000000.pdf
2012-06-15 03:40 - 2012-06-15 03:40 - 00002466 ____A C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
2012-06-15 03:39 - 2012-06-15 03:39 - 00000000 ____D C:\Program Files (x86)\Perfect World Entertainment
2012-06-15 03:38 - 2012-06-15 03:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2012-06-15 03:37 - 2012-06-15 03:37 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-06-15 03:37 - 2012-06-15 03:37 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-06-15 03:37 - 2012-06-15 03:37 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-06-15 03:37 - 2011-12-19 11:16 - 03130440 ____A C:\Windows\SysWOW64\pbsvc_blr.exe
2012-06-15 03:27 - 2012-06-15 03:34 - 00000000 ____D C:\Users\LucasLAP\Desktop\BLR
2012-06-14 19:19 - 2012-06-15 02:52 - 00000000 ____D C:\Users\LucasLAP\Downloads\Battleship (2012) DVDRip XviD-AMIABLE
2012-06-14 18:42 - 2012-06-14 18:42 - 00015126 ____A C:\Users\LucasLAP\Downloads\[isoHunt] 2331664.torrent
2012-06-14 18:42 - 2012-06-14 18:42 - 00014641 ____A C:\Users\LucasLAP\Downloads\[isoHunt] Battleship (2012) DVDRip XviD-AMIABLE.torrent
2012-06-14 18:41 - 2012-06-14 18:41 - 00032397 ____A C:\Users\LucasLAP\Downloads\[isoHunt] [UsaBit.com] - BattleShip.2012.REPACK.TS.XViD.AC3-ADTRG.torrent
2012-06-14 18:18 - 2012-06-15 14:15 - 00000000 ____D C:\Users\LucasLAP\Downloads\Sherlock Holmes in the 22nd Century
2012-06-14 18:09 - 2012-06-14 18:09 - 00050000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\renhhncu.sys
2012-06-14 16:47 - 2012-06-14 16:47 - 00000000 ____D C:\Users\LucasLAP\Documents\Disney Interactive Studios
2012-06-14 16:33 - 2012-06-14 16:33 - 00000000 ____D C:\Program Files (x86)\Disney Interactive Studios
2012-06-14 16:20 - 2012-06-14 16:20 - 00058431 ____A C:\Users\LucasLAP\Downloads\[isoHunt] download.torrent
2012-06-14 05:33 - 2012-06-14 06:10 - 1406372372 ____A C:\Users\LucasLAP\Desktop\Sherlock Holmes A Game of Shadows.avi
2012-06-13 06:24 - 2012-06-13 06:24 - 00082372 ____A C:\Users\LucasLAP\Downloads\water_shader_v5b1.2.5.zip
2012-06-12 23:00 - 2012-05-17 18:47 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-12 23:00 - 2012-05-17 18:16 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-12 23:00 - 2012-05-17 18:06 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-12 23:00 - 2012-05-17 17:59 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-12 23:00 - 2012-05-17 17:59 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-12 23:00 - 2012-05-17 17:58 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-12 23:00 - 2012-05-17 17:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-12 23:00 - 2012-05-17 17:56 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-12 23:00 - 2012-05-17 17:55 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-12 23:00 - 2012-05-17 17:55 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-12 23:00 - 2012-05-17 17:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-12 23:00 - 2012-05-17 17:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-12 23:00 - 2012-05-17 17:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-12 23:00 - 2012-05-17 17:47 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-12 23:00 - 2012-05-17 15:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-12 23:00 - 2012-05-17 14:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-12 23:00 - 2012-05-17 14:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-12 23:00 - 2012-05-17 14:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-12 23:00 - 2012-05-17 14:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-12 23:00 - 2012-05-17 14:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-12 23:00 - 2012-05-17 14:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-12 23:00 - 2012-05-17 14:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-12 23:00 - 2012-05-17 14:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-12 23:00 - 2012-05-17 14:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-12 23:00 - 2012-05-17 14:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-12 23:00 - 2012-05-17 14:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-12 23:00 - 2012-05-17 14:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-12 23:00 - 2012-05-17 14:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-12 16:44 - 2012-06-13 23:33 - 00000000 ____D C:\Users\LucasLAP\Downloads\Split.Second.Velocity-RELOADED
2012-06-12 14:32 - 2012-06-12 14:32 - 10957278 ____A C:\Users\LucasLAP\Downloads\2wire_reinstall_voice_5.29.117.3.2sp
2012-06-12 11:30 - 2012-05-14 17:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-12 11:30 - 2012-05-04 03:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-12 11:30 - 2012-05-04 02:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-12 11:30 - 2012-05-04 02:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-12 11:30 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-12 11:30 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-12 11:30 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-12 11:30 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-12 11:30 - 2012-04-23 21:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-12 11:30 - 2012-04-23 21:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-12 11:30 - 2012-04-23 21:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-12 11:30 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-12 11:30 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-12 11:30 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-12 11:30 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-12 11:30 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-12 11:29 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-11 06:23 - 2012-06-15 06:47 - 00000000 ____D C:\Users\LucasLAP\Desktop\Elemental Rangers
2012-06-11 06:04 - 2012-06-14 08:00 - 4294315852 ____A C:\Users\LucasLAP\Downloads\BLR_0960.exe
2012-06-11 06:04 - 2012-06-11 06:04 - 03130440 ____A C:\Users\LucasLAP\Downloads\pbsvc_blr.exe
2012-06-11 06:04 - 2012-06-11 06:04 - 00021249 ____A C:\Users\LucasLAP\Downloads\BLR_0960_final.exe.torrent
2012-06-09 06:27 - 2012-06-09 06:27 - 01404782 ____A C:\Users\LucasLAP\Downloads\2273346-3.png
2012-06-08 08:57 - 2012-06-08 08:57 - 00848610 ____A C:\Users\LucasLAP\Downloads\MW3sa_reporting_tool.zip
2012-06-07 14:31 - 2012-06-07 14:31 - 00038400 ____A C:\Users\LucasLAP\Desktop\Resume 2012'.doc
2012-06-07 14:31 - 2012-06-07 14:31 - 00022662 ____A C:\Users\LucasLAP\Desktop\Resume 2012'.pdf
2012-06-07 04:20 - 2012-06-07 04:20 - 00419488 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-04 14:42 - 2012-06-04 14:42 - 00024344 ____A C:\Users\LucasLAP\Downloads\VICTOR TIME SHEET.pdf
2012-06-03 20:20 - 2012-06-03 20:20 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\Evernote
2012-06-03 20:19 - 2012-06-03 20:19 - 00000000 ____D C:\Program Files (x86)\Evernote
2012-06-03 19:56 - 2012-06-03 19:57 - 50045792 ____A (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Users\LucasLAP\Downloads\Evernote_4.5.6.6884.exe
2012-06-03 18:43 - 2012-06-03 18:43 - 00009956 ____A C:\Users\LucasLAP\Downloads\SimpleBackup.jar
2012-06-03 18:36 - 2012-06-03 18:36 - 00008287 ____A C:\Users\LucasLAP\Downloads\materials.txt
2012-06-03 18:32 - 2012-06-03 18:32 - 00364402 ____A C:\Users\LucasLAP\Downloads\Transporter.jar
2012-06-03 18:31 - 2012-06-03 18:31 - 00023442 ____A C:\Users\LucasLAP\Downloads\TreeAssist.jar
2012-06-03 16:53 - 2012-06-03 16:53 - 00000071 ____A C:\Users\LucasLAP\Downloads\PhotoLapse.ini
2012-06-03 15:45 - 2012-06-03 15:45 - 00155648 ____A (http://home.hccnet.nl/s.vd.palen) C:\Users\LucasLAP\Downloads\PhotoLapse.exe
2012-06-03 15:37 - 2012-06-03 15:37 - 00306151 ____A C:\Users\LucasLAP\Downloads\MakeAVI-0.11.zip
2012-06-03 13:19 - 2012-06-03 13:21 - 23885431 ____A C:\Users\LucasLAP\Downloads\Quicktime.rar
2012-06-03 13:19 - 2012-06-03 13:19 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-06-03 13:17 - 2012-06-03 13:18 - 00000000 ____D C:\Users\LucasLAP\Downloads\QuickTime 7 Pro
2012-06-03 13:16 - 2012-06-03 13:17 - 39483256 ____A (Apple Inc.) C:\Users\LucasLAP\Downloads\QuickTimeInstaller.exe
2012-06-03 09:20 - 2012-06-03 09:20 - 08516016 ____A C:\Users\LucasLAP\Downloads\CNBsBUDSwitches.zip
2012-06-03 09:04 - 2012-06-03 09:04 - 00211602 ____A C:\Users\LucasLAP\Downloads\Minisentry.png
2012-06-03 09:04 - 2012-06-03 09:04 - 00119695 ____A C:\Users\LucasLAP\Downloads\Lvl3sentry.png
2012-06-03 09:03 - 2012-06-03 09:03 - 00148065 ____A C:\Users\LucasLAP\Downloads\Lvl2sentry.png
2012-06-03 09:03 - 2012-06-03 09:03 - 00127534 ____A C:\Users\LucasLAP\Downloads\Lvl1sentry.png
2012-06-03 09:01 - 2012-06-03 09:01 - 00102784 ____A C:\Users\LucasLAP\Downloads\350px-Engywithsg.png
2012-06-02 20:16 - 2012-06-02 20:16 - 00000000 ____D C:\Program Files (x86)\WinPcap
2012-06-02 20:02 - 2012-06-02 20:05 - 06009145 ____A C:\Users\LucasLAP\Downloads\MW3SA_normal.zip
2012-06-02 07:10 - 2012-06-02 07:10 - 00910093 ____A C:\Users\LucasLAP\Downloads\LightDetector-1.3.jar
2012-06-02 04:39 - 2012-06-02 04:40 - 02907377 ____A C:\Users\LucasLAP\Downloads\Automatic Street Lights.zip
2012-06-02 04:39 - 2012-06-02 04:39 - 00614991 ____A C:\Users\LucasLAP\Downloads\Redstone Logic World.zip
2012-06-01 05:47 - 2012-06-01 05:48 - 18020936 ____A (PortableApps.com) C:\Users\LucasLAP\Downloads\FirefoxPortable_12.0_English.paf.exe
2012-06-01 05:32 - 2012-06-01 05:32 - 00001332 ____A C:\Users\LucasLAP\Downloads\awsomenew.png
2012-06-01 05:27 - 2012-06-01 05:28 - 26883364 ____A C:\Users\LucasLAP\Downloads\Project_Soul.zip
2012-05-31 04:59 - 2012-05-31 04:59 - 10069368 ____A C:\Users\LucasLAP\Downloads\65d1ffc4-0a45-4bab-85b8-99424d3c2301.zip
2012-05-30 16:27 - 2012-05-30 16:34 - 97793348 ____A C:\Users\LucasLAP\Downloads\C64GVA200-24-SpyHunter.avi
2012-05-30 06:32 - 2011-12-22 17:49 - 00836570 ____A C:\Users\LucasLAP\Desktop\UserGuide.pdf
2012-05-29 14:50 - 2012-05-29 14:51 - 00039936 __ASH C:\Users\LucasLAP\Documents\Thumbs.db
2012-05-29 08:06 - 2012-05-29 08:06 - 01391104 ____A C:\Users\LucasLAP\Downloads\apploc.msi
2012-05-29 07:57 - 2012-06-15 13:21 - 00000000 ____D C:\Users\LucasLAP\Documents\Camera
2012-05-29 07:54 - 2012-05-29 07:54 - 04104894 ____A C:\Users\LucasLAP\Downloads\magiclantern-2011Dec22.550D.60D.600D.50D.500D.zip
2012-05-29 07:53 - 2012-05-29 07:53 - 13208991 ____A C:\Users\LucasLAP\Downloads\eos60d-v110-win.zip
2012-05-29 04:48 - 2012-05-29 04:48 - 00955848 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-05-29 04:48 - 2012-05-29 04:48 - 00839112 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-05-29 04:48 - 2012-05-29 04:48 - 00268744 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-05-29 04:48 - 2012-05-29 04:48 - 00189384 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-05-29 04:48 - 2012-05-29 04:48 - 00188872 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-05-29 04:48 - 2012-05-29 04:48 - 00000000 ____D C:\Program Files\Java
2012-05-29 04:08 - 2012-05-29 04:09 - 21865936 ____A (Oracle Corporation) C:\Users\LucasLAP\Downloads\jre-7u4-windows-x64 (1).exe
2012-05-28 18:40 - 2012-05-28 18:41 - 01741416 ____A C:\Users\LucasLAP\Downloads\tvm-sphnt.7z
2012-05-28 18:19 - 2012-05-28 18:19 - 01665069 ____A C:\Users\LucasLAP\Downloads\pm-shntr.7z
2012-05-28 09:50 - 2012-05-28 09:54 - 00000132 ____A C:\Users\LucasLAP\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-05-28 05:24 - 2012-05-28 05:25 - 08386590 ____A C:\Users\LucasLAP\Downloads\Soartex Fanver.zip
2012-05-27 15:44 - 2012-05-27 15:44 - 10250885 ____A C:\Users\LucasLAP\Downloads\MCEdit-0.1.1.win32.zip
2012-05-27 15:44 - 2012-05-27 15:44 - 01779847 ____A C:\Users\LucasLAP\Downloads\mcedit-mcedit-0.1.1-1-g41ea379.zip
2012-05-27 10:50 - 2012-05-27 10:50 - 00002027 ____A C:\Users\LucasLAP\Desktop\Adobe Photoshop Lightroom 4 64-bit.lnk
2012-05-27 10:48 - 2012-05-27 10:48 - 00832415 ____A C:\Users\LucasLAP\Downloads\slrlounge-lr4-preset-system-v1.1.zip
2012-05-24 18:49 - 2012-05-24 18:49 - 01572397 ____A C:\Users\LucasLAP\Downloads\mcpatcher-2.3.6_03.exe
2012-05-23 06:06 - 2012-06-15 14:15 - 00000000 ____D C:\Users\LucasLAP\Downloads\Tom Clancy's Ghost Recon - Future Soldier-SKIDROW
2012-05-22 19:28 - 2012-05-22 19:28 - 00000000 ____D C:\Users\LucasLAP\Documents\The Legend of Korra Episode 07
2012-05-22 19:18 - 2012-05-22 19:26 - 203055612 ____A C:\Users\LucasLAP\Downloads\284723987.rar
2012-05-22 15:37 - 2012-06-15 17:37 - 00000000 ____D C:\Users\LucasLAP\Downloads\Adobe.Photoshop.Lightroom.v4.0.Multilingual.Incl.Keymaker-CORE
2012-05-21 19:31 - 2012-05-21 19:33 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend of Korra S01E06 - And The Winner Is [360p]
2012-05-21 19:26 - 2012-05-22 16:04 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend of Korra - S01E05 - The Spirit of Competition [Full HD 720p]
2012-05-21 18:58 - 2012-05-21 19:10 - 199173025 ____A C:\Users\LucasLAP\Downloads\Legend.Of.Korra.HDTV.Episode.3.Korra.Page.HDPVR.Rip.mp4
2012-05-21 18:46 - 2012-05-21 19:35 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend of Korra - S01E04 - The Voice in the Night
2012-05-20 03:24 - 2012-05-20 03:24 - 00000000 ____D C:\Users\LucasLAP\Documents\bukkit update
2012-05-20 02:48 - 2012-05-20 02:48 - 00078093 ____A C:\Users\LucasLAP\Documents\slrlounge preset receipt.pdf
2012-05-19 03:36 - 2012-05-19 04:04 - 00000000 ____D C:\Users\LucasLAP\Downloads\Chronicle.2012.DVDRip.XviD-SPARKS
2012-05-19 03:34 - 2012-06-15 07:21 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\.minecraft
2012-05-19 03:33 - 2012-05-19 03:33 - 00016011 ____A C:\Users\LucasLAP\Downloads\minecraft_nude_pack.zip
2012-05-19 03:30 - 2012-05-19 03:30 - 00278561 ____A C:\Users\LucasLAP\Downloads\Minecraft (1).exe
2012-05-19 03:26 - 2012-05-19 03:26 - 02956302 ____A C:\Users\LucasLAP\Downloads\KSW_R2D2_Papercraft.pdf
2012-05-17 16:40 - 2012-05-17 16:40 - 00189727 ____A C:\Users\LucasLAP\Downloads\MinecraftPotionsClean.png
2012-05-17 16:18 - 2012-05-17 16:18 - 08067684 ____A C:\Users\LucasLAP\Downloads\world.zip
2012-05-17 14:03 - 2012-05-17 14:03 - 00178867 ____A C:\Users\LucasLAP\Downloads\missilecommand.dcr
2012-05-17 05:06 - 2012-05-17 05:06 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\digipen
2012-05-17 05:06 - 2012-05-17 05:06 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\digipen
2012-05-17 03:19 - 2012-05-17 03:19 - 00000000 ____D C:\Users\LucasLAP\Downloads\NitronicRush_OST

============ 3 Months Modified Files and Folders =============

2012-06-16 13:40 - 2012-06-16 13:40 - 00000000 ____D C:\FRST
2012-06-16 09:04 - 2012-02-11 12:53 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1201714936-502168034-2203405274-1000UA.job
2012-06-16 08:05 - 2009-07-13 21:13 - 00782270 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-16 08:04 - 2012-02-14 08:31 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Dropbox
2012-06-16 07:45 - 2012-06-16 07:45 - 00127602 ____A C:\Users\LucasLAP\Desktop\kaspersky_rootkit_log.txt
2012-06-16 07:45 - 2012-06-16 07:42 - 00255288 ____A C:\TDSSKiller.2.7.40.0_16.06.2012_11.42.16_log.txt
2012-06-16 07:41 - 2012-06-16 07:41 - 02109032 ____A C:\Users\LucasLAP\Downloads\tdsskiller.zip
2012-06-16 07:41 - 2012-06-16 05:54 - 00000000 ____D C:\Users\LucasLAP\Desktop\Virus Help Stuff
2012-06-16 07:39 - 2012-06-16 07:38 - 00000000 ____D C:\Users\LucasLAP\Desktop\Underground Survival
2012-06-16 06:52 - 2012-02-14 15:45 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Skype
2012-06-16 04:36 - 2011-12-27 18:24 - 01868449 ____A C:\Windows\WindowsUpdate.log
2012-06-16 00:26 - 2009-07-13 20:45 - 00024656 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-16 00:26 - 2009-07-13 20:45 - 00024656 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-16 00:20 - 2012-06-16 00:20 - 00050000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mxshflli.sys
2012-06-16 00:20 - 2012-02-14 15:13 - 00000000 ___RD C:\Users\LucasLAP\Dropbox
2012-06-16 00:19 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-16 00:19 - 2009-07-13 20:51 - 00076922 ____A C:\Windows\setupact.log
2012-06-16 00:18 - 2010-11-20 19:47 - 00037514 ____A C:\Windows\PFRO.log
2012-06-15 20:12 - 2012-02-13 18:26 - 00000000 ____D C:\Program Files (x86)\RK Launcher
2012-06-15 18:10 - 2012-02-11 12:53 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1201714936-502168034-2203405274-1000Core.job
2012-06-15 17:41 - 2012-06-15 17:41 - 00000000 ____D C:\Program Files (x86)\HiJackThis
2012-06-15 17:40 - 2012-06-15 17:39 - 16409960 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\spybotsd162.exe
2012-06-15 17:40 - 2012-06-15 17:39 - 07966432 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\runalyz-1.6.1.24.exe
2012-06-15 17:39 - 2012-06-15 17:39 - 04333832 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\filealyz-2.0.5.57.exe
2012-06-15 17:39 - 2012-06-15 17:39 - 01752632 ____A (Safer-Networking Ltd. ) C:\Users\LucasLAP\Downloads\regalyz-1.6.2.16.exe
2012-06-15 17:38 - 2012-06-15 17:38 - 01402880 ____A C:\Users\LucasLAP\Downloads\HijackThis.msi
2012-06-15 17:37 - 2012-05-22 15:37 - 00000000 ____D C:\Users\LucasLAP\Downloads\Adobe.Photoshop.Lightroom.v4.0.Multilingual.Incl.Keymaker-CORE
2012-06-15 17:14 - 2012-06-15 17:14 - 04731392 ____A (AVAST Software) C:\Users\LucasLAP\Downloads\aswMBR.exe
2012-06-15 17:12 - 2012-06-15 17:12 - 00044607 ____A C:\Users\LucasLAP\Downloads\bootkit_remover.zip
2012-06-15 14:20 - 2012-06-15 14:20 - 00302592 ____A C:\Users\LucasLAP\Downloads\enlccdcs.exe
2012-06-15 14:15 - 2012-06-14 18:18 - 00000000 ____D C:\Users\LucasLAP\Downloads\Sherlock Holmes in the 22nd Century
2012-06-15 14:15 - 2012-05-23 06:06 - 00000000 ____D C:\Users\LucasLAP\Downloads\Tom Clancy's Ghost Recon - Future Soldier-SKIDROW
2012-06-15 13:21 - 2012-05-29 07:57 - 00000000 ____D C:\Users\LucasLAP\Documents\Camera
2012-06-15 13:18 - 2012-06-15 13:18 - 00302592 ____A C:\Users\LucasLAP\Downloads\3n3tpxu8.exe
2012-06-15 13:13 - 2012-06-15 13:13 - 00302592 ____A C:\Users\LucasLAP\Downloads\vog1wqt8.exe
2012-06-15 13:06 - 2012-06-15 13:06 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Malwarebytes
2012-06-15 13:06 - 2012-06-15 13:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-15 13:05 - 2012-06-15 13:05 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-15 13:03 - 2012-06-15 13:03 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\LucasLAP\Downloads\mbam-setup-1.61.0.1400.exe
2012-06-15 12:59 - 2012-06-15 12:59 - 00595968 ____A (OldTimer Tools) C:\Users\LucasLAP\Downloads\OTL.exe
2012-06-15 12:36 - 2012-06-15 12:36 - 12621696 ____A (Microsoft Corporation) C:\Users\LucasLAP\Downloads\mseinstall.exe
2012-06-15 12:22 - 2012-03-07 11:35 - 00026844 ____A C:\Windows\AutoKMS.log
2012-06-15 12:21 - 2012-02-13 16:25 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\uTorrent
2012-06-15 07:21 - 2012-05-19 03:34 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\.minecraft
2012-06-15 06:59 - 2012-06-15 06:59 - 00220264 ____A C:\Users\LucasLAP\Desktop\Tina Gale regarding virgin account.pdf
2012-06-15 06:47 - 2012-06-11 06:23 - 00000000 ____D C:\Users\LucasLAP\Desktop\Elemental Rangers
2012-06-15 06:42 - 2012-06-15 06:42 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-15 06:35 - 2012-06-15 06:33 - 00006516 ____A C:\Users\LucasLAP\Documents\GALog.txt
2012-06-15 06:28 - 2012-04-28 19:05 - 00223232 __ASH C:\Users\LucasLAP\Downloads\Thumbs.db
2012-06-15 06:17 - 2012-06-15 06:17 - 00017039 ____A C:\Users\LucasLAP\Downloads\[isoHunt] Splice.v1.0.cracked-THETA.torrent
2012-06-15 05:04 - 2012-02-19 08:35 - 00000000 ____D C:\Program Files (x86)\Steam
2012-06-15 03:45 - 2012-06-15 03:45 - 00364373 ____A C:\Users\LucasLAP\Downloads\PDF_519280934_6_2012-06-08_0000000000.pdf
2012-06-15 03:40 - 2012-06-15 03:40 - 00002466 ____A C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
2012-06-15 03:39 - 2012-06-15 03:39 - 00000000 ____D C:\Program Files (x86)\Perfect World Entertainment
2012-06-15 03:39 - 2011-11-02 14:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-06-15 03:38 - 2012-06-15 03:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2012-06-15 03:37 - 2012-06-15 03:37 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-06-15 03:37 - 2012-06-15 03:37 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-06-15 03:37 - 2012-06-15 03:37 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-06-15 03:36 - 2011-11-02 15:03 - 00270171 ____A C:\Windows\DirectX.log
2012-06-15 03:34 - 2012-06-15 03:27 - 00000000 ____D C:\Users\LucasLAP\Desktop\BLR
2012-06-15 02:52 - 2012-06-14 19:19 - 00000000 ____D C:\Users\LucasLAP\Downloads\Battleship (2012) DVDRip XviD-AMIABLE
2012-06-14 18:42 - 2012-06-14 18:42 - 00015126 ____A C:\Users\LucasLAP\Downloads\[isoHunt] 2331664.torrent
2012-06-14 18:42 - 2012-06-14 18:42 - 00014641 ____A C:\Users\LucasLAP\Downloads\[isoHunt] Battleship (2012) DVDRip XviD-AMIABLE.torrent
2012-06-14 18:41 - 2012-06-14 18:41 - 00032397 ____A C:\Users\LucasLAP\Downloads\[isoHunt] [UsaBit.com] - BattleShip.2012.REPACK.TS.XViD.AC3-ADTRG.torrent
2012-06-14 18:09 - 2012-06-14 18:09 - 00050000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\renhhncu.sys
2012-06-14 16:47 - 2012-06-14 16:47 - 00000000 ____D C:\Users\LucasLAP\Documents\Disney Interactive Studios
2012-06-14 16:33 - 2012-06-14 16:33 - 00000000 ____D C:\Program Files (x86)\Disney Interactive Studios
2012-06-14 16:20 - 2012-06-14 16:20 - 00058431 ____A C:\Users\LucasLAP\Downloads\[isoHunt] download.torrent
2012-06-14 08:00 - 2012-06-11 06:04 - 4294315852 ____A C:\Users\LucasLAP\Downloads\BLR_0960.exe
2012-06-14 06:10 - 2012-06-14 05:33 - 1406372372 ____A C:\Users\LucasLAP\Desktop\Sherlock Holmes A Game of Shadows.avi
2012-06-13 23:33 - 2012-06-12 16:44 - 00000000 ____D C:\Users\LucasLAP\Downloads\Split.Second.Velocity-RELOADED
2012-06-13 06:24 - 2012-06-13 06:24 - 00082372 ____A C:\Users\LucasLAP\Downloads\water_shader_v5b1.2.5.zip
2012-06-13 00:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-06-12 23:30 - 2009-07-13 20:45 - 04967024 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-12 23:13 - 2012-02-16 07:48 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-06-12 23:07 - 2012-02-12 06:26 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-12 15:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2012-06-12 14:32 - 2012-06-12 14:32 - 10957278 ____A C:\Users\LucasLAP\Downloads\2wire_reinstall_voice_5.29.117.3.2sp
2012-06-12 13:40 - 2012-03-22 09:55 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\ElevatedDiagnostics
2012-06-12 05:48 - 2012-02-17 16:21 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\TS3Client
2012-06-12 05:48 - 2012-02-17 16:20 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2012-06-11 06:04 - 2012-06-11 06:04 - 03130440 ____A C:\Users\LucasLAP\Downloads\pbsvc_blr.exe
2012-06-11 06:04 - 2012-06-11 06:04 - 00021249 ____A C:\Users\LucasLAP\Downloads\BLR_0960_final.exe.torrent
2012-06-11 03:28 - 2012-04-28 11:25 - 00000000 ___RD C:\Users\LucasLAP\Desktop\
2012-06-09 06:27 - 2012-06-09 06:27 - 01404782 ____A C:\Users\LucasLAP\Downloads\2273346-3.png
2012-06-08 08:57 - 2012-06-08 08:57 - 00848610 ____A C:\Users\LucasLAP\Downloads\MW3sa_reporting_tool.zip
2012-06-07 14:31 - 2012-06-07 14:31 - 00038400 ____A C:\Users\LucasLAP\Desktop\Resume 2012'.doc
2012-06-07 14:31 - 2012-06-07 14:31 - 00022662 ____A C:\Users\LucasLAP\Desktop\Resume 2012'.pdf
2012-06-07 04:20 - 2012-06-07 04:20 - 00419488 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-07 04:20 - 2011-11-02 14:37 - 00070304 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-04 14:42 - 2012-06-04 14:42 - 00024344 ____A C:\Users\LucasLAP\Downloads\VICTOR TIME SHEET.pdf
2012-06-03 20:20 - 2012-06-03 20:20 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\Evernote
2012-06-03 20:20 - 2012-02-12 00:23 - 00000000 ____D C:\Users\LucasLAP\AppData\LocalLow
2012-06-03 20:19 - 2012-06-03 20:19 - 00000000 ____D C:\Program Files (x86)\Evernote
2012-06-03 19:57 - 2012-06-03 19:56 - 50045792 ____A (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Users\LucasLAP\Downloads\Evernote_4.5.6.6884.exe
2012-06-03 18:43 - 2012-06-03 18:43 - 00009956 ____A C:\Users\LucasLAP\Downloads\SimpleBackup.jar
2012-06-03 18:36 - 2012-06-03 18:36 - 00008287 ____A C:\Users\LucasLAP\Downloads\materials.txt
2012-06-03 18:32 - 2012-06-03 18:32 - 00364402 ____A C:\Users\LucasLAP\Downloads\Transporter.jar
2012-06-03 18:31 - 2012-06-03 18:31 - 00023442 ____A C:\Users\LucasLAP\Downloads\TreeAssist.jar
2012-06-03 16:53 - 2012-06-03 16:53 - 00000071 ____A C:\Users\LucasLAP\Downloads\PhotoLapse.ini
2012-06-03 16:18 - 2012-02-14 06:52 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\vlc
2012-06-03 15:45 - 2012-06-03 15:45 - 00155648 ____A (http://home.hccnet.nl/s.vd.palen) C:\Users\LucasLAP\Downloads\PhotoLapse.exe
2012-06-03 15:37 - 2012-06-03 15:37 - 00306151 ____A C:\Users\LucasLAP\Downloads\MakeAVI-0.11.zip
2012-06-03 13:27 - 2012-02-11 15:03 - 00000000 ____D C:\Users\LucasLAP\Downloads\_Start orbs
2012-06-03 13:26 - 2012-02-14 16:15 - 00000000 ____D C:\Users\All Users\Apple Computer
2012-06-03 13:21 - 2012-06-03 13:19 - 23885431 ____A C:\Users\LucasLAP\Downloads\Quicktime.rar
2012-06-03 13:20 - 2012-02-14 16:16 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\Apple Computer
2012-06-03 13:19 - 2012-06-03 13:19 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-06-03 13:18 - 2012-06-03 13:17 - 00000000 ____D C:\Users\LucasLAP\Downloads\QuickTime 7 Pro
2012-06-03 13:17 - 2012-06-03 13:16 - 39483256 ____A (Apple Inc.) C:\Users\LucasLAP\Downloads\QuickTimeInstaller.exe
2012-06-03 09:20 - 2012-06-03 09:20 - 08516016 ____A C:\Users\LucasLAP\Downloads\CNBsBUDSwitches.zip
2012-06-03 09:04 - 2012-06-03 09:04 - 00211602 ____A C:\Users\LucasLAP\Downloads\Minisentry.png
2012-06-03 09:04 - 2012-06-03 09:04 - 00119695 ____A C:\Users\LucasLAP\Downloads\Lvl3sentry.png
2012-06-03 09:03 - 2012-06-03 09:03 - 00148065 ____A C:\Users\LucasLAP\Downloads\Lvl2sentry.png
2012-06-03 09:03 - 2012-06-03 09:03 - 00127534 ____A C:\Users\LucasLAP\Downloads\Lvl1sentry.png
2012-06-03 09:01 - 2012-06-03 09:01 - 00102784 ____A C:\Users\LucasLAP\Downloads\350px-Engywithsg.png
2012-06-03 05:46 - 2012-04-25 06:32 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\Windows Live
2012-06-02 20:16 - 2012-06-02 20:16 - 00000000 ____D C:\Program Files (x86)\WinPcap

 

[Yellow77]

2012-06-02 20:05 - 2012-06-02 20:02 - 06009145 ____A C:\Users\LucasLAP\Downloads\MW3SA_normal.zip
2012-06-02 07:10 - 2012-06-02 07:10 - 00910093 ____A C:\Users\LucasLAP\Downloads\LightDetector-1.3.jar
2012-06-02 04:40 - 2012-06-02 04:39 - 02907377 ____A C:\Users\LucasLAP\Downloads\Automatic Street Lights.zip
2012-06-02 04:39 - 2012-06-02 04:39 - 00614991 ____A C:\Users\LucasLAP\Downloads\Redstone Logic World.zip
2012-06-01 05:48 - 2012-06-01 05:47 - 18020936 ____A (PortableApps.com) C:\Users\LucasLAP\Downloads\FirefoxPortable_12.0_English.paf.exe
2012-06-01 05:32 - 2012-06-01 05:32 - 00001332 ____A C:\Users\LucasLAP\Downloads\awsomenew.png
2012-06-01 05:28 - 2012-06-01 05:27 - 26883364 ____A C:\Users\LucasLAP\Downloads\Project_Soul.zip
2012-05-31 04:59 - 2012-05-31 04:59 - 10069368 ____A C:\Users\LucasLAP\Downloads\65d1ffc4-0a45-4bab-85b8-99424d3c2301.zip
2012-05-30 16:34 - 2012-05-30 16:27 - 97793348 ____A C:\Users\LucasLAP\Downloads\C64GVA200-24-SpyHunter.avi
2012-05-29 14:51 - 2012-05-29 14:50 - 00039936 __ASH C:\Users\LucasLAP\Documents\Thumbs.db
2012-05-29 14:51 - 2012-02-21 09:46 - 00000000 ____D C:\Users\LucasLAP\Documents\Adobe
2012-05-29 08:06 - 2012-05-29 08:06 - 01391104 ____A C:\Users\LucasLAP\Downloads\apploc.msi
2012-05-29 07:54 - 2012-05-29 07:54 - 04104894 ____A C:\Users\LucasLAP\Downloads\magiclantern-2011Dec22.550D.60D.600D.50D.500D.zip
2012-05-29 07:53 - 2012-05-29 07:53 - 13208991 ____A C:\Users\LucasLAP\Downloads\eos60d-v110-win.zip
2012-05-29 04:48 - 2012-05-29 04:48 - 00955848 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-05-29 04:48 - 2012-05-29 04:48 - 00839112 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-05-29 04:48 - 2012-05-29 04:48 - 00268744 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-05-29 04:48 - 2012-05-29 04:48 - 00189384 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-05-29 04:48 - 2012-05-29 04:48 - 00188872 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-05-29 04:48 - 2012-05-29 04:48 - 00000000 ____D C:\Program Files\Java
2012-05-29 04:09 - 2012-05-29 04:08 - 21865936 ____A (Oracle Corporation) C:\Users\LucasLAP\Downloads\jre-7u4-windows-x64 (1).exe
2012-05-28 18:41 - 2012-05-28 18:40 - 01741416 ____A C:\Users\LucasLAP\Downloads\tvm-sphnt.7z
2012-05-28 18:19 - 2012-05-28 18:19 - 01665069 ____A C:\Users\LucasLAP\Downloads\pm-shntr.7z
2012-05-28 09:54 - 2012-05-28 09:50 - 00000132 ____A C:\Users\LucasLAP\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-05-28 05:25 - 2012-05-28 05:24 - 08386590 ____A C:\Users\LucasLAP\Downloads\Soartex Fanver.zip
2012-05-27 15:44 - 2012-05-27 15:44 - 10250885 ____A C:\Users\LucasLAP\Downloads\MCEdit-0.1.1.win32.zip
2012-05-27 15:44 - 2012-05-27 15:44 - 01779847 ____A C:\Users\LucasLAP\Downloads\mcedit-mcedit-0.1.1-1-g41ea379.zip
2012-05-27 10:50 - 2012-05-27 10:50 - 00002027 ____A C:\Users\LucasLAP\Desktop\Adobe Photoshop Lightroom 4 64-bit.lnk
2012-05-27 10:48 - 2012-05-27 10:48 - 00832415 ____A C:\Users\LucasLAP\Downloads\slrlounge-lr4-preset-system-v1.1.zip
2012-05-26 04:01 - 2012-02-13 18:19 - 00000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2012-05-24 18:49 - 2012-05-24 18:49 - 01572397 ____A C:\Users\LucasLAP\Downloads\mcpatcher-2.3.6_03.exe
2012-05-22 19:28 - 2012-05-22 19:28 - 00000000 ____D C:\Users\LucasLAP\Documents\The Legend of Korra Episode 07
2012-05-22 19:26 - 2012-05-22 19:18 - 203055612 ____A C:\Users\LucasLAP\Downloads\284723987.rar
2012-05-22 16:15 - 2012-02-13 17:38 - 00000000 ____D C:\Program Files\Adobe
2012-05-22 16:04 - 2012-05-21 19:26 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend of Korra - S01E05 - The Spirit of Competition [Full HD 720p]
2012-05-21 19:35 - 2012-05-21 18:46 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend of Korra - S01E04 - The Voice in the Night
2012-05-21 19:33 - 2012-05-21 19:31 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend of Korra S01E06 - And The Winner Is [360p]
2012-05-21 19:10 - 2012-05-21 18:58 - 199173025 ____A C:\Users\LucasLAP\Downloads\Legend.Of.Korra.HDTV.Episode.3.Korra.Page.HDPVR.Rip.mp4
2012-05-20 18:35 - 2012-02-14 15:16 - 00000000 ____D C:\Users\All Users\Soluto
2012-05-20 03:24 - 2012-05-20 03:24 - 00000000 ____D C:\Users\LucasLAP\Documents\bukkit update
2012-05-20 02:48 - 2012-05-20 02:48 - 00078093 ____A C:\Users\LucasLAP\Documents\slrlounge preset receipt.pdf
2012-05-19 04:21 - 2012-05-14 15:51 - 944836281 ____A C:\Users\LucasLAP\Downloads\LoKep1-2retry.mp4
2012-05-19 04:04 - 2012-05-19 03:36 - 00000000 ____D C:\Users\LucasLAP\Downloads\Chronicle.2012.DVDRip.XviD-SPARKS
2012-05-19 03:33 - 2012-05-19 03:33 - 00016011 ____A C:\Users\LucasLAP\Downloads\minecraft_nude_pack.zip
2012-05-19 03:30 - 2012-05-19 03:30 - 00278561 ____A C:\Users\LucasLAP\Downloads\Minecraft (1).exe
2012-05-19 03:26 - 2012-05-19 03:26 - 02956302 ____A C:\Users\LucasLAP\Downloads\KSW_R2D2_Papercraft.pdf
2012-05-17 18:47 - 2012-06-12 23:00 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-05-17 18:16 - 2012-06-12 23:00 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-05-17 18:06 - 2012-06-12 23:00 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-05-17 17:59 - 2012-06-12 23:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-17 17:59 - 2012-06-12 23:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-05-17 17:58 - 2012-06-12 23:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-05-17 17:58 - 2012-06-12 23:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-05-17 17:56 - 2012-06-12 23:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-17 17:55 - 2012-06-12 23:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-05-17 17:55 - 2012-06-12 23:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-05-17 17:54 - 2012-06-12 23:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-05-17 17:51 - 2012-06-12 23:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-05-17 17:51 - 2012-06-12 23:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-05-17 17:47 - 2012-06-12 23:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-05-17 16:40 - 2012-05-17 16:40 - 00189727 ____A C:\Users\LucasLAP\Downloads\MinecraftPotionsClean.png
2012-05-17 16:18 - 2012-05-17 16:18 - 08067684 ____A C:\Users\LucasLAP\Downloads\world.zip
2012-05-17 15:11 - 2012-06-12 23:00 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-05-17 14:48 - 2012-06-12 23:00 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-05-17 14:45 - 2012-06-12 23:00 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-05-17 14:36 - 2012-06-12 23:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-05-17 14:35 - 2012-06-12 23:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-05-17 14:35 - 2012-06-12 23:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-05-17 14:33 - 2012-06-12 23:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-05-17 14:31 - 2012-06-12 23:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-05-17 14:29 - 2012-06-12 23:00 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-05-17 14:29 - 2012-06-12 23:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-05-17 14:27 - 2012-06-12 23:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-05-17 14:25 - 2012-06-12 23:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-05-17 14:24 - 2012-06-12 23:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-05-17 14:20 - 2012-06-12 23:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-05-17 14:03 - 2012-05-17 14:03 - 00178867 ____A C:\Users\LucasLAP\Downloads\missilecommand.dcr
2012-05-17 05:06 - 2012-05-17 05:06 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\digipen
2012-05-17 05:06 - 2012-05-17 05:06 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\digipen
2012-05-17 03:19 - 2012-05-17 03:19 - 00000000 ____D C:\Users\LucasLAP\Downloads\NitronicRush_OST
2012-05-16 18:05 - 2012-05-16 18:05 - 21865936 ____A (Oracle Corporation) C:\Users\LucasLAP\Downloads\jre-7u4-windows-x64.exe
2012-05-16 17:00 - 2012-05-16 17:00 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\Logitech
2012-05-16 17:00 - 2012-05-16 16:59 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2012-05-16 16:58 - 2012-05-16 16:56 - 51616256 ____A (Logitech Inc.) C:\Users\LucasLAP\Downloads\lgs820_x64 (1).exe
2012-05-16 16:58 - 2012-03-06 08:15 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Logishrd
2012-05-15 18:16 - 2012-05-15 18:16 - 00180079 ____A C:\Users\LucasLAP\Downloads\DataValuesBeta.png
2012-05-15 17:49 - 2012-05-15 17:49 - 00000849 ____A C:\Users\LucasLAP\Downloads\data.doc
2012-05-14 18:37 - 2012-05-14 18:37 - 00010882 ____A C:\Users\LucasLAP\Downloads\3791.pdf
2012-05-14 18:05 - 2012-05-14 18:05 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend.of.Korra.S01.E01-02.720p
2012-05-14 18:05 - 2012-05-14 15:52 - 24576000 ____A C:\Users\LucasLAP\Downloads\The.Legend.Of.Korra.S01E03.The.Revelation.720p.HDTV.h264.mp4
2012-05-14 18:00 - 2012-05-14 15:51 - 67072000 ____A C:\Users\LucasLAP\Downloads\Legend.of.Korra.S01.E01-02.720p.rar
2012-05-14 17:32 - 2012-06-12 11:30 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-14 17:16 - 2012-05-14 17:16 - 00278561 ____A C:\Users\LucasLAP\Downloads\Minecraft.exe
2012-05-14 15:46 - 2012-05-14 15:46 - 00000000 ____D C:\Program Files (x86)\Digipen
2012-05-14 15:46 - 2012-02-14 13:18 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\KeyLemon
2012-05-14 15:19 - 2012-02-14 13:17 - 00000000 ____D C:\Program Files\KeyLemon
2012-05-13 13:18 - 2012-05-13 13:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-05-13 13:18 - 2012-05-13 13:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-13 09:52 - 2012-05-13 09:34 - 161681005 ____A C:\Users\LucasLAP\Downloads\NitronicRush_OST.zip
2012-05-13 09:48 - 2012-05-13 09:35 - 296376597 ____A (DigiPen ) C:\Users\LucasLAP\Downloads\NitronicRush_setup_20120303.exe.exe
2012-05-13 09:33 - 2012-05-13 09:33 - 00011952 ____A C:\Users\LucasLAP\Downloads\NitronicRush_setup_20120303.0.torrent
2012-05-13 05:25 - 2012-05-13 05:25 - 00057904 ____A C:\Users\LucasLAP\Downloads\ThoseWhoLoanSpellsPrologue.pdf
2012-05-12 17:40 - 2012-02-13 16:26 - 00000000 ____D C:\Program Files (x86)\uTorrent
2012-05-12 16:51 - 2012-05-04 09:13 - 00000000 ____D C:\Users\LucasLAP\Downloads\X-Men First Class (2011) COMPLETE DVD Rip by vladtepes3176
2012-05-12 16:50 - 2012-05-12 13:57 - 00000000 ____D C:\Users\LucasLAP\Downloads\The.Avengers.2012.CAM.V2.XViD-26K
2012-05-08 20:21 - 2011-11-02 15:09 - 00000000 ____D C:\Program Files\Windows Journal
2012-05-08 16:53 - 2012-05-08 16:53 - 01851336 ____A (Blurb, Inc. ) C:\Users\LucasLAP\Downloads\Blurb Template Creator CS5.5 v1.1.0.1d5 Setup.exe
2012-05-04 12:38 - 2012-05-04 12:37 - 21015473 ____A C:\Users\LucasLAP\Downloads\The Fountain of Immortality v3 by 5TeRe0TyP3 & Fluffeeh.rar
2012-05-04 09:14 - 2012-05-04 09:14 - 00000000 ____D C:\Users\LucasLAP\Downloads\X-Men First Class 2011 R5 LiNE READNFO XViD - IMAGiNE
2012-05-04 07:52 - 2012-05-04 07:52 - 00000232 ____A C:\Users\LucasLAP\Documents\adobe key.txt
2012-05-04 07:47 - 2012-05-04 07:47 - 00130247 ____A C:\Users\LucasLAP\Documents\Print - Threadless graphic t-shirt designs; cool & funny t-shirts weekly! Tees designed by the community.pdf
2012-05-04 03:06 - 2012-06-12 11:30 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 02:03 - 2012-06-12 11:30 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-12 11:30 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-03 19:23 - 2012-05-03 19:22 - 01023495 ____A C:\Users\LucasLAP\Downloads\Android.wba
2012-05-03 19:13 - 2012-03-13 07:59 - 00000000 ___HD C:\Windows\Icecream Sandwich Skin Pack
2012-05-02 15:48 - 2012-05-02 15:48 - 00000010 ____A C:\Users\LucasLAP\Documents\fridge model.txt
2012-05-02 09:54 - 2012-05-02 09:54 - 00000284 ____A C:\Users\LucasLAP\Documents\job ocations.txt
2012-05-02 07:21 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\Media
2012-04-30 23:01 - 2012-02-14 15:57 - 00001945 ____A C:\Windows\epplauncher.mif
2012-04-30 23:01 - 2012-02-14 15:57 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-04-30 23:00 - 2012-04-30 23:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-04-30 23:00 - 2011-12-27 18:35 - 00788116 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-04-30 21:40 - 2012-06-12 11:30 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-30 14:51 - 2012-04-30 14:50 - 00000000 ____D C:\Users\LucasLAP\Downloads\Virtual DJ ( Effects , videos , sound ,samplers , skin )
2012-04-30 14:48 - 2012-04-30 14:48 - 00069517 ____A C:\Users\LucasLAP\Downloads\[isoHunt] Virtual DJ ( Effects , videos , sound ,samplers , skin ).torrent
2012-04-30 09:11 - 2012-04-30 09:08 - 00000000 ____D C:\Users\LucasLAP\Downloads\SoundSpectrum WhiteCap Platinum v5.0.3 Build 4095
2012-04-30 09:07 - 2012-04-29 20:37 - 00000000 ____D C:\Users\LucasLAP\Downloads\SoundSpectrum G-Force Platinum v3.7.3 Build 3945
2012-04-30 05:53 - 2012-04-30 05:53 - 00046080 ____A C:\Users\LucasLAP\Downloads\shortcut (2).png
2012-04-30 05:27 - 2012-04-30 05:27 - 00000000 ____D C:\Program Files\Soluto
2012-04-30 05:26 - 2012-02-14 15:21 - 00000193 ____A C:\Users\All Users\Microsoft.SqlServer.Compact.351.64.bc
2012-04-30 05:19 - 2009-07-13 21:08 - 00032564 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-04-30 03:22 - 2012-04-30 03:22 - 00082240 ____A C:\Windows\System32\KLWindowsCredentialsProvider.dll
2012-04-29 20:41 - 2012-04-29 20:39 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\SoundSpectrum
2012-04-29 20:38 - 2012-04-29 20:38 - 00000000 ____D C:\Program Files (x86)\SoundSpectrum
2012-04-29 20:37 - 2012-04-29 20:37 - 00000000 ____D C:\Users\LucasLAP\Downloads\SoundSpectrum.G-Force.Platinum.3.7.1.Incl.Key-HIDDEN
2012-04-29 19:20 - 2012-04-29 19:17 - 45838593 ____A C:\Users\LucasLAP\Downloads\C_Mod_v2.2.rar
2012-04-29 09:46 - 2012-04-29 09:40 - 72661879 ____A (Crytek ) C:\Users\LucasLAP\Downloads\Crysis_2_ModSDK_1.0 (1).exe
2012-04-29 09:46 - 2012-04-29 09:40 - 06739931 ____A C:\Users\LucasLAP\Downloads\Crysis1Revival_v21.rar
2012-04-29 09:40 - 2012-04-29 09:20 - 129104758 ____A (Crytek ) C:\Users\LucasLAP\Downloads\Crysis_2_ModSDK_1.0.exe
2012-04-29 08:34 - 2012-04-29 08:34 - 00046080 ____A C:\Users\LucasLAP\Downloads\shortcut (1).png
2012-04-29 08:33 - 2012-04-29 08:33 - 00046080 ____A C:\Users\LucasLAP\Downloads\shortcut.png
2012-04-29 05:23 - 2012-02-16 06:46 - 00000000 ____D C:\Users\LucasLAP\Documents\School
2012-04-28 19:28 - 2012-04-28 19:28 - 00017801 ____A (Meetinghouse Data Communications) C:\Windows\SysWOW64\Drivers\AegisP.sys
2012-04-28 19:28 - 2012-04-28 19:28 - 00000337 ____A C:\Windows\SysWOW64\results.txt
2012-04-28 19:28 - 2012-04-28 19:25 - 63345548 ____A C:\Users\LucasLAP\Downloads\Lan_Broadcom_14.6.1.0_W7x64_A.zip
2012-04-28 19:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2012-04-28 19:26 - 2012-04-28 19:25 - 07403400 ____A C:\Users\LucasLAP\Downloads\80211bg_broadcom.zip
2012-04-28 19:25 - 2012-04-28 19:25 - 02134126 ____A C:\Users\LucasLAP\Downloads\Modem_liteon_2.2.99_W7x64_A.zip
2012-04-28 11:32 - 2012-04-28 11:32 - 00063827 ____A C:\Users\LucasLAP\Downloads\Focus-Rectangle-Remover.zip
2012-04-28 11:32 - 2012-04-28 11:32 - 00003584 ____A C:\Windows\System32\RemoveFocusRect.dll
2012-04-28 11:27 - 2012-04-28 11:26 - 00000000 ___RD C:\Users\LucasLAP\Desktop\
2012-04-28 09:38 - 2012-04-28 11:24 - 00022304 ____A C:\Users\LucasLAP\Desktop\Resume 2012.pdf
2012-04-28 09:37 - 2012-04-28 12:08 - 00037376 ____A C:\Users\LucasLAP\Desktop\Resume 2012.doc
2012-04-28 09:17 - 2012-04-28 09:17 - 00057433 ____A C:\Users\LucasLAP\Downloads\NBTedit.zip
2012-04-27 19:55 - 2012-06-12 11:29 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-25 21:41 - 2012-06-12 11:30 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-25 21:41 - 2012-06-12 11:30 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-25 21:34 - 2012-06-12 11:30 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-25 06:33 - 2012-04-25 06:32 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\{8B963BFB-A277-469E-B491-D72707FEEAA4}
2012-04-25 06:32 - 2012-04-25 06:32 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\{43980728-8442-4F93-A456-63116D46A59D}
2012-04-25 06:32 - 2012-04-25 06:32 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\{1DF2F526-B2E0-400F-8DD2-C4CECE766B72}
2012-04-24 13:13 - 2012-02-14 15:18 - 00054728 ____A (Soluto LTD.) C:\Windows\System32\Drivers\Soluto.sys
2012-04-23 21:37 - 2012-06-12 11:30 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 21:37 - 2012-06-12 11:30 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 21:37 - 2012-06-12 11:30 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 20:36 - 2012-06-12 11:30 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 20:36 - 2012-06-12 11:30 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 20:36 - 2012-06-12 11:30 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-04-18 16:56 - 2012-04-18 16:56 - 00094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2012-04-18 16:56 - 2012-04-18 16:56 - 00069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2012-04-13 08:19 - 2012-02-14 15:17 - 00000000 ____D C:\Program Files (x86)\RescueTime
2012-04-07 04:31 - 2012-06-12 11:30 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-04-07 03:26 - 2012-06-12 11:30 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-04-04 11:56 - 2012-06-15 13:05 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-03 07:43 - 2012-04-03 07:18 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\TeamViewer
2012-04-03 07:17 - 2012-04-03 07:17 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2012-04-03 07:16 - 2012-04-03 07:16 - 03526040 ____A (TeamViewer GmbH) C:\Users\LucasLAP\Downloads\TeamViewer_Setup_en.exe
2012-03-30 12:24 - 2012-03-30 12:21 - 51616256 ____A (Logitech Inc.) C:\Users\LucasLAP\Downloads\lgs820_x64.exe
2012-03-30 03:35 - 2012-05-08 20:16 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-26 13:06 - 2012-04-01 13:02 - 23487761 ____A C:\Users\LucasLAP\Downloads\Screaming.Bee.MorphVOX.Pro.v4.3.13-Lz0.rar
2012-03-26 06:29 - 2012-04-01 13:03 - 33998680 ____A C:\Users\LucasLAP\Downloads\MorphVOX Pro v4.3.13 with Addons + Crk.exe
2012-03-22 10:08 - 2012-03-22 10:08 - 00007914 ____A C:\Users\LucasLAP\Documents\cc_20120322_140854.reg
2012-03-22 10:05 - 2012-03-22 10:05 - 06091301 ____A C:\Users\LucasLAP\Downloads\themeforest-1768511-poise-htmlcss.zip
2012-03-20 16:44 - 2011-04-27 12:25 - 00098688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
2012-03-20 16:44 - 2011-04-18 10:18 - 00203888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-03-19 04:50 - 2012-03-19 04:50 - 00000021 ____A C:\Windows\SurCode.INI
2012-03-19 04:50 - 2012-03-19 04:50 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\PACE Anti-Piracy
2012-03-19 04:50 - 2012-03-19 04:50 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\PACE Anti-Piracy
2012-03-19 04:50 - 2012-03-19 04:50 - 00000000 ____D C:\Users\All Users\PACE Anti-Piracy
2012-03-19 04:50 - 2012-03-19 04:50 - 00000000 ____D C:\Program Files\Common Files\PACE Anti-Piracy
2012-03-19 04:50 - 2012-02-11 12:44 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Adobe
2012-03-19 04:50 - 2011-05-01 14:11 - 00000000 ___HD C:\Users\LucasLAP\AppData\Local\4KPcr3zyM
2012-03-19 04:50 - 2009-07-13 19:20 - 00000000 ___AD C:\Program Files\Common Files\Microsoft Shared
2012-03-19 04:50 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System

ZeroAccess:
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}\@
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}\L
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}\U
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}\L\00000004.@
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}\L\201d3dde
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}\U\00000004.@
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}\U\00000008.@
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83}\U\000000cb.@

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-03-13 08:00] - [2011-02-24 22:19] - 2713600 ____A (Microsoft Corporation) 6A2200FF714845A2B80DB08BACE02C06

C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 11%
Total physical RAM: 7654.11 MB
Available physical RAM: 6788.75 MB
Total Pagefile: 7652.31 MB
Available Pagefile: 6770.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (ACER) (Fixed) (Total:682.91 GB) (Free:220.86 GB) NTFS
2 Drive e: (PQSERVICE) (Fixed) (Total:15.62 GB) (Free:0.56 GB) NTFS
4 Drive g: (LUKE'S USB) (Removable) (Total:3.82 GB) (Free:3.82 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 1024 KB
Disk 1 Online 3919 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 15 GB 1024 KB
Partition 2 Primary 100 MB 15 GB
Partition 3 Primary 682 GB 15 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E PQSERVICE NTFS Partition 15 GB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM RESE NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C ACER NTFS Partition 682 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3919 MB 31 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G LUKE'S USB FAT32 Removable 3919 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-06-07 20:56

======================= End Of Log ==========================

 

[Broni]

In Vista or Windows 7: Boot to System Recovery Options and run FRST.
In Windows XP: Please boot to BartPe and run FRST.
Type the following in the edit box after "Search:".

services.exe;explorer.exe

Click Search button and post the log (Search.txt) it makes to your reply.

 

[Yellow77]

I had already ran the search on services earlier as per another request by a friend. I imagine if I did them both at the same time the searches would be in the same file, however I didnt do it that way.

Farbar Recovery Scan Tool Version: 16-06-2012
Ran by SYSTEM at 2012-06-16 14:28:34
Running from G:\

================== Search: "explorer.exe" ===================

C:\Windows\explorer.exe
[2012-03-13 08:00] - [2011-02-24 22:19] - 2713600 ____A (Microsoft Corporation) 6A2200FF714845A2B80DB08BACE02C06

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011-11-02 14:27] - [2011-02-25 21:19] - 2616320 ____A (Microsoft Corporation) 0FB9C74046656D1579A64660AD67B746

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011-11-02 14:27] - [2011-02-24 21:30] - 2616320 ____A (Microsoft Corporation) 8B88EBBB05A0E56B7DCC708498C02B3E

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010-11-20 19:24] - [2010-11-20 19:24] - 2616320 ____N (Microsoft Corporation) 40D777B7A95E00593EB1568C68514493

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2011-11-02 14:27] - [2011-02-25 22:14] - 2871808 ____A (Microsoft Corporation) 3B69712041F3D63605529BD66DC00C48

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-11-02 14:27] - [2011-02-24 22:19] - 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010-11-20 19:24] - [2010-11-20 19:24] - 2872320 ____N (Microsoft Corporation) AC4C51EB24AA95B77F705AB159189E24

C:\Windows\SysWOW64\explorer.exe
[2011-11-02 14:27] - [2011-02-24 21:30] - 2616320 ____A (Microsoft Corporation) 8B88EBBB05A0E56B7DCC708498C02B3E

C:\Windows\Icecream Sandwich Skin Pack\Backup\explorer.exe
[2012-03-13 08:00] - [2011-02-24 22:19] - 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3

====== End Of Search ======

Farbar Recovery Scan Tool Version: 16-06-2012
Ran by SYSTEM at 2012-06-16 13:42:36
Running from G:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC

====== End Of Search ======

 

[Broni]

Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

[Yellow77]

I am now on my phone to type this. I ran the fix and restarted the computer, upon booting up it stated that explorer.exe was not classified. I now have a black screen, can no longer access anything other then command prompt and notepad. I have senitive and expensive files that I cannot afford to lose. Would my safe bet be to backup those files and just reformat altogether?

 

[Yellow77]

I am now on my phone to type this. I ran the fix and restarted the computer, upon booting up it stated that explorer.exe was not classified. I now have a black screen, can no longer access anything other then command prompt and notepad. I have senitive and expensive files that I cannot afford to lose. Would my safe bet be to backup those files and just reformat altogether?

 

[Yellow77]

sorry for the double post, my phone didnt send the first one and I was in panic mode. I ran the Windows 7 file system checker and it seems to have repaired the explorer.exe error. Below is the log file from the FRST program.

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 16-06-2012
Ran by SYSTEM at 2012-06-16 23:30:23 Run:1
Running from G:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet002\Control\Session Manager\SubSystems\\Windows Value was restored successfully .
C:\Windows\System32\consrv.dll not found.
HKEY_LOCAL_MACHINE\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ Default Value restored successfully.
HKEY_USERS\LucasLAP\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge Value deleted successfully.
C:\Windows\Installer\{39b115d2-9f1c-c9b0-e602-0b1c61916a83} moved successfully.
C:\Windows\explorer.exe moved successfully.
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364ae35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe copied successfully to C:\Windows\explorer.exe
C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====

 

[Broni]

Boot back to System Recovery Options and give me fresh FRST log (same instructions as in my reply #15).

 

[Yellow77]

Scan result of Farbar Recovery Scan Tool Version: 16-06-2012
Ran by SYSTEM at 17-06-2012 05:57:07
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet002

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12681320 2011-08-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2830120 2011-10-03] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [KeyLemon LemonScreen] C:\Program Files\KeyLemon\KLLockEngine.exe atstartup [992576 2012-04-30] ()
HKLM\...\Run: [KeyLemon Updater] C:\Program Files\KeyLemon\KLUpdater.exe [702272 2012-04-30] ()
HKLM\...\Run: [DVD or CD Sharing] "F:\DVD Sharing\ODSAgent.exe" [x]
HKLM\...\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [5889816 2011-12-07] (Logitech Inc.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY [x]
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKU\LucasLAP\...\Run: [RK Launcher] "C:\Program Files (x86)\RK Launcher\RKLauncher.exe" [708608 2007-03-16] (RaduKing)
HKU\LucasLAP\...\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun [4527424 2011-08-16] (DT Soft Ltd)
HKU\LucasLAP\...\Run: [XWidget] C:\Program Files (x86)\XWidget\xwidget.exe [4920832 2012-02-17] (xwidget.com)
HKU\LucasLAP\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17148552 2012-02-29] (Skype Technologies S.A.)
HKU\LucasLAP\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit [1716784 2012-04-24] (Soluto)
Winlogon\Notify\WB: C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll [X]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
AppInit_DLLs: RemoveFocusRect.dll
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\All Users\Start Menu\Programs\Startup\RescueTime.lnk
ShortcutTarget: RescueTime.lnk -> C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.)
Startup: C:\Users\LucasLAP\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\LucasLAP\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

==================== Services (Whitelisted) ======

2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
2 OS Selector; "C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe" [2139400 2010-05-25] ()
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
2 SolutoService; "C:\Program Files\Soluto\SolutoService.exe" [584224 2012-04-24] (Soluto)
2 WindowBlinds; C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe [337144 2009-06-04] (Stardock Corporation)
2 WindowFX; C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\WindowFXSRV.exe [185648 2011-04-11] (Stardock Corporation)
2 wltrysvc; C:\Windows\SysWow64\wltrysvc.exe C:\Windows\SysWow64\bcmwltry.exe [827499 2004-12-21] (Broadcom Corporation)
3 rpcapd; "C:\Program Files (x86)\WinPcap\rpcapd.exe" -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" [x]

========================== Drivers (Whitelisted) =============

1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [271424 2012-02-16] (DT Soft Ltd)
3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCamd64.sys [410184 2011-04-11] (Logitech)
3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRamd64.sys [341832 2011-04-11] (Logitech)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
2 NPF; C:\Windows\System32\Drivers\NPF.sys [35344 2010-06-25] (CACE Technologies, Inc.)
0 snapman; C:\Windows\System32\Drivers\snapman.sys [276576 2012-02-15] (Acronis)
0 Soluto; C:\Windows\System32\Drivers\Soluto.sys [54728 2012-04-24] (Soluto LTD.)
3 ALSysIO; \??\C:\Users\LucasLAP\AppData\Local\Temp\ALSysIO64.sys [x]
3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [x]
3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [x]
3 bScsiMSa; C:\Windows\System32\DRIVERS\bScsiMSa.sys [x]
3 bScsiSDa; C:\Windows\System32\DRIVERS\bScsiSDa.sys [x]
3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-16 19:27 - 2012-06-16 19:27 - 00000986 ____A C:\Users\LucasLAP\Downloads\fixlist (1).txt
2012-06-16 19:26 - 2012-06-16 19:26 - 00000523 ____A C:\Users\LucasLAP\Downloads\fixlist.txt
2012-06-16 17:12 - 2012-06-16 17:50 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-06-16 17:12 - 2012-06-16 17:13 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-16 13:40 - 2012-06-17 05:57 - 00000000 ____D C:\FRST
2012-06-16 10:42 - 2012-06-16 10:42 - 00000596 ____A C:\Users\LucasLAP\Downloads\Search.txt
2012-06-16 07:45 - 2012-06-16 07:45 - 00127602 ____A C:\Users\LucasLAP\Desktop\kaspersky_rootkit_log.txt
2012-06-16 07:42 - 2012-06-16 07:45 - 00255288 ____A C:\TDSSKiller.2.7.40.0_16.06.2012_11.42.16_log.txt
2012-06-16 07:41 - 2012-06-16 07:41 - 02109032 ____A C:\Users\LucasLAP\Downloads\tdsskiller.zip
2012-06-16 07:38 - 2012-06-16 07:39 - 00000000 ____D C:\Users\LucasLAP\Desktop\Underground Survival
2012-06-16 05:54 - 2012-06-16 07:41 - 00000000 ____D C:\Users\LucasLAP\Desktop\Virus Help Stuff
2012-06-15 17:41 - 2012-06-15 17:41 - 00000000 ____D C:\Program Files (x86)\HiJackThis
2012-06-15 17:39 - 2012-06-15 17:40 - 16409960 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\spybotsd162.exe
2012-06-15 17:39 - 2012-06-15 17:40 - 07966432 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\runalyz-1.6.1.24.exe
2012-06-15 17:39 - 2012-06-15 17:39 - 04333832 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\filealyz-2.0.5.57.exe
2012-06-15 17:39 - 2012-06-15 17:39 - 01752632 ____A (Safer-Networking Ltd. ) C:\Users\LucasLAP\Downloads\regalyz-1.6.2.16.exe
2012-06-15 17:38 - 2012-06-15 17:38 - 01402880 ____A C:\Users\LucasLAP\Downloads\HijackThis.msi
2012-06-15 17:14 - 2012-06-15 17:14 - 04731392 ____A (AVAST Software) C:\Users\LucasLAP\Downloads\aswMBR.exe
2012-06-15 17:12 - 2012-06-15 17:12 - 00044607 ____A C:\Users\LucasLAP\Downloads\bootkit_remover.zip
2012-06-15 14:20 - 2012-06-15 14:20 - 00302592 ____A C:\Users\LucasLAP\Downloads\enlccdcs.exe
2012-06-15 13:18 - 2012-06-15 13:18 - 00302592 ____A C:\Users\LucasLAP\Downloads\3n3tpxu8.exe
2012-06-15 13:13 - 2012-06-15 13:13 - 00302592 ____A C:\Users\LucasLAP\Downloads\vog1wqt8.exe
2012-06-15 13:06 - 2012-06-15 13:06 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Malwarebytes
2012-06-15 13:05 - 2012-06-15 13:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-15 13:05 - 2012-06-15 13:05 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-15 13:05 - 2012-04-04 11:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-15 13:03 - 2012-06-15 13:03 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\LucasLAP\Downloads\mbam-setup-1.61.0.1400.exe
2012-06-15 12:59 - 2012-06-15 12:59 - 00595968 ____A (OldTimer Tools) C:\Users\LucasLAP\Downloads\OTL.exe
2012-06-15 12:36 - 2012-06-15 12:36 - 12621696 ____A (Microsoft Corporation) C:\Users\LucasLAP\Downloads\mseinstall.exe
2012-06-15 06:59 - 2012-06-15 06:59 - 00220264 ____A C:\Users\LucasLAP\Desktop\Tina Gale regarding virgin account.pdf
2012-06-15 06:42 - 2012-06-15 06:42 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-15 06:33 - 2012-06-15 06:35 - 00006516 ____A C:\Users\LucasLAP\Documents\GALog.txt
2012-06-15 06:17 - 2012-06-15 06:17 - 00017039 ____A C:\Users\LucasLAP\Downloads\[isoHunt] Splice.v1.0.cracked-THETA.torrent
2012-06-15 03:45 - 2012-06-15 03:45 - 00364373 ____A C:\Users\LucasLAP\Downloads\PDF_519280934_6_2012-06-08_0000000000.pdf
2012-06-15 03:40 - 2012-06-15 03:40 - 00002466 ____A C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
2012-06-15 03:39 - 2012-06-15 03:39 - 00000000 ____D C:\Program Files (x86)\Perfect World Entertainment
2012-06-15 03:38 - 2012-06-15 03:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2012-06-15 03:37 - 2012-06-15 03:37 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-06-15 03:37 - 2012-06-15 03:37 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-06-15 03:37 - 2012-06-15 03:37 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-06-15 03:37 - 2011-12-19 11:16 - 03130440 ____A C:\Windows\SysWOW64\pbsvc_blr.exe
2012-06-15 03:27 - 2012-06-15 03:34 - 00000000 ____D C:\Users\LucasLAP\Desktop\BLR
2012-06-14 19:19 - 2012-06-15 02:52 - 00000000 ____D C:\Users\LucasLAP\Downloads\Battleship (2012) DVDRip XviD-AMIABLE
2012-06-14 18:42 - 2012-06-14 18:42 - 00015126 ____A C:\Users\LucasLAP\Downloads\[isoHunt] 2331664.torrent
2012-06-14 18:42 - 2012-06-14 18:42 - 00014641 ____A C:\Users\LucasLAP\Downloads\[isoHunt] Battleship (2012) DVDRip XviD-AMIABLE.torrent
2012-06-14 18:41 - 2012-06-14 18:41 - 00032397 ____A C:\Users\LucasLAP\Downloads\[isoHunt] [UsaBit.com] - BattleShip.2012.REPACK.TS.XViD.AC3-ADTRG.torrent
2012-06-14 18:18 - 2012-06-15 14:15 - 00000000 ____D C:\Users\LucasLAP\Downloads\Sherlock Holmes in the 22nd Century
2012-06-14 18:09 - 2012-06-14 18:09 - 00050000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\renhhncu.sys
2012-06-14 16:47 - 2012-06-14 16:47 - 00000000 ____D C:\Users\LucasLAP\Documents\Disney Interactive Studios
2012-06-14 16:33 - 2012-06-14 16:33 - 00000000 ____D C:\Program Files (x86)\Disney Interactive Studios
2012-06-14 16:20 - 2012-06-14 16:20 - 00058431 ____A C:\Users\LucasLAP\Downloads\[isoHunt] download.torrent
2012-06-14 05:33 - 2012-06-14 06:10 - 1406372372 ____A C:\Users\LucasLAP\Desktop\Sherlock Holmes A Game of Shadows.avi
2012-06-13 06:24 - 2012-06-13 06:24 - 00082372 ____A C:\Users\LucasLAP\Downloads\water_shader_v5b1.2.5.zip
2012-06-12 23:00 - 2012-05-17 18:47 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-12 23:00 - 2012-05-17 18:16 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-12 23:00 - 2012-05-17 18:06 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-12 23:00 - 2012-05-17 17:59 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-12 23:00 - 2012-05-17 17:59 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-12 23:00 - 2012-05-17 17:58 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-12 23:00 - 2012-05-17 17:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-12 23:00 - 2012-05-17 17:56 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-12 23:00 - 2012-05-17 17:55 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-12 23:00 - 2012-05-17 17:55 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-12 23:00 - 2012-05-17 17:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-12 23:00 - 2012-05-17 17:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-12 23:00 - 2012-05-17 17:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-12 23:00 - 2012-05-17 17:47 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-12 23:00 - 2012-05-17 15:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-12 23:00 - 2012-05-17 14:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-12 23:00 - 2012-05-17 14:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-12 23:00 - 2012-05-17 14:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-12 23:00 - 2012-05-17 14:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-12 23:00 - 2012-05-17 14:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-12 23:00 - 2012-05-17 14:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-12 23:00 - 2012-05-17 14:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-12 23:00 - 2012-05-17 14:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-12 23:00 - 2012-05-17 14:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-12 23:00 - 2012-05-17 14:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-12 23:00 - 2012-05-17 14:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-12 23:00 - 2012-05-17 14:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-12 23:00 - 2012-05-17 14:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-12 16:44 - 2012-06-13 23:33 - 00000000 ____D C:\Users\LucasLAP\Downloads\Split.Second.Velocity-RELOADED
2012-06-12 14:32 - 2012-06-12 14:32 - 10957278 ____A C:\Users\LucasLAP\Downloads\2wire_reinstall_voice_5.29.117.3.2sp
2012-06-12 11:30 - 2012-05-14 17:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-12 11:30 - 2012-05-04 03:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-12 11:30 - 2012-05-04 02:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-12 11:30 - 2012-05-04 02:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-12 11:30 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-12 11:30 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-12 11:30 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-12 11:30 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-12 11:30 - 2012-04-23 21:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-12 11:30 - 2012-04-23 21:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-12 11:30 - 2012-04-23 21:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-12 11:30 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-12 11:30 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-12 11:30 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-12 11:30 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-12 11:30 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-12 11:29 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-11 06:23 - 2012-06-15 06:47 - 00000000 ____D C:\Users\LucasLAP\Desktop\Elemental Rangers
2012-06-11 06:04 - 2012-06-14 08:00 - 4294315852 ____A C:\Users\LucasLAP\Downloads\BLR_0960.exe
2012-06-11 06:04 - 2012-06-11 06:04 - 03130440 ____A C:\Users\LucasLAP\Downloads\pbsvc_blr.exe
2012-06-11 06:04 - 2012-06-11 06:04 - 00021249 ____A C:\Users\LucasLAP\Downloads\BLR_0960_final.exe.torrent
2012-06-09 06:27 - 2012-06-09 06:27 - 01404782 ____A C:\Users\LucasLAP\Downloads\2273346-3.png
2012-06-08 08:57 - 2012-06-08 08:57 - 00848610 ____A C:\Users\LucasLAP\Downloads\MW3sa_reporting_tool.zip
2012-06-07 14:31 - 2012-06-07 14:31 - 00038400 ____A C:\Users\LucasLAP\Desktop\Resume 2012'.doc
2012-06-07 14:31 - 2012-06-07 14:31 - 00022662 ____A C:\Users\LucasLAP\Desktop\Resume 2012'.pdf
2012-06-07 04:20 - 2012-06-07 04:20 - 00419488 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-04 14:42 - 2012-06-04 14:42 - 00024344 ____A C:\Users\LucasLAP\Downloads\VICTOR TIME SHEET.pdf
2012-06-03 20:20 - 2012-06-03 20:20 - 00000000 ____D C:\Users\LucasLAP\AppData\Local\Evernote
2012-06-03 20:19 - 2012-06-03 20:19 - 00000000 ____D C:\Program Files (x86)\Evernote
2012-06-03 19:56 - 2012-06-03 19:57 - 50045792 ____A (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Users\LucasLAP\Downloads\Evernote_4.5.6.6884.exe
2012-06-03 18:43 - 2012-06-03 18:43 - 00009956 ____A C:\Users\LucasLAP\Downloads\SimpleBackup.jar
2012-06-03 18:36 - 2012-06-03 18:36 - 00008287 ____A C:\Users\LucasLAP\Downloads\materials.txt
2012-06-03 18:32 - 2012-06-03 18:32 - 00364402 ____A C:\Users\LucasLAP\Downloads\Transporter.jar
2012-06-03 18:31 - 2012-06-03 18:31 - 00023442 ____A C:\Users\LucasLAP\Downloads\TreeAssist.jar
2012-06-03 16:53 - 2012-06-03 16:53 - 00000071 ____A C:\Users\LucasLAP\Downloads\PhotoLapse.ini
2012-06-03 15:45 - 2012-06-03 15:45 - 00155648 ____A (http://home.hccnet.nl/s.vd.palen) C:\Users\LucasLAP\Downloads\PhotoLapse.exe
2012-06-03 15:37 - 2012-06-03 15:37 - 00306151 ____A C:\Users\LucasLAP\Downloads\MakeAVI-0.11.zip
2012-06-03 13:19 - 2012-06-03 13:21 - 23885431 ____A C:\Users\LucasLAP\Downloads\Quicktime.rar
2012-06-03 13:19 - 2012-06-03 13:19 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-06-03 13:17 - 2012-06-03 13:18 - 00000000 ____D C:\Users\LucasLAP\Downloads\QuickTime 7 Pro
2012-06-03 13:16 - 2012-06-03 13:17 - 39483256 ____A (Apple Inc.) C:\Users\LucasLAP\Downloads\QuickTimeInstaller.exe
2012-06-03 09:20 - 2012-06-03 09:20 - 08516016 ____A C:\Users\LucasLAP\Downloads\CNBsBUDSwitches.zip
2012-06-03 09:04 - 2012-06-03 09:04 - 00211602 ____A C:\Users\LucasLAP\Downloads\Minisentry.png
2012-06-03 09:04 - 2012-06-03 09:04 - 00119695 ____A C:\Users\LucasLAP\Downloads\Lvl3sentry.png
2012-06-03 09:03 - 2012-06-03 09:03 - 00148065 ____A C:\Users\LucasLAP\Downloads\Lvl2sentry.png
2012-06-03 09:03 - 2012-06-03 09:03 - 00127534 ____A C:\Users\LucasLAP\Downloads\Lvl1sentry.png
2012-06-03 09:01 - 2012-06-03 09:01 - 00102784 ____A C:\Users\LucasLAP\Downloads\350px-Engywithsg.png
2012-06-02 20:16 - 2012-06-02 20:16 - 00000000 ____D C:\Program Files (x86)\WinPcap
2012-06-02 20:02 - 2012-06-02 20:05 - 06009145 ____A C:\Users\LucasLAP\Downloads\MW3SA_normal.zip
2012-06-02 07:10 - 2012-06-02 07:10 - 00910093 ____A C:\Users\LucasLAP\Downloads\LightDetector-1.3.jar
2012-06-02 04:39 - 2012-06-02 04:40 - 02907377 ____A C:\Users\LucasLAP\Downloads\Automatic Street Lights.zip
2012-06-02 04:39 - 2012-06-02 04:39 - 00614991 ____A C:\Users\LucasLAP\Downloads\Redstone Logic World.zip
2012-06-01 05:47 - 2012-06-01 05:48 - 18020936 ____A (PortableApps.com) C:\Users\LucasLAP\Downloads\FirefoxPortable_12.0_English.paf.exe
2012-06-01 05:32 - 2012-06-01 05:32 - 00001332 ____A C:\Users\LucasLAP\Downloads\awsomenew.png
2012-06-01 05:27 - 2012-06-01 05:28 - 26883364 ____A C:\Users\LucasLAP\Downloads\Project_Soul.zip
2012-05-31 04:59 - 2012-05-31 04:59 - 10069368 ____A C:\Users\LucasLAP\Downloads\65d1ffc4-0a45-4bab-85b8-99424d3c2301.zip
2012-05-30 16:27 - 2012-05-30 16:34 - 97793348 ____A C:\Users\LucasLAP\Downloads\C64GVA200-24-SpyHunter.avi
2012-05-30 06:32 - 2011-12-22 17:49 - 00836570 ____A C:\Users\LucasLAP\Desktop\UserGuide.pdf
2012-05-29 14:50 - 2012-05-29 14:51 - 00039936 __ASH C:\Users\LucasLAP\Documents\Thumbs.db
2012-05-29 08:06 - 2012-05-29 08:06 - 01391104 ____A C:\Users\LucasLAP\Downloads\apploc.msi
2012-05-29 07:57 - 2012-06-15 13:21 - 00000000 ____D C:\Users\LucasLAP\Documents\Camera
2012-05-29 07:54 - 2012-05-29 07:54 - 04104894 ____A C:\Users\LucasLAP\Downloads\magiclantern-2011Dec22.550D.60D.600D.50D.500D.zip
2012-05-29 07:53 - 2012-05-29 07:53 - 13208991 ____A C:\Users\LucasLAP\Downloads\eos60d-v110-win.zip
2012-05-29 04:48 - 2012-05-29 04:48 - 00955848 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-05-29 04:48 - 2012-05-29 04:48 - 00839112 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-05-29 04:48 - 2012-05-29 04:48 - 00268744 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-05-29 04:48 - 2012-05-29 04:48 - 00189384 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-05-29 04:48 - 2012-05-29 04:48 - 00188872 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-05-29 04:48 - 2012-05-29 04:48 - 00000000 ____D C:\Program Files\Java
2012-05-29 04:08 - 2012-05-29 04:09 - 21865936 ____A (Oracle Corporation) C:\Users\LucasLAP\Downloads\jre-7u4-windows-x64 (1).exe
2012-05-28 18:40 - 2012-05-28 18:41 - 01741416 ____A C:\Users\LucasLAP\Downloads\tvm-sphnt.7z
2012-05-28 18:19 - 2012-05-28 18:19 - 01665069 ____A C:\Users\LucasLAP\Downloads\pm-shntr.7z
2012-05-28 09:50 - 2012-05-28 09:54 - 00000132 ____A C:\Users\LucasLAP\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-05-28 05:24 - 2012-05-28 05:25 - 08386590 ____A C:\Users\LucasLAP\Downloads\Soartex Fanver.zip
2012-05-27 15:44 - 2012-05-27 15:44 - 10250885 ____A C:\Users\LucasLAP\Downloads\MCEdit-0.1.1.win32.zip
2012-05-27 15:44 - 2012-05-27 15:44 - 01779847 ____A C:\Users\LucasLAP\Downloads\mcedit-mcedit-0.1.1-1-g41ea379.zip
2012-05-27 10:50 - 2012-05-27 10:50 - 00002027 ____A C:\Users\LucasLAP\Desktop\Adobe Photoshop Lightroom 4 64-bit.lnk
2012-05-27 10:48 - 2012-05-27 10:48 - 00832415 ____A C:\Users\LucasLAP\Downloads\slrlounge-lr4-preset-system-v1.1.zip
2012-05-24 18:49 - 2012-05-24 18:49 - 01572397 ____A C:\Users\LucasLAP\Downloads\mcpatcher-2.3.6_03.exe
2012-05-23 06:06 - 2012-06-15 14:15 - 00000000 ____D C:\Users\LucasLAP\Downloads\Tom Clancy's Ghost Recon - Future Soldier-SKIDROW
2012-05-22 19:28 - 2012-05-22 19:28 - 00000000 ____D C:\Users\LucasLAP\Documents\The Legend of Korra Episode 07
2012-05-22 19:18 - 2012-05-22 19:26 - 203055612 ____A C:\Users\LucasLAP\Downloads\284723987.rar
2012-05-22 15:37 - 2012-06-15 17:37 - 00000000 ____D C:\Users\LucasLAP\Downloads\Adobe.Photoshop.Lightroom.v4.0.Multilingual.Incl.Keymaker-CORE
2012-05-21 19:31 - 2012-05-21 19:33 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend of Korra S01E06 - And The Winner Is [360p]
2012-05-21 19:26 - 2012-05-22 16:04 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend of Korra - S01E05 - The Spirit of Competition [Full HD 720p]
2012-05-21 18:58 - 2012-05-21 19:10 - 199173025 ____A C:\Users\LucasLAP\Downloads\Legend.Of.Korra.HDTV.Episode.3.Korra.Page.HDPVR.Rip.mp4
2012-05-21 18:46 - 2012-05-21 19:35 - 00000000 ____D C:\Users\LucasLAP\Downloads\Legend of Korra - S01E04 - The Voice in the Night
2012-05-20 03:24 - 2012-05-20 03:24 - 00000000 ____D C:\Users\LucasLAP\Documents\bukkit update
2012-05-20 02:48 - 2012-05-20 02:48 - 00078093 ____A C:\Users\LucasLAP\Documents\slrlounge preset receipt.pdf
2012-05-19 03:36 - 2012-05-19 04:04 - 00000000 ____D C:\Users\LucasLAP\Downloads\Chronicle.2012.DVDRip.XviD-SPARKS
2012-05-19 03:34 - 2012-06-15 07:21 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\.minecraft
2012-05-19 03:33 - 2012-05-19 03:33 - 00016011 ____A C:\Users\LucasLAP\Downloads\minecraft_nude_pack.zip
2012-05-19 03:30 - 2012-05-19 03:30 - 00278561 ____A C:\Users\LucasLAP\Downloads\Minecraft (1).exe
2012-05-19 03:26 - 2012-05-19 03:26 - 02956302 ____A C:\Users\LucasLAP\Downloads\KSW_R2D2_Papercraft.pdf

============ 3 Months Modified Files and Folders =============

2012-06-17 05:57 - 2012-06-16 13:40 - 00000000 ____D C:\FRST
2012-06-17 01:54 - 2012-02-13 18:26 - 00000000 ____D C:\Program Files (x86)\RK Launcher
2012-06-17 01:54 - 2011-12-27 18:24 - 01949767 ____A C:\Windows\WindowsUpdate.log
2012-06-17 01:04 - 2012-02-11 12:53 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1201714936-502168034-2203405274-1000UA.job
2012-06-16 20:11 - 2009-07-13 20:45 - 00024656 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-16 20:11 - 2009-07-13 20:45 - 00024656 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-16 20:04 - 2012-02-14 15:13 - 00000000 ___RD C:\Users\LucasLAP\Dropbox
2012-06-16 20:04 - 2012-02-14 08:31 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Dropbox
2012-06-16 20:03 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-16 20:03 - 2009-07-13 20:51 - 00077258 ____A C:\Windows\setupact.log
2012-06-16 19:27 - 2012-06-16 19:27 - 00000986 ____A C:\Users\LucasLAP\Downloads\fixlist (1).txt
2012-06-16 19:26 - 2012-06-16 19:26 - 00000523 ____A C:\Users\LucasLAP\Downloads\fixlist.txt
2012-06-16 18:04 - 2012-02-11 12:53 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1201714936-502168034-2203405274-1000Core.job
2012-06-16 17:50 - 2012-06-16 17:12 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-06-16 17:13 - 2012-06-16 17:12 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-16 12:01 - 2012-02-19 08:35 - 00000000 ____D C:\Program Files (x86)\Steam
2012-06-16 11:04 - 2012-02-11 12:44 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Adobe
2012-06-16 11:02 - 2012-02-13 17:07 - 00000000 ____D C:\Users\LucasLAP\Downloads\ADOBE.CS5.5.M.C.K.UPDATE.WIN.OSX
2012-06-16 11:02 - 2012-02-11 15:03 - 00000000 ____D C:\Users\LucasLAP\Downloads\__W7SBC
2012-06-16 10:42 - 2012-06-16 10:42 - 00000596 ____A C:\Users\LucasLAP\Downloads\Search.txt
2012-06-16 09:53 - 2012-02-14 15:45 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Skype
2012-06-16 08:05 - 2009-07-13 21:13 - 00782270 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-16 07:45 - 2012-06-16 07:45 - 00127602 ____A C:\Users\LucasLAP\Desktop\kaspersky_rootkit_log.txt
2012-06-16 07:45 - 2012-06-16 07:42 - 00255288 ____A C:\TDSSKiller.2.7.40.0_16.06.2012_11.42.16_log.txt
2012-06-16 07:41 - 2012-06-16 07:41 - 02109032 ____A C:\Users\LucasLAP\Downloads\tdsskiller.zip
2012-06-16 07:41 - 2012-06-16 05:54 - 00000000 ____D C:\Users\LucasLAP\Desktop\Virus Help Stuff
2012-06-16 07:39 - 2012-06-16 07:38 - 00000000 ____D C:\Users\LucasLAP\Desktop\Underground Survival
2012-06-16 00:18 - 2010-11-20 19:47 - 00037514 ____A C:\Windows\PFRO.log
2012-06-15 17:41 - 2012-06-15 17:41 - 00000000 ____D C:\Program Files (x86)\HiJackThis
2012-06-15 17:40 - 2012-06-15 17:39 - 16409960 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\spybotsd162.exe
2012-06-15 17:40 - 2012-06-15 17:39 - 07966432 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\runalyz-1.6.1.24.exe
2012-06-15 17:39 - 2012-06-15 17:39 - 04333832 ____A (Safer Networking Limited ) C:\Users\LucasLAP\Downloads\filealyz-2.0.5.57.exe
2012-06-15 17:39 - 2012-06-15 17:39 - 01752632 ____A (Safer-Networking Ltd. ) C:\Users\LucasLAP\Downloads\regalyz-1.6.2.16.exe
2012-06-15 17:38 - 2012-06-15 17:38 - 01402880 ____A C:\Users\LucasLAP\Downloads\HijackThis.msi
2012-06-15 17:37 - 2012-05-22 15:37 - 00000000 ____D C:\Users\LucasLAP\Downloads\Adobe.Photoshop.Lightroom.v4.0.Multilingual.Incl.Keymaker-CORE
2012-06-15 17:14 - 2012-06-15 17:14 - 04731392 ____A (AVAST Software) C:\Users\LucasLAP\Downloads\aswMBR.exe
2012-06-15 17:12 - 2012-06-15 17:12 - 00044607 ____A C:\Users\LucasLAP\Downloads\bootkit_remover.zip
2012-06-15 14:20 - 2012-06-15 14:20 - 00302592 ____A C:\Users\LucasLAP\Downloads\enlccdcs.exe
2012-06-15 14:15 - 2012-06-14 18:18 - 00000000 ____D C:\Users\LucasLAP\Downloads\Sherlock Holmes in the 22nd Century
2012-06-15 14:15 - 2012-05-23 06:06 - 00000000 ____D C:\Users\LucasLAP\Downloads\Tom Clancy's Ghost Recon - Future Soldier-SKIDROW
2012-06-15 13:21 - 2012-05-29 07:57 - 00000000 ____D C:\Users\LucasLAP\Documents\Camera
2012-06-15 13:18 - 2012-06-15 13:18 - 00302592 ____A C:\Users\LucasLAP\Downloads\3n3tpxu8.exe
2012-06-15 13:13 - 2012-06-15 13:13 - 00302592 ____A C:\Users\LucasLAP\Downloads\vog1wqt8.exe
2012-06-15 13:06 - 2012-06-15 13:06 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\Malwarebytes
2012-06-15 13:06 - 2012-06-15 13:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-15 13:05 - 2012-06-15 13:05 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-15 13:03 - 2012-06-15 13:03 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\LucasLAP\Downloads\mbam-setup-1.61.0.1400.exe
2012-06-15 12:59 - 2012-06-15 12:59 - 00595968 ____A (OldTimer Tools) C:\Users\LucasLAP\Downloads\OTL.exe
2012-06-15 12:36 - 2012-06-15 12:36 - 12621696 ____A (Microsoft Corporation) C:\Users\LucasLAP\Downloads\mseinstall.exe
2012-06-15 12:22 - 2012-03-07 11:35 - 00026844 ____A C:\Windows\AutoKMS.log
2012-06-15 12:21 - 2012-02-13 16:25 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\uTorrent
2012-06-15 07:21 - 2012-05-19 03:34 - 00000000 ____D C:\Users\LucasLAP\AppData\Roaming\.minecraft
2012-06-15 06:59 - 2012-06-15 06:59 - 00220264 ____A C:\Users\LucasLAP\Desktop\Tina Gale regarding virgin account.pdf
2012-06-15 06:47 - 2012-06-11 06:23 - 00000000 ____D C:\Users\LucasLAP\Desktop\Elemental Rangers
2012-06-15 06:42 - 2012-06-15 06:42 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-15 06:35 - 2012-06-15 06:33 - 00006516 ____A C:\Users\LucasLAP\Documents\GALog.txt
2012-06-15 06:28 - 2012-04-28 19:05 - 00223232 __ASH C:\Users\LucasLAP\Downloads\Thumbs.db
2012-06-15 06:17 - 2012-06-15 06:17 - 00017039 ____A C:\Users\LucasLAP\Downloads\[isoHunt] Splice.v1.0.cracked-THETA.torrent
2012-06-15 03:45 - 2012-06-15 03:45 - 00364373 ____A C:\Users\LucasLAP\Downloads\PDF_519280934_6_2012-06-08_0000000000.pdf
2012-06-15 03:40 - 2012-06-15 03:40 - 00002466 ____A C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
2012-06-15 03:39 - 2012-06-15 03:39 - 00000000 ____D C:\Program Files (x86)\Perfect World Entertainment
2012-06-15 03:39 - 2011-11-02 14:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-06-15 03:38 - 2012-06-15 03:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2012-06-15 03:37 - 2012-06-15 03:37 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-06-15 03:37 - 2012-06-15 03:37 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-06-15 03:37 - 2012-06-15 03:37 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-06-15 03:36 - 2011-11-02 15:03 - 00270171 ____A C:\Windows\DirectX.log
2012-06-15 03:34 - 2012-06-15 03:27 - 00000000 ____D C:\Users\LucasLAP\Desktop\BLR
2012-06-15 02:52 - 2012-06-14 19:19 - 00000000 ____D C:\Users\LucasLAP\Downloads\Battleship (2012) DVDRip XviD-AMIABLE
2012-06-14 18:42 - 2012-06-14 18:42 - 00015126 ____A C:\Users\LucasLAP\Downloads\[isoHunt] 2331664.torrent