1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

FBI Computer Lockout Ransomware

Discussion in 'Malware Removal Help' started by Senkai, Jan 17, 2013.

Thread Status:
Not open for further replies.
  1. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    Last night I contracted the ransomware listed in the title on my home computer, here are the steps I have tried so far to eliminate the problem.

    1. Attempted to load normally after a restart to run Malwarebyes/AVG, my desktop icons did not appear until 30 minutes after signing in, I could not get either program to open.
    2. I attempted to boot in safe mode, the computer freezes on the black "loading files" screen immediately after loading my AVG files.
    3. I attempted to do an automatic system repair with and without the OS disk, it was unable to fix the problem.
    4. I tried to use four different restore points, each one failed due to a corrupted file.

    I do not have any log files and doubt if I could get any with the way the computer is currently operating.

    Aside from a complete reformat which I REALLY do not want to do, as I was not smart enough to back up my files, is there anything anyone can think of that I could do to remove the Ransomware?
     
  2. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    does anyone perhaps know of a program I can burn onto a disk with another computer to help eliminate the threat so that I can fix corrupted system files with the OS disk?
     
  3. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    I also forgot to mention that I am running Windows 7 Home Premium.
     
  4. BeeCeeBee

    BeeCeeBee ADMINISTRATOR IN MEMORY

    Joined:
    Apr 20, 2009
    Messages:
    7,201
    Location:
    New Jersey "Stronger than the Storm"
    Operating System:
    Windows 7
  5. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    Thank you BeeCeeBee
     
  6. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    Hey BeeCeeBee, I see that in another post you said that "Our malware experts have been alerted and are just waiting for you to follow the directions in the link I gave you. If you have any problem with the process just post them here."

    Is this the same case with my situation? I am unable to run or download anything after logging in, the computer becomes much too slow to run, download, or even open anything as soon as I sign in.
     
  7. DSTM (Dougie)

    DSTM (Dougie) Registered Members

    Joined:
    May 3, 2009
    Messages:
    8,270
    Location:
    SYDNEY AUSTRALIA
    Operating System:
    Windows 7
    Hi Senkai. There are no problems. Our Malware Experts live in different Time Zones.
    Ask you to be patient.
    You will have to get into Safe Mode with Networking, Tapping F8 on boot normally.
    This one is a nasty.
     
  8. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Senkai

    Running Malwarebytes in Safe mode will usually do the trick.
    If that doesn't work we can sort out the problem using another program.
    Do you know if your OS is 32bit or 64bit?
    You will need to use another computer to download this program

    Please download Farbar Recovery Scan Tool and save it to a flash drive.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.


    On the System Recovery Options menu you will get the following options:

      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst64 (or :\frst if using the 32bit version ) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

    Thanks
     
  9. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    Hello Starbuck, as I am unable to boot in safe mode (the files stop loading immediately after the AVG files) I will give your download solution a try, I just obtained the use of a friend's laptop for this purpose!
     
  10. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    I have downloaded and tried to run the FRST64 utility as I am running on a 64 bit windows 7, mid scan I got this error message.
    "The file or directory C:\System Volume
    Information\SystemRestor\FRStaging\Windows\winsxs is corrupt and unreadable.
    Please run the Chkdsk utility."

    I will attempt to run that now, just wanted to keep you guys posted.
     
  11. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    After running the chkdsk utility I was able to get the log file you wanted. Here it is.

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2013
    Ran by SYSTEM at 19-01-2013 04:37:06
    Running from F:\
    Windows 7 Home Premium (X64) OS Language: English(US)
    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11057768 2010-07-06] (Realtek Semiconductor)
    HKLM\...\Run: [AtherosBtStack] C:\Program Files (x86)\ASUS Bluetooth Suite\BtvStack.exe [388608 2009-10-27] ()
    HKLM\...\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [825184 2009-09-30] (Microsoft Corporation)
    HKLM\...\Run: [IntelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" [1464944 2012-11-02] (Microsoft Corporation)
    HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2076272 2012-11-02] (Microsoft Corporation)
    HKLM\...\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
    HKLM-x32\...\Run: [Six Engine] "C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b [5309056 2010-06-14] (
    ASUSTeK Computer Inc.)
    HKLM-x32\...\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [411864 2010-03-05] (DeviceVM, Inc.)
    HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-04-27] (Renesas Electronics Corporation)
    HKLM-x32\...\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [248320 2011-02-19] ()
    HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-11-11] (Logitech Inc.)
    HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [997320 2012-11-08] ()
    HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [821144 2010-10-25] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 [x]
    HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 [x]
    HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 [1020512 2012-10-15] ()
    HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
    HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-09-28] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [emsisoft anti-malware] "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60 [3364264 2012-10-17] (Emsisoft GmbH)
    HKU\Administrator\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2736128 2010-08-16] (Hewlett-Packard Company)
    HKU\Administrator\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2010-11-25] (AMD)
    HKU\Administrator\...\Policies\system: [LogonHoursAction] 2
    HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\Shelby\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2736128 2010-08-16] (Hewlett-Packard Company)
    HKU\Shelby\...\Run: [Google Update] "C:\Users\Shelby\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-06-01] (Google Inc.)
    HKU\Shelby\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2010-11-25] (AMD)
    HKU\Shelby\...\Policies\system: [LogonHoursAction] 2
    HKU\Shelby\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\Travis\...\Run: [Google Update] "C:\Users\Travis\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-05-06] (Google Inc.)
    HKU\Travis\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
    HKU\Travis\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2010-11-25] (AMD)
    HKU\Travis\...\Policies\system: [LogonHoursAction] 2
    HKU\Travis\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{AA8259F7-221E-4354-B6FA-AABD8E77EEB9}: [NameServer]216.66.108.26,216.66.108.34
    Startup: C:\Users\Travis\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

    ==================== Services (Whitelisted) ===================

    2 a2AntiMalware; "C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe" [3084688 2012-12-12] (Emsisoft GmbH)
    2 AsusSE; C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe [36864 2012-04-09] (Realtek)
    2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [5814904 2012-11-15] (AVG Technologies CZ, s.r.o.)
    2 avgwd; "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
    2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [223088 2011-04-26] ()
    2 vToolbarUpdater13.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [711112 2012-10-15] ()

    ==================== Drivers (Whitelisted) =====================

    3 a2acc; \??\C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
    1 A2DDA; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [23208 2011-05-19] (Emsi Software GmbH)
    1 AsIO; C:\Windows\SysWow64\Drivers\AsIO.sys [13440 2009-08-03] ()
    1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [154464 2012-10-22] (AVG Technologies CZ, s.r.o. )
    0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
    1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [185696 2012-10-01] (AVG Technologies CZ, s.r.o.)
    0 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [225120 2012-09-20] (AVG Technologies CZ, s.r.o.)
    0 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [111968 2012-11-15] (AVG Technologies CZ, s.r.o.)
    0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [40800 2012-09-13] (AVG Technologies CZ, s.r.o.)
    1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [200032 2012-09-20] (AVG Technologies CZ, s.r.o.)
    1 avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-10-15] (AVG Technologies)
    3 ChatpadKeyboard; C:\Windows\System32\DRIVERS\chatpad_keyboard.sys [7680 2012-02-26] ()
    3 ChatpadKeyboardKMDF; C:\Windows\System32\DRIVERS\chatpad_keyboard_kmdf.sys [16896 2012-02-26] ()
    3 ChatpadMouse; C:\Windows\System32\DRIVERS\chatpad_mouse.sys [7680 2012-02-26] ()
    3 ChatpadMouseKMDF; C:\Windows\System32\DRIVERS\chatpad_mouse_kmdf.sys [16896 2012-02-26] ()
    1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-04-06] (DT Soft Ltd)
    3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()
    3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
    3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
    3 pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [24176 2010-11-06] ()
    3 ALSysIO; \??\C:\Users\Travis\AppData\Local\Temp\ALSysIO64.sys [x]
    3 ChatpadFilter; C:\Windows\System32\DRIVERS\chatpad_filter.sys [x]
    3 motccgp; C:\Windows\System32\DRIVERS\motccgp.sys [x]
    3 motccgpfl; C:\Windows\System32\DRIVERS\motccgpfl.sys [x]
    3 MotoSwitchService; C:\Windows\System32\DRIVERS\motswch.sys [x]
    3 motusbdevice; C:\Windows\System32\DRIVERS\motusbdevice.sys [x]

    ==================== NetSvcs (Whitelisted) ====================


    ==================== One Month Created Files and Folders ========

    2013-01-19 04:12 - 2013-01-19 04:12 - 00000000 ____D C:\FRST
    2013-01-18 13:43 - 2013-01-18 13:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TeamViewer
    2013-01-18 06:12 - 2013-01-18 06:13 - 00001091 ____A C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
    2013-01-18 06:09 - 2013-01-19 00:13 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
    2013-01-18 06:09 - 2013-01-18 06:09 - 00000000 ____D C:\Users\Administrator\Documents\Anti-Malware
    2013-01-18 05:56 - 2013-01-18 06:00 - 00003238 ____A C:\Users\Administrator\Desktop\Rkill.txt
    2013-01-18 05:56 - 2013-01-18 05:56 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Administrator\Downloads\iExplore.exe
    2013-01-18 05:56 - 2013-01-18 05:56 - 00000000 ____D C:\Users\Administrator\Desktop\rkill
    2013-01-18 04:40 - 2013-01-18 04:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
    2013-01-18 04:40 - 2013-01-18 04:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Logitech® Webcam Software
    2013-01-18 04:38 - 2013-01-18 04:38 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVG2013
    2013-01-18 04:35 - 2013-01-18 04:35 - 00000000 ____D C:\Users\Administrator\AppData\Local\Avg2013
    2013-01-18 00:52 - 2013-01-18 00:53 - 05154304 ____A C:\Users\Travis\Downloads\WindowsDefender.msi
    2013-01-15 21:40 - 2013-01-15 22:10 - 00000000 ____D C:\Users\Travis\Desktop\Feenix
    2013-01-15 21:39 - 2013-01-15 21:39 - 00000084 ____A C:\Users\Travis\Desktop\realmlist.wtf
    2013-01-15 21:39 - 2013-01-15 21:39 - 00000000 ____D C:\Users\Travis\Desktop\cache
    2013-01-15 02:42 - 2013-01-15 02:42 - 00000017 ____A C:\Users\Travis\Documents\wownames.txt
    2013-01-14 20:44 - 2013-01-14 20:44 - 00000000 ____D C:\Users\Travis\AppData\Local\{D76D0814-1C65-42A1-9348-57C7AC41DDD2}
    2013-01-14 13:15 - 2013-01-17 08:18 - 00000000 ____D C:\Users\Travis\AppData\Local\Logitech® Webcam Software
    2013-01-14 13:09 - 2013-01-14 13:09 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2013-01-14 13:09 - 2013-01-14 13:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-01-14 13:09 - 2013-01-14 13:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-01-14 13:09 - 2013-01-14 13:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-01-14 13:09 - 2013-01-14 13:09 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2013-01-14 13:09 - 2013-01-14 13:09 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2013-01-14 13:09 - 2013-01-14 13:09 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2013-01-14 13:08 - 2013-01-14 13:08 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
    2013-01-14 13:08 - 2013-01-14 13:08 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-01-14 13:08 - 2013-01-14 13:08 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
    2013-01-14 13:08 - 2013-01-14 13:08 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
    2013-01-14 13:08 - 2013-01-14 13:08 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
    2013-01-14 13:08 - 2013-01-14 13:08 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
    2013-01-14 13:08 - 2013-01-14 13:08 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-01-14 13:08 - 2013-01-14 13:08 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
    2013-01-14 13:08 - 2013-01-14 13:08 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
    2013-01-14 13:05 - 2013-01-14 13:05 - 00004434 ____A C:\Windows\SysWOW64\jupdate-1.7.0_11-b21.log
    2013-01-14 13:05 - 2013-01-12 00:30 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-01-14 13:05 - 2013-01-12 00:26 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-01-14 13:05 - 2013-01-12 00:24 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-01-14 12:39 - 2013-01-14 12:39 - 00000000 ____D C:\Windows\CheckSur
    2013-01-14 12:38 - 2013-01-14 12:38 - 384994140 ____A C:\Users\Travis\Downloads\Windows6.1-KB947821-v25-x64 Check Sur.msu
    2013-01-14 12:17 - 2013-01-17 08:18 - 00000000 ____D C:\Users\Travis\AppData\Local\LogMeIn Rescue Applet
    2013-01-14 12:04 - 2013-01-14 12:04 - 00079686 ____A C:\Users\Travis\Downloads\windowsupdate (1).diagcab
    2013-01-14 00:26 - 2013-01-14 12:04 - 00001138 ____A C:\Users\Travis\Desktop\Windows Update Troubleshooting Info.lnk
    2013-01-14 00:26 - 2013-01-14 00:46 - 00000000 ____D C:\Windows\softwaredistribution.bak1
    2013-01-14 00:25 - 2013-01-14 00:25 - 00079686 ____A C:\Users\Travis\Downloads\windowsupdate.diagcab
    2013-01-10 23:13 - 2013-01-10 23:36 - 3674295390 ____A C:\Program Files (x86)\EA Games.zip
    2013-01-10 23:02 - 2013-01-10 23:02 - 00000114 ____A C:\Users\Travis\Desktop\Speedtest.url
    2013-01-09 11:28 - 2012-12-07 05:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
    2013-01-09 11:28 - 2012-12-07 05:15 - 02746368 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
    2013-01-09 11:28 - 2012-12-07 04:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
    2013-01-09 11:28 - 2012-12-07 04:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
    2013-01-09 11:28 - 2012-12-07 03:20 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
    2013-01-09 11:28 - 2012-12-07 03:20 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
    2013-01-09 11:28 - 2012-12-07 03:20 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
    2013-01-09 11:28 - 2012-12-07 03:20 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
    2013-01-09 11:28 - 2012-12-07 03:20 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
    2013-01-09 11:28 - 2012-12-07 03:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
    2013-01-09 11:28 - 2012-12-07 03:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
    2013-01-09 11:28 - 2012-12-07 03:19 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
    2013-01-09 11:28 - 2012-12-07 03:19 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
    2013-01-09 11:28 - 2012-12-07 03:19 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
    2013-01-09 11:28 - 2012-12-07 03:19 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
    2013-01-09 11:28 - 2012-12-07 03:19 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
    2013-01-09 11:28 - 2012-12-07 03:19 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
    2013-01-09 11:28 - 2012-12-07 03:19 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
    2013-01-09 11:28 - 2012-12-07 02:46 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
    2013-01-09 11:28 - 2012-11-29 21:45 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
    2013-01-09 11:28 - 2012-11-29 21:45 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
    2013-01-09 11:28 - 2012-11-29 21:45 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
    2013-01-09 11:28 - 2012-11-29 21:45 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
    2013-01-09 11:28 - 2012-11-29 21:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
    2013-01-09 11:28 - 2012-11-29 21:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
    2013-01-09 11:28 - 2012-11-29 21:41 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:54 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2013-01-09 11:28 - 2012-11-29 20:53 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2013-01-09 11:28 - 2012-11-29 20:53 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 19:23 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
    2013-01-09 11:28 - 2012-11-29 18:44 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2013-01-09 11:28 - 2012-11-29 18:44 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2013-01-09 11:28 - 2012-11-29 18:44 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2013-01-09 11:28 - 2012-11-29 18:44 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2013-01-09 11:28 - 2012-11-29 18:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 18:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 18:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 18:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2013-01-09 11:28 - 2012-11-29 15:17 - 00420064 ____A C:\Windows\SysWOW64\locale.nls
    2013-01-09 11:28 - 2012-11-29 15:15 - 00420064 ____A C:\Windows\System32\locale.nls
    2013-01-09 11:27 - 2012-11-22 19:13 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
    2013-01-09 11:27 - 2012-11-21 21:44 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
    2013-01-09 11:27 - 2012-11-21 20:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
    2013-01-09 09:40 - 2013-01-09 09:40 - 00002099 ____A C:\Users\Public\Desktop\ASUS PCE-N15 WLAN Control Center.lnk
    2013-01-09 09:40 - 2013-01-09 09:40 - 00000000 ____D C:\Program Files (x86)\Cisco
    2013-01-09 09:39 - 2012-04-09 12:21 - 00614400 ____A (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\Rtlihvs.dll
    2013-01-09 09:39 - 2012-04-09 12:21 - 00451072 ____A C:\Windows\SysWOW64\ISSRemoveSP.exe
    2013-01-09 09:39 - 2012-04-09 12:21 - 00380928 ____A (Realtek) C:\Windows\RtlUI2.exe
    2013-01-09 09:39 - 2012-04-09 12:21 - 00188416 ____A (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\RTLExtUI.dll
    2013-01-09 09:39 - 2012-04-09 12:21 - 00000901 ____A C:\Windows\RtlUI2.exe.manifest
    2013-01-09 09:39 - 2012-04-09 02:39 - 00876136 ___RA (Realtek Semiconductor Corporation ) C:\Windows\System32\Drivers\rtl8192ce.sys
    2013-01-08 22:51 - 2013-01-15 21:38 - 00000007 ____A C:\Users\Travis\Downloads\version.txt
    2013-01-08 22:51 - 2013-01-08 22:51 - 00000000 ___AH C:\Users\Travis\Downloads\app.dll
    2013-01-08 22:50 - 2013-01-08 22:51 - 00361472 ____A (wow-one.com) C:\Users\Travis\Downloads\Feenix Launcher.exe
    2013-01-08 22:49 - 2013-01-08 22:49 - 00020301 ____A C:\Users\Travis\Downloads\Feenix_2.4.3_client.rar.torrent
    2013-01-07 08:07 - 2013-01-07 08:07 - 00000000 ____D C:\Users\Travis\AppData\Local\{7BF3BBE3-5319-48DE-9A73-D96B2F89763B}
    2013-01-06 00:09 - 2013-01-06 00:09 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
    2013-01-05 23:51 - 2012-11-08 21:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
    2013-01-05 23:51 - 2012-11-08 20:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2013-01-05 08:53 - 2013-01-05 08:54 - 00000000 ____D C:\Users\Travis\AppData\Local\{77EC1439-4569-43C1-9E1B-A5284E34C1F4}
    2012-12-23 21:03 - 2013-01-04 08:58 - 00002852 ____A C:\Users\Travis\Documents\wowhotkeynet.ahk
    2012-12-23 21:02 - 2013-01-04 08:59 - 00002852 ____A C:\Users\Travis\Documents\wowhotkeynet.txt
    2012-12-23 05:54 - 2012-12-23 05:54 - 00000000 ____D C:\Users\Travis\AppData\Local\{148E8F97-0885-4D1A-A77B-6F58354E53A3}

    ==================== One Month Modified Files and Folders =======

    2013-01-19 04:12 - 2013-01-19 04:12 - 00000000 ____D C:\FRST
    2013-01-19 00:28 - 2011-05-06 23:53 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-519677760-3826263868-1505942561-1000UA.job
    2013-01-19 00:22 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-01-19 00:22 - 2009-07-13 20:51 - 00137528 ____A C:\Windows\setupact.log
    2013-01-19 00:19 - 2011-05-08 22:41 - 00074320 ____A C:\Windows\PFRO.log
    2013-01-19 00:13 - 2013-01-18 06:09 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
    2013-01-19 00:13 - 2011-05-06 21:00 - 01547009 ____A C:\Windows\WindowsUpdate.log
    2013-01-18 23:49 - 2012-11-12 22:32 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-01-18 23:43 - 2012-06-01 18:54 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-519677760-3826263868-1505942561-1017UA.job
    2013-01-18 15:29 - 2011-05-06 23:39 - 00000000 ____D C:\Users\All Users\MFAData
    2013-01-18 14:28 - 2011-05-06 23:53 - 00000860 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-519677760-3826263868-1505942561-1000Core.job
    2013-01-18 13:43 - 2013-01-18 13:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TeamViewer
    2013-01-18 12:43 - 2012-06-01 18:54 - 00000860 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-519677760-3826263868-1505942561-1017Core.job
    2013-01-18 12:01 - 2012-11-14 07:25 - 00000298 ____A C:\Windows\Tasks\Registry Optimizer_DEFAULT.job
    2013-01-18 06:13 - 2013-01-18 06:12 - 00001091 ____A C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
    2013-01-18 06:09 - 2013-01-18 06:09 - 00000000 ____D C:\Users\Administrator\Documents\Anti-Malware
    2013-01-18 06:00 - 2013-01-18 05:56 - 00003238 ____A C:\Users\Administrator\Desktop\Rkill.txt
    2013-01-18 05:56 - 2013-01-18 05:56 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Administrator\Downloads\iExplore.exe
    2013-01-18 05:56 - 2013-01-18 05:56 - 00000000 ____D C:\Users\Administrator\Desktop\rkill
    2013-01-18 04:48 - 2012-06-21 23:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\AVG Secure Search
    2013-01-18 04:43 - 2012-06-21 23:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
    2013-01-18 04:40 - 2013-01-18 04:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
    2013-01-18 04:40 - 2013-01-18 04:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Logitech® Webcam Software
    2013-01-18 04:40 - 2009-07-13 20:45 - 00015344 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-01-18 04:40 - 2009-07-13 20:45 - 00015344 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-01-18 04:38 - 2013-01-18 04:38 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVG2013
    2013-01-18 04:35 - 2013-01-18 04:35 - 00000000 ____D C:\Users\Administrator\AppData\Local\Avg2013
    2013-01-18 04:30 - 2012-06-21 23:12 - 00000632 _RASH C:\Users\Administrator\ntuser.pol
    2013-01-18 04:30 - 2012-06-21 23:12 - 00000000 ___RD C:\Users\Administrator\Podcasts
    2013-01-18 04:30 - 2012-06-21 23:12 - 00000000 ____D C:\users\Administrator
    2013-01-18 04:15 - 2011-05-06 23:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-01-18 01:09 - 2011-05-12 20:05 - 00000000 ____D C:\Users\Travis\AppData\Roaming\Formula
    2013-01-18 00:53 - 2013-01-18 00:52 - 05154304 ____A C:\Users\Travis\Downloads\WindowsDefender.msi
    2013-01-18 00:36 - 2012-02-15 07:08 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-17 23:32 - 2011-05-06 21:00 - 00000000 ____D C:\users\Travis
    2013-01-17 08:20 - 2012-11-14 07:12 - 00000000 ____D C:\Users\Travis\AppData\Roaming\Azureus
    2013-01-17 08:20 - 2012-07-28 13:37 - 00000000 ____D C:\Program Files (x86)\Steam
    2013-01-17 08:20 - 2012-04-22 17:31 - 00000000 ____D C:\users\Shelby
    2013-01-17 08:20 - 2011-05-30 22:43 - 00000000 ____D C:\Users\Travis\AppData\Roaming\Razer
    2013-01-17 08:20 - 2011-05-07 03:54 - 00000000 ____D C:\Users\Travis\AppData\Roaming\Ventrilo
    2013-01-17 08:20 - 2011-05-06 21:19 - 00000000 ____D C:\Users\All Users\DeviceVm
    2013-01-17 08:20 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\Media
    2013-01-17 08:20 - 2009-07-13 19:20 - 00000000 ___AD C:\Program Files\Common Files\Microsoft Shared
    2013-01-17 08:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
    2013-01-17 08:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2013-01-17 08:18 - 2013-01-14 13:15 - 00000000 ____D C:\Users\Travis\AppData\Local\Logitech® Webcam Software
    2013-01-17 08:18 - 2013-01-14 12:17 - 00000000 ____D C:\Users\Travis\AppData\Local\LogMeIn Rescue Applet
    2013-01-17 08:18 - 2011-05-07 03:57 - 00000000 ____D C:\Users\Travis\AppData\Roaming\Skype
    2013-01-17 07:02 - 2009-07-13 23:44 - 00000000 ___RD C:\Users\Public\Recorded TV
    2013-01-17 02:04 - 2011-05-07 01:49 - 00007598 ____A C:\Users\Travis\AppData\Local\Resmon.ResmonCfg
    2013-01-16 23:50 - 2012-02-15 07:33 - 00000000 ____D C:\Users\Travis\AppData\Local\Skyrim
    2013-01-16 02:01 - 2012-10-04 22:38 - 00001358 ____A C:\Users\Travis\Desktop\MrFi****Settings.xml
    2013-01-15 22:10 - 2013-01-15 21:40 - 00000000 ____D C:\Users\Travis\Desktop\Feenix
    2013-01-15 21:39 - 2013-01-15 21:39 - 00000084 ____A C:\Users\Travis\Desktop\realmlist.wtf
    2013-01-15 21:39 - 2013-01-15 21:39 - 00000000 ____D C:\Users\Travis\Desktop\cache
    2013-01-15 21:38 - 2013-01-08 22:51 - 00000007 ____A C:\Users\Travis\Downloads\version.txt
    2013-01-15 02:42 - 2013-01-15 02:42 - 00000017 ____A C:\Users\Travis\Documents\wownames.txt
    2013-01-14 20:44 - 2013-01-14 20:44 - 00000000 ____D C:\Users\Travis\AppData\Local\{D76D0814-1C65-42A1-9348-57C7AC41DDD2}
    2013-01-14 13:13 - 2011-10-04 16:28 - 00000000 ____D C:\Users\Travis\AppData\Local\CrashDumps
    2013-01-14 13:09 - 2013-01-14 13:09 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2013-01-14 13:09 - 2013-01-14 13:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-01-14 13:09 - 2013-01-14 13:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-01-14 13:09 - 2013-01-14 13:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-01-14 13:09 - 2013-01-14 13:09 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2013-01-14 13:09 - 2013-01-14 13:09 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2013-01-14 13:09 - 2013-01-14 13:09 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2013-01-14 13:09 - 2013-01-14 13:09 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2013-01-14 13:09 - 2013-01-14 13:09 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2013-01-14 13:09 - 2011-05-07 10:20 - 00005459 ____A C:\Windows\IE9_main.log
    2013-01-14 13:08 - 2013-01-14 13:08 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
    2013-01-14 13:08 - 2013-01-14 13:08 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-01-14 13:08 - 2013-01-14 13:08 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
    2013-01-14 13:08 - 2013-01-14 13:08 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
    2013-01-14 13:08 - 2013-01-14 13:08 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
    2013-01-14 13:08 - 2013-01-14 13:08 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
    2013-01-14 13:08 - 2013-01-14 13:08 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-01-14 13:08 - 2013-01-14 13:08 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
    2013-01-14 13:08 - 2013-01-14 13:08 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
    2013-01-14 13:08 - 2013-01-14 13:08 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
    2013-01-14 13:05 - 2013-01-14 13:05 - 00004434 ____A C:\Windows\SysWOW64\jupdate-1.7.0_11-b21.log
    2013-01-14 13:05 - 2011-08-02 21:23 - 00000000 ____D C:\Program Files (x86)\Java
    2013-01-14 13:04 - 2011-09-08 23:54 - 00009077 ____A C:\Windows\LDPINST.LOG
    2013-01-14 13:04 - 2011-09-08 23:53 - 00015253 ____A C:\Windows\System32\lvcoinst.log
    2013-01-14 13:04 - 2011-09-08 23:53 - 00000000 ____D C:\Program Files\Common Files\logishrd
    2013-01-14 13:02 - 2011-09-08 23:53 - 00001624 ____A C:\Users\Public\Desktop\Logitech Webcam Software .lnk
    2013-01-14 12:57 - 2011-09-08 23:54 - 00000000 ____D C:\Windows\SysWOW64\logishrd
    2013-01-14 12:57 - 2011-09-08 23:54 - 00000000 ____D C:\Windows\System32\logishrd
    2013-01-14 12:39 - 2013-01-14 12:39 - 00000000 ____D C:\Windows\CheckSur
    2013-01-14 12:38 - 2013-01-14 12:38 - 384994140 ____A C:\Users\Travis\Downloads\Windows6.1-KB947821-v25-x64 Check Sur.msu
    2013-01-14 12:04 - 2013-01-14 12:04 - 00079686 ____A C:\Users\Travis\Downloads\windowsupdate (1).diagcab
    2013-01-14 12:04 - 2013-01-14 00:26 - 00001138 ____A C:\Users\Travis\Desktop\Windows Update Troubleshooting Info.lnk
    2013-01-14 00:55 - 2009-07-13 20:45 - 05000416 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-01-14 00:46 - 2013-01-14 00:26 - 00000000 ____D C:\Windows\softwaredistribution.bak1
    2013-01-14 00:25 - 2013-01-14 00:25 - 00079686 ____A C:\Users\Travis\Downloads\windowsupdate.diagcab
    2013-01-13 03:14 - 2012-02-02 01:38 - 00000099 ____A C:\Users\Public\LMDebug.log
    2013-01-13 03:09 - 2012-11-11 18:11 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent
    2013-01-13 03:09 - 2012-02-02 01:24 - 00000000 ____D C:\Users\All Users\Samsung
    2013-01-12 00:30 - 2013-01-14 13:05 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-01-12 00:26 - 2013-01-14 13:05 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-01-12 00:24 - 2013-01-14 13:05 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-01-10 23:50 - 2011-06-20 02:22 - 00120832 ____A C:\Users\Travis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2013-01-10 23:36 - 2013-01-10 23:13 - 3674295390 ____A C:\Program Files (x86)\EA Games.zip
    2013-01-10 23:12 - 2011-05-06 21:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2013-01-10 23:09 - 2011-11-29 01:26 - 00000000 ____D C:\Program Files\Verizon V CAST Media Manager
    2013-01-10 23:08 - 2011-11-29 01:28 - 00000000 ____D C:\Users\Travis\AppData\Local\V CAST Media Manager
    2013-01-10 23:07 - 2012-03-18 14:07 - 00000000 ____D C:\Program Files (x86)\Invisible Secrets 2.1
    2013-01-10 23:05 - 2011-05-06 23:45 - 00000000 ____D C:\Program Files (x86)\AVG
    2013-01-10 23:02 - 2013-01-10 23:02 - 00000114 ____A C:\Users\Travis\Desktop\Speedtest.url
    2013-01-10 09:49 - 2012-11-12 22:32 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-01-10 09:49 - 2011-07-09 00:40 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-01-10 09:31 - 2012-10-15 22:13 - 00000965 ____A C:\Users\Public\Desktop\AVG 2013.lnk
    2013-01-10 09:29 - 2009-07-13 21:13 - 00797578 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-01-10 09:23 - 2009-07-13 21:08 - 00032552 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2013-01-09 12:08 - 2011-05-07 06:51 - 00000000 ____D C:\Users\Travis\AppData\Local\Deployment
    2013-01-09 11:42 - 2012-06-02 08:07 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2013-01-09 11:41 - 2011-05-09 09:56 - 00791302 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
    2013-01-09 11:34 - 2011-05-07 07:46 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-01-09 09:40 - 2013-01-09 09:40 - 00002099 ____A C:\Users\Public\Desktop\ASUS PCE-N15 WLAN Control Center.lnk
    2013-01-09 09:40 - 2013-01-09 09:40 - 00000000 ____D C:\Program Files (x86)\Cisco
    2013-01-09 09:40 - 2009-07-13 18:34 - 00000670 ____A C:\Windows\win.ini
    2013-01-09 09:39 - 2011-05-06 21:18 - 00000000 ____D C:\Program Files (x86)\ASUS
    2013-01-09 07:24 - 2012-11-14 07:24 - 00000306 ____A C:\Windows\Tasks\Registry Optimizer_UPDATES.job
    2013-01-09 00:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
    2013-01-08 22:51 - 2013-01-08 22:51 - 00000000 ___AH C:\Users\Travis\Downloads\app.dll
    2013-01-08 22:51 - 2013-01-08 22:50 - 00361472 ____A (wow-one.com) C:\Users\Travis\Downloads\Feenix Launcher.exe
    2013-01-08 22:49 - 2013-01-08 22:49 - 00020301 ____A C:\Users\Travis\Downloads\Feenix_2.4.3_client.rar.torrent
    2013-01-07 08:07 - 2013-01-07 08:07 - 00000000 ____D C:\Users\Travis\AppData\Local\{7BF3BBE3-5319-48DE-9A73-D96B2F89763B}
    2013-01-06 12:10 - 2012-05-14 11:31 - 00000000 ____D C:\Program Files (x86)\Diablo III
    2013-01-06 00:09 - 2013-01-06 00:09 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
    2013-01-06 00:09 - 2011-05-08 11:11 - 00000000 ____D C:\Program Files\Microsoft IntelliType Pro
    2013-01-05 23:30 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
    2013-01-05 08:54 - 2013-01-05 08:53 - 00000000 ____D C:\Users\Travis\AppData\Local\{77EC1439-4569-43C1-9E1B-A5284E34C1F4}
    2013-01-04 09:01 - 2012-11-14 23:11 - 00002852 ____A C:\Users\Travis\Desktop\wowhotkeynet.txt
    2013-01-04 08:59 - 2012-12-23 21:02 - 00002852 ____A C:\Users\Travis\Documents\wowhotkeynet.txt
    2013-01-04 08:58 - 2012-12-23 21:03 - 00002852 ____A C:\Users\Travis\Documents\wowhotkeynet.ahk
    2012-12-30 15:23 - 2011-11-29 01:19 - 00000000 ____D C:\Users\Travis\AppData\Roaming\vlc
    2012-12-23 05:54 - 2012-12-23 05:54 - 00000000 ____D C:\Users\Travis\AppData\Local\{148E8F97-0885-4D1A-A77B-6F58354E53A3}

    ZeroAccess:
    C:\$Recycle.Bin\S-1-5-18\$bb5b43abd72b42bc5b16d255c16c6a77

    ZeroAccess:
    C:\$Recycle.Bin\S-1-5-21-519677760-3826263868-1505942561-1000\$bb5b43abd72b42bc5b16d255c16c6a77

    ZeroAccess:
    C:\$Recycle.Bin\S-1-5-18\$bb5b43abd72b42bc5b16d255c16c6a77

    ==================== Known DLLs (Whitelisted) =================


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2013-01-14 12:39:14
    Restore point made on: 2013-01-14 12:51:55
    Restore point made on: 2013-01-14 13:05:04
    Restore point made on: 2013-01-14 13:07:08
    Restore point made on: 2013-01-14 13:20:49

    ==================== Memory info ===========================

    Percentage of memory in use: 10%
    Total physical RAM: 8191.18 MB
    Available physical RAM: 7341.57 MB
    Total Pagefile: 8189.32 MB
    Available Pagefile: 7337.13 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.91 MB

    ==================== Partitions =============================

    1 Drive c: () (Fixed) (Total:596.07 GB) (Free:147.25 GB) NTFS
    2 Drive e: (GRMCHPXFREO_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
    3 Drive f: (CORSAIR) (Removable) (Total:15.11 GB) (Free:15.11 GB) FAT32
    4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 596 GB 0 B
    Disk 1 Online 15 GB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 100 MB 1024 KB
    Partition 2 Primary 596 GB 101 MB

    ==================================================================================

    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y System Rese NTFS Partition 100 MB Healthy

    =========================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 596 GB Healthy

    =========================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 15 GB 1024 KB

    ==================================================================================

    Disk: 1
    Partition 1
    Type : 0C
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 F CORSAIR FAT32 Removable 15 GB Healthy

    =========================================================

    Last Boot: 2013-01-14 11:27

    ==================== End Of Log =============================
     
  12. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Senkai,

    I'm getting more confused now.
    You posted on the 18th saying you picked up the infection the day before (the 17th )
    How did you manage to install these on the 18th then?
    These are programs you don't install unless you have a problem.
    Has the FBI infection been removed now?
    The FRST report isn't showing the normal FBI items.
    Can you boot into normal mode ok?
    Although the FRST report isn't showing the FBI items, it is showing something a lot more serious.

    I see you have installed Emsisoft Anti-Malware, is this a full paid for version of a trial version?
    If it's the full paid for version, you won't need AVG.
    Please download the enclosed attachment - to the USB drive. ( it can be found at the bottom of this post)

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    You should now have both fixlist.txt and FRST64.exe on your flash drive.

    Now please enter System Recovery Options as you did before.

    Run FRST64 and press the Fix button just once and wait.

    The tool will make a log on the flashdrive (Fixlog.txt) please post it with your next reply.

    Also let me know if the system boots into normal mode ok.
    Thanks
     

    Attached Files:

  13. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    No, normal mode does not boot OK, but I was able to get it to load, it just took nearly two hours to get signed in, it took even longer to download RKILL and the antivirus program. The Emisoft scan took over 24 hours to run and found only one object, which seemed unrelated. I will try the fix, what is the something that is "a lot more serious?"

    The emisoft is only there temporarily to try and remove what avg and malwarebytes couldnt find. It did not help unfortunately.
     
  14. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    I have just run the fix here are the results.

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2013
    Ran by SYSTEM at 2013-01-19 15:29:51 Run:1
    Running from F:\

    ==============================================

    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default value was restored successfully .
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}] should be deleted in normal mode (if present).
    C:\$Recycle.Bin\S-1-5-18\$bb5b43abd72b42bc5b16d255c16c6a77 moved successfully.
    C:\$Recycle.Bin\S-1-5-21-519677760-3826263868-1505942561-1000\$bb5b43abd72b42bc5b16d255c16c6a77 moved successfully.

    ==== End of Fixlog ====

    I apologize for the confusion, I have been trying to work on this myself with google searches.

    I have just tried to load my OS normally and it is unfortunately not improved. I have relatively high end hardware and my OS would boot and sign in within 35 seconds normally, it has been 8 minutes and I have still not gotten signed in at this point.

    When you say this is something much worse, it is not a worm is it? I do have my radio turned off on my desktop so it cant infect the network, but wanted to make sure this isnt going to infect the network through my flash drive.
     
  15. DSTM (Dougie)

    DSTM (Dougie) Registered Members

    Joined:
    May 3, 2009
    Messages:
    8,270
    Location:
    SYDNEY AUSTRALIA
    Operating System:
    Windows 7
    Hi Senkai.
    Please don't do any Google searches or changes to your computer while the Malware Experts are helping you with this issue.
    It will only cause extra issues and take longer for them to fix your Computer.
     
  16. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    Alright, i will not do any more searches, do you know what the above poster meant by "something a lot more serious"?
     
  17. DSTM (Dougie)

    DSTM (Dougie) Registered Members

    Joined:
    May 3, 2009
    Messages:
    8,270
    Location:
    SYDNEY AUSTRALIA
    Operating System:
    Windows 7
    Wait for Starbuck as he is the Malware Expert.
    Because of different Time Zones just ask you to be patient.
     
  18. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess

    Basically it has the function to steal any data/passwords etc from your system.
    Sometimes the best course of action is a reformat/reinstall.... especially if you do any online banking or online credit card buying.
    You should also change any passwords on your system..... but do that from another system, just in case.

    As you can eventually get windows to load in normal mode.... this rules out the FBI infection.

    I'd recommend uninstalling it then.

    Let's see if this throws up any rootkit on the system.

    Download TDSSKiller and save it to your Desktop.
    • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

      [​IMG]
    • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

      [​IMG]
    • Click the Start Scan button.

      [​IMG]
    • If a suspicious object is detected, the default action will be Skip, click on Continue.

      [​IMG]
    • If malicious objects are found, they will show in the Scan results and offer three (3) options.
    • Ensure SKIP is selected, then click Continue => Reboot now to finish the cleaning process.

      [​IMG]
    • Note: Do not choose Delete unless instructed.
    A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
     
  19. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    11:27:41.0712 4752 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
    11:27:42.0042 4752 ============================================================
    11:27:42.0042 4752 Current date / time: 2013/01/20 11:27:42.0042
    11:27:42.0042 4752 SystemInfo:
    11:27:42.0042 4752
    11:27:42.0042 4752 OS Version: 6.1.7601 ServicePack: 1.0
    11:27:42.0042 4752 Product type: Workstation
    11:27:42.0042 4752 ComputerName: TRAVIS-PC
    11:27:42.0042 4752 UserName: Travis
    11:27:42.0042 4752 Windows directory: C:\Windows
    11:27:42.0042 4752 System windows directory: C:\Windows
    11:27:42.0042 4752 Running under WOW64
    11:27:42.0042 4752 Processor architecture: Intel x64
    11:27:42.0042 4752 Number of processors: 6
    11:27:42.0042 4752 Page size: 0x1000
    11:27:42.0042 4752 Boot type: Normal boot
    11:27:42.0042 4752 ============================================================
    11:27:49.0742 4752 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    11:27:49.0742 4752 Drive \Device\Harddisk1\DR1 - Size: 0x3C8000000 (15.13 Gb), SectorSize: 0x200, Cylinders: 0x7B6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    11:27:49.0752 4752 ============================================================
    11:27:49.0752 4752 \Device\Harddisk0\DR0:
    11:27:49.0752 4752 MBR partitions:
    11:27:49.0752 4752 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    11:27:49.0752 4752 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A825000
    11:27:49.0752 4752 \Device\Harddisk1\DR1:
    11:27:49.0752 4752 MBR partitions:
    11:27:49.0752 4752 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x1E3F800
    11:27:49.0752 4752 ============================================================
    11:27:49.0762 4752 C: <-> \Device\Harddisk0\DR0\Partition2
    11:27:49.0762 4752 ============================================================
    11:27:49.0762 4752 Initialize success
    11:27:49.0762 4752 ============================================================
    11:29:00.0172 4784 ============================================================
    11:29:00.0172 4784 Scan started
    11:29:00.0172 4784 Mode: Manual; SigCheck; TDLFS;
    11:29:00.0172 4784 ============================================================
    11:29:02.0242 4784 ================ Scan system memory ========================
    11:29:02.0242 4784 System memory - ok
    11:29:02.0242 4784 ================ Scan services =============================
    11:29:02.0412 4784 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    11:29:02.0492 4784 1394ohci - ok
    11:29:02.0512 4784 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    11:29:02.0522 4784 ACPI - ok
    11:29:02.0542 4784 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    11:29:02.0562 4784 AcpiPmi - ok
    11:29:02.0682 4784 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    11:29:02.0722 4784 AdobeFlashPlayerUpdateSvc - ok
    11:29:02.0752 4784 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    11:29:02.0772 4784 adp94xx - ok
    11:29:02.0782 4784 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    11:29:02.0792 4784 adpahci - ok
    11:29:02.0802 4784 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    11:29:02.0812 4784 adpu320 - ok
    11:29:02.0822 4784 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    11:29:17.0472 4784 AeLookupSvc - ok
    11:29:17.0532 4784 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    11:29:17.0582 4784 AFD - ok
    11:29:17.0592 4784 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    11:29:17.0612 4784 agp440 - ok
    11:29:17.0612 4784 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    11:29:17.0642 4784 ALG - ok
    11:29:17.0652 4784 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    11:29:17.0662 4784 aliide - ok
    11:29:17.0762 4784 ALSysIO - ok
    11:29:17.0782 4784 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    11:29:17.0842 4784 AMD External Events Utility - ok
    11:29:17.0882 4784 AMD FUEL Service - ok
    11:29:17.0892 4784 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    11:29:17.0912 4784 amdide - ok
    11:29:17.0922 4784 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
    11:29:18.0092 4784 amdiox64 - ok
    11:29:18.0102 4784 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    11:29:18.0112 4784 AmdK8 - ok
    11:29:18.0362 4784 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    11:29:18.0662 4784 amdkmdag - ok
    11:29:18.0682 4784 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
    11:29:18.0702 4784 amdkmdap - ok
    11:29:18.0712 4784 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    11:29:18.0722 4784 AmdPPM - ok
    11:29:18.0732 4784 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    11:29:18.0742 4784 amdsata - ok
    11:29:18.0752 4784 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    11:29:18.0762 4784 amdsbs - ok
    11:29:18.0772 4784 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    11:29:18.0782 4784 amdxata - ok
    11:29:18.0792 4784 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
    11:29:18.0812 4784 AODDriver4.01 - ok
    11:29:18.0812 4784 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
    11:29:18.0822 4784 AODDriver4.2 - ok
    11:29:18.0842 4784 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    11:29:26.0442 4784 AppID - ok
    11:29:26.0452 4784 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    11:29:26.0472 4784 AppIDSvc - ok
    11:29:26.0502 4784 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
    11:29:26.0562 4784 Appinfo - ok
    11:29:26.0582 4784 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
    11:29:26.0592 4784 arc - ok
    11:29:26.0602 4784 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    11:29:26.0612 4784 arcsas - ok
    11:29:26.0702 4784 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
    11:29:26.0722 4784 AsIO - ok
    11:29:26.0792 4784 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    11:29:26.0802 4784 aspnet_state - ok
    11:29:26.0902 4784 [ EA569D48B2E755AF6D96F03F3335D98A ] AsusSE C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe
    11:29:26.0922 4784 AsusSE ( UnsignedFile.Multi.Generic ) - warning
    11:29:26.0922 4784 AsusSE - detected UnsignedFile.Multi.Generic (1)
    11:29:26.0942 4784 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    11:29:27.0002 4784 AsyncMac - ok
    11:29:27.0012 4784 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    11:29:27.0022 4784 atapi - ok
    11:29:27.0052 4784 [ C647C19B70B4717106F6B59E80D6F38F ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
    11:29:27.0082 4784 AthBTPort - ok
    11:29:27.0122 4784 [ 17D367AE1AD05852303A8BDFAB5D028B ] AthDfu C:\Windows\system32\Drivers\AthDfu.sys
    11:29:27.0132 4784 AthDfu - ok
    11:29:27.0162 4784 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
    11:29:27.0172 4784 AtiHDAudioService - ok
    11:29:27.0182 4784 [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
    11:29:27.0202 4784 AtiPcie - ok
    11:29:27.0242 4784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    11:29:27.0302 4784 AudioEndpointBuilder - ok
    11:29:27.0332 4784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    11:29:27.0352 4784 AudioSrv - ok
    11:29:27.0512 4784 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
    11:29:27.0622 4784 AVGIDSAgent - ok
    11:29:27.0652 4784 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
    11:29:27.0672 4784 AVGIDSDriver - ok
    11:29:27.0702 4784 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
    11:29:27.0712 4784 AVGIDSHA - ok
    11:29:27.0742 4784 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
    11:29:27.0752 4784 Avgldx64 - ok
    11:29:27.0772 4784 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
    11:29:27.0782 4784 Avgloga - ok
    11:29:27.0812 4784 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
    11:29:27.0842 4784 Avgmfx64 - ok
    11:29:27.0862 4784 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
    11:29:29.0672 4784 Avgrkx64 - ok
    11:29:33.0352 4784 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
    11:29:35.0212 4784 Avgtdia - ok
    11:29:38.0862 4784 [ A3B21D3CD9185734698AB4C5D7D8F182 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
    11:29:40.0672 4784 avgtp - ok
    11:29:42.0512 4784 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
    11:29:42.0532 4784 avgwd - ok
    11:29:42.0572 4784 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    11:29:42.0612 4784 AxInstSV - ok
    11:29:42.0702 4784 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    11:29:42.0752 4784 b06bdrv - ok
    11:29:42.0872 4784 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    11:29:42.0912 4784 b57nd60a - ok
    11:29:42.0942 4784 [ 328E794278CC30CA7C06E346A18B1ABC ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
    11:29:42.0962 4784 BCUService - ok
    11:29:42.0972 4784 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    11:29:43.0022 4784 BDESVC - ok
    11:29:43.0022 4784 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    11:29:43.0082 4784 Beep - ok
    11:29:43.0132 4784 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    11:29:43.0162 4784 BFE - ok
    11:29:43.0192 4784 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
    11:29:43.0242 4784 BITS - ok
    11:29:43.0252 4784 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    11:29:43.0272 4784 blbdrive - ok
    11:29:43.0302 4784 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    11:29:43.0312 4784 bowser - ok
    11:29:43.0332 4784 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    11:29:43.0372 4784 BrFiltLo - ok
    11:29:43.0382 4784 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    11:29:43.0392 4784 BrFiltUp - ok
    11:29:43.0422 4784 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    11:29:43.0432 4784 Browser - ok
    11:29:43.0442 4784 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    11:29:43.0482 4784 Brserid - ok
    11:29:43.0492 4784 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    11:29:43.0512 4784 BrSerWdm - ok
    11:29:43.0522 4784 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    11:29:43.0542 4784 BrUsbMdm - ok
    11:29:43.0542 4784 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    11:29:43.0552 4784 BrUsbSer - ok
    11:29:43.0582 4784 [ F5B0C8426147F8455A58470753355A86 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
    11:29:43.0632 4784 BTATH_A2DP - ok
    11:29:43.0652 4784 [ 613A1FD0DB78F8DF45FC0091868F1032 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
    11:29:43.0672 4784 BTATH_BUS - ok
    11:29:43.0692 4784 [ 30C1769F1DBF567A2F31492E819CBDC2 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
    11:29:43.0712 4784 BTATH_HCRP - ok
    11:29:43.0722 4784 [ 6B476536C991F953DED4B92CC505B3A8 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
    11:29:43.0742 4784 BTATH_RCP - ok
    11:29:43.0752 4784 [ E808A9B7DBD8DB51D6A02BEBA677AE88 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
    11:29:43.0762 4784 BtFilter - ok
    11:29:43.0802 4784 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
    11:29:43.0812 4784 BthEnum - ok
    11:29:43.0832 4784 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    11:29:43.0882 4784 BTHMODEM - ok
    11:29:49.0312 4784 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
    11:29:52.0962 4784 BthPan - ok
    11:29:58.0442 4784 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
    11:29:58.0462 4784 BTHPORT - ok
    11:29:58.0502 4784 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    11:29:58.0542 4784 bthserv - ok
    11:29:58.0582 4784 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
    11:29:58.0602 4784 BTHUSB - ok
    11:29:58.0632 4784 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    11:29:58.0702 4784 cdfs - ok
    11:29:58.0742 4784 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    11:29:58.0772 4784 cdrom - ok
    11:29:58.0802 4784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    11:29:58.0852 4784 CertPropSvc - ok
    11:29:58.0852 4784 ChatpadFilter - ok
    11:29:58.0882 4784 [ 2150916024A84333A65D8965FBC4EC55 ] ChatpadKeyboard C:\Windows\system32\DRIVERS\chatpad_keyboard.sys
    11:29:58.0892 4784 ChatpadKeyboard ( UnsignedFile.Multi.Generic ) - warning
    11:29:58.0892 4784 ChatpadKeyboard - detected UnsignedFile.Multi.Generic (1)
    11:29:58.0922 4784 [ 87B09D1E221039CE85DB2761E528BED9 ] ChatpadKeyboardKMDF C:\Windows\system32\DRIVERS\chatpad_keyboard_kmdf.sys
    11:29:58.0942 4784 ChatpadKeyboardKMDF ( UnsignedFile.Multi.Generic ) - warning
    11:29:58.0942 4784 ChatpadKeyboardKMDF - detected UnsignedFile.Multi.Generic (1)
    11:29:58.0962 4784 [ DA131F9701A062B7B29EC8858F134420 ] ChatpadMouse C:\Windows\system32\DRIVERS\chatpad_mouse.sys
    11:29:59.0002 4784 ChatpadMouse ( UnsignedFile.Multi.Generic ) - warning
    11:29:59.0002 4784 ChatpadMouse - detected UnsignedFile.Multi.Generic (1)
    11:29:59.0022 4784 [ 079401C5CDDBA200E4F1C95ED63265E5 ] ChatpadMouseKMDF C:\Windows\system32\DRIVERS\chatpad_mouse_kmdf.sys
    11:29:59.0042 4784 ChatpadMouseKMDF ( UnsignedFile.Multi.Generic ) - warning
    11:29:59.0042 4784 ChatpadMouseKMDF - detected UnsignedFile.Multi.Generic (1)
    11:29:59.0072 4784 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    11:29:59.0092 4784 circlass - ok
    11:29:59.0112 4784 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    11:29:59.0122 4784 CLFS - ok
    11:29:59.0152 4784 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    11:29:59.0152 4784 clr_optimization_v2.0.50727_32 - ok
    11:29:59.0202 4784 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    11:29:59.0222 4784 clr_optimization_v2.0.50727_64 - ok
    11:29:59.0272 4784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    11:29:59.0312 4784 clr_optimization_v4.0.30319_32 - ok
    11:29:59.0342 4784 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    11:29:59.0362 4784 clr_optimization_v4.0.30319_64 - ok
    11:29:59.0372 4784 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    11:29:59.0382 4784 CmBatt - ok
    11:29:59.0422 4784 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    11:29:59.0432 4784 cmdide - ok
    11:29:59.0472 4784 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
    11:29:59.0502 4784 CNG - ok
    11:29:59.0522 4784 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    11:29:59.0532 4784 Compbatt - ok
    11:29:59.0562 4784 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    11:29:59.0572 4784 CompositeBus - ok
    11:29:59.0572 4784 COMSysApp - ok
    11:29:59.0582 4784 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    11:29:59.0592 4784 crcdisk - ok
    11:29:59.0612 4784 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
    11:29:59.0662 4784 CryptSvc - ok
    11:29:59.0692 4784 [ 003626F7CA17C204F16CD5047AF0703A ] danewFltr C:\Windows\system32\drivers\danew.sys
    11:29:59.0702 4784 danewFltr - ok
    11:29:59.0742 4784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    11:29:59.0802 4784 DcomLaunch - ok
    11:29:59.0832 4784 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    11:29:59.0862 4784 defragsvc - ok
    11:30:05.0302 4784 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    11:30:07.0172 4784 DfsC - ok
    11:30:14.0412 4784 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    11:30:14.0492 4784 Dhcp - ok
    11:30:14.0512 4784 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    11:30:14.0552 4784 discache - ok
    11:30:14.0602 4784 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
    11:30:14.0622 4784 Disk - ok
    11:30:14.0702 4784 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    11:30:14.0762 4784 Dnscache - ok
    11:30:14.0832 4784 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    11:30:14.0872 4784 dot3svc - ok
    11:30:14.0922 4784 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    11:30:14.0972 4784 DPS - ok
    11:30:14.0992 4784 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    11:30:15.0002 4784 drmkaud - ok
    11:30:15.0022 4784 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
    11:30:15.0032 4784 dtsoftbus01 - ok
    11:30:15.0072 4784 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    11:30:15.0092 4784 DXGKrnl - ok
    11:30:15.0112 4784 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    11:30:15.0142 4784 EapHost - ok
    11:30:15.0212 4784 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    11:30:15.0302 4784 ebdrv - ok
    11:30:15.0332 4784 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    11:30:15.0352 4784 EFS - ok
    11:30:15.0402 4784 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    11:30:15.0472 4784 ehRecvr - ok
    11:30:15.0492 4784 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    11:30:15.0522 4784 ehSched - ok
    11:30:15.0552 4784 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    11:30:15.0572 4784 elxstor - ok
    11:30:15.0602 4784 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    11:30:15.0612 4784 ErrDev - ok
    11:30:15.0632 4784 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    11:30:15.0662 4784 EventSystem - ok
    11:30:15.0672 4784 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    11:30:15.0692 4784 exfat - ok
    11:30:15.0712 4784 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    11:30:15.0732 4784 fastfat - ok
    11:30:15.0772 4784 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    11:30:15.0822 4784 Fax - ok
    11:30:15.0842 4784 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    11:30:15.0872 4784 fdc - ok
    11:30:21.0352 4784 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    11:30:25.0152 4784 fdPHost - ok
    11:30:28.0882 4784 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    11:30:30.0812 4784 FDResPub - ok
    11:30:30.0852 4784 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    11:30:30.0882 4784 FileInfo - ok
    11:30:30.0922 4784 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    11:30:31.0022 4784 Filetrace - ok
    11:30:31.0062 4784 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    11:30:31.0132 4784 flpydisk - ok
    11:30:31.0202 4784 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    11:30:31.0222 4784 FltMgr - ok
    11:30:31.0252 4784 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
    11:30:31.0292 4784 FontCache - ok
    11:30:31.0342 4784 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    11:30:31.0352 4784 FontCache3.0.0.0 - ok
    11:30:31.0362 4784 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    11:30:31.0382 4784 FsDepends - ok
    11:30:31.0412 4784 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    11:30:31.0432 4784 Fs_Rec - ok
    11:30:31.0462 4784 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    11:30:31.0482 4784 fvevol - ok
    11:30:31.0492 4784 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    11:30:31.0512 4784 gagp30kx - ok
    11:30:31.0562 4784 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    11:30:31.0612 4784 gpsvc - ok
    11:30:31.0622 4784 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    11:30:31.0682 4784 hcw85cir - ok
    11:30:31.0732 4784 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    11:30:31.0752 4784 HdAudAddService - ok
    11:30:31.0772 4784 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    11:30:31.0782 4784 HDAudBus - ok
    11:30:31.0782 4784 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    11:30:31.0792 4784 HidBatt - ok
    11:30:31.0792 4784 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    11:30:31.0822 4784 HidBth - ok
    11:30:31.0832 4784 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    11:30:31.0852 4784 HidIr - ok
    11:30:35.0542 4784 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    11:30:39.0292 4784 hidserv - ok
    11:30:44.0932 4784 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    11:30:44.0952 4784 HidUsb - ok
    11:30:46.0832 4784 [ 5350AEF38CA2D8885F47D4455E7EF4EE ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    11:30:46.0952 4784 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
    11:30:46.0952 4784 HiPatchService - detected UnsignedFile.Multi.Generic (1)
    11:30:47.0022 4784 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    11:30:47.0162 4784 hkmsvc - ok
    11:30:47.0192 4784 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    11:30:47.0212 4784 HomeGroupListener - ok
    11:30:47.0222 4784 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    11:30:47.0242 4784 HomeGroupProvider - ok
    11:30:47.0262 4784 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    11:30:47.0272 4784 HpSAMD - ok
    11:30:47.0312 4784 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    11:30:47.0382 4784 HTTP - ok
    11:30:47.0412 4784 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    11:30:47.0422 4784 hwpolicy - ok
    11:30:47.0442 4784 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    11:30:47.0452 4784 i8042prt - ok
    11:30:47.0472 4784 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    11:30:47.0482 4784 iaStorV - ok
    11:30:47.0532 4784 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    11:30:47.0572 4784 idsvc - ok
    11:30:47.0592 4784 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    11:30:47.0602 4784 iirsp - ok
    11:30:47.0622 4784 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    11:30:47.0652 4784 IKEEXT - ok
    11:30:47.0742 4784 [ F5872A11EB4F6DB170D636CD4E53CA9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    11:30:47.0812 4784 IntcAzAudAddService - ok
    11:30:47.0822 4784 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    11:30:47.0832 4784 intelide - ok
    11:30:47.0842 4784 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    11:30:47.0862 4784 intelppm - ok
    11:30:51.0492 4784 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    11:30:59.0102 4784 IPBusEnum - ok
    11:31:02.0742 4784 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    11:31:02.0822 4784 IpFilterDriver - ok
    11:31:03.0002 4784 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    11:31:03.0112 4784 IPMIDRV - ok
    11:31:03.0212 4784 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    11:31:03.0272 4784 IPNAT - ok
    11:31:03.0282 4784 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    11:31:03.0362 4784 IRENUM - ok
    11:31:03.0362 4784 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    11:31:03.0372 4784 isapnp - ok
    11:31:03.0382 4784 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    11:31:03.0402 4784 iScsiPrt - ok
    11:31:03.0412 4784 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    11:31:03.0422 4784 kbdclass - ok
    11:31:03.0432 4784 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    11:31:03.0442 4784 kbdhid - ok
    11:31:03.0452 4784 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    11:31:03.0462 4784 KeyIso - ok
    11:31:03.0482 4784 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    11:31:03.0482 4784 KSecDD - ok
    11:31:03.0492 4784 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    11:31:03.0502 4784 KSecPkg - ok
    11:31:03.0522 4784 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    11:31:03.0582 4784 ksthunk - ok
    11:31:03.0622 4784 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    11:31:03.0662 4784 KtmRm - ok
    11:31:03.0722 4784 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    11:31:03.0772 4784 LanmanServer - ok
    11:31:03.0802 4784 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    11:31:03.0822 4784 LanmanWorkstation - ok
    11:31:11.0192 4784 [ FCBDCC6F1801E32244235608E1277752 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    11:31:16.0822 4784 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
    11:31:16.0822 4784 LightScribeService - detected UnsignedFile.Multi.Generic (1)
    11:31:18.0642 4784 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    11:31:18.0682 4784 lltdio - ok
    11:31:18.0722 4784 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    11:31:18.0772 4784 lltdsvc - ok
    11:31:18.0782 4784 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    11:31:18.0802 4784 lmhosts - ok
    11:31:18.0992 4784 [ 14B0B207DEDFAB58B157B5A66CABB937 ] LMIRescue_c60ade16-e05c-46ff-915d-53f8a77f5d82 C:\Users\Travis\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe
    11:31:19.0062 4784 LMIRescue_c60ade16-e05c-46ff-915d-53f8a77f5d82 - ok
    11:31:19.0072 4784 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    11:31:19.0082 4784 LSI_FC - ok
    11:31:19.0092 4784 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    11:31:19.0092 4784 LSI_SAS - ok
    11:31:19.0112 4784 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    11:31:19.0112 4784 LSI_SAS2 - ok
    11:31:19.0132 4784 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    11:31:19.0142 4784 LSI_SCSI - ok
    11:31:19.0152 4784 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    11:31:19.0172 4784 luafv - ok
    11:31:19.0202 4784 [ A014E25D95F7091000B60FF8A1C2E988 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
    11:31:19.0212 4784 lvpopf64 - ok
    11:31:19.0222 4784 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
    11:31:19.0232 4784 LVPr2M64 - ok
    11:31:19.0232 4784 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
    11:31:19.0242 4784 LVPr2Mon - ok
    11:31:19.0252 4784 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
    11:31:19.0262 4784 LVRS64 - ok
    11:31:19.0372 4784 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
    11:31:19.0462 4784 LVUVC64 - ok
    11:31:19.0502 4784 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    11:31:19.0552 4784 Mcx2Svc - ok
    11:31:19.0572 4784 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    11:31:19.0582 4784 megasas - ok
    11:31:19.0592 4784 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    11:31:19.0622 4784 MegaSR - ok
    11:31:19.0672 4784 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
    11:31:19.0702 4784 Microsoft Office Groove Audit Service - ok
    11:31:19.0722 4784 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    11:31:19.0742 4784 MMCSS - ok
    11:31:19.0752 4784 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    11:31:19.0782 4784 Modem - ok
    11:31:19.0802 4784 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    11:31:19.0812 4784 monitor - ok
    11:31:19.0822 4784 motccgp - ok
    11:31:19.0822 4784 motccgpfl - ok
    11:31:27.0072 4784 [ 3BBC6C2402242401F791548AAEBF3D39 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    11:31:28.0942 4784 MotoHelper - ok
    11:31:28.0942 4784 MotoSwitchService - ok
    11:31:28.0952 4784 motusbdevice - ok
    11:31:32.0582 4784 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    11:31:34.0412 4784 mouclass - ok
    11:31:34.0552 4784 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    11:31:34.0572 4784 mouhid - ok
    11:31:34.0772 4784 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    11:31:34.0792 4784 mountmgr - ok
    11:31:34.0842 4784 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    11:31:34.0862 4784 mpio - ok
    11:31:34.0912 4784 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    11:31:34.0952 4784 mpsdrv - ok
    11:31:34.0982 4784 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    11:31:35.0012 4784 MRxDAV - ok
    11:31:35.0042 4784 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    11:31:35.0062 4784 mrxsmb - ok
    11:31:35.0092 4784 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    11:31:35.0132 4784 mrxsmb10 - ok
    11:31:35.0152 4784 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    11:31:35.0162 4784 mrxsmb20 - ok
    11:31:35.0202 4784 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    11:31:35.0212 4784 msahci - ok
    11:31:35.0252 4784 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    11:31:35.0262 4784 msdsm - ok
    11:31:35.0282 4784 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    11:31:35.0302 4784 MSDTC - ok
    11:31:35.0322 4784 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    11:31:35.0352 4784 Msfs - ok
    11:31:35.0352 4784 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    11:31:35.0382 4784 mshidkmdf - ok
    11:31:35.0382 4784 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    11:31:35.0392 4784 msisadrv - ok
    11:31:35.0412 4784 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    11:31:35.0472 4784 MSiSCSI - ok
    11:31:35.0482 4784 msiserver - ok
    11:31:35.0502 4784 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    11:31:35.0522 4784 MSKSSRV - ok
    11:31:35.0532 4784 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    11:31:35.0572 4784 MSPCLOCK - ok
    11:31:35.0572 4784 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    11:31:35.0592 4784 MSPQM - ok
    11:31:35.0622 4784 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    11:31:35.0632 4784 MsRPC - ok
    11:31:35.0672 4784 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    11:31:35.0692 4784 mssmbios - ok
    11:31:35.0712 4784 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    11:31:35.0732 4784 MSTEE - ok
    11:31:35.0742 4784 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    11:31:35.0752 4784 MTConfig - ok
    11:31:35.0762 4784 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
    11:31:35.0772 4784 MTsensor - ok
    11:31:35.0782 4784 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    11:31:35.0792 4784 Mup - ok
    11:31:35.0832 4784 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    11:31:37.0702 4784 napagent - ok
    11:31:44.0922 4784 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    11:31:50.0422 4784 NativeWifiP - ok
    11:31:50.0562 4784 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    11:31:50.0652 4784 NDIS - ok
    11:31:50.0672 4784 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    11:31:50.0702 4784 NdisCap - ok
    11:31:50.0722 4784 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    11:31:50.0742 4784 NdisTapi - ok
    11:31:50.0772 4784 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    11:31:50.0792 4784 Ndisuio - ok
    11:31:50.0832 4784 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    11:31:50.0862 4784 NdisWan - ok
    11:31:50.0922 4784 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    11:31:50.0982 4784 NDProxy - ok
    11:31:51.0062 4784 [ 0FF3C6AA3E0FE0EB316DF5449B569463 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    11:31:51.0112 4784 Nero BackItUp Scheduler 4.0 - ok
    11:31:51.0122 4784 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    11:31:51.0162 4784 NetBIOS - ok
    11:31:51.0192 4784 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    11:31:51.0252 4784 NetBT - ok
    11:31:51.0262 4784 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    11:31:51.0272 4784 Netlogon - ok
    11:31:51.0292 4784 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    11:31:51.0332 4784 Netman - ok
    11:31:51.0382 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:31:51.0422 4784 NetMsmqActivator - ok
    11:31:51.0432 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:31:51.0452 4784 NetPipeActivator - ok
    11:31:51.0462 4784 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    11:31:51.0492 4784 netprofm - ok
    11:31:51.0502 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:31:51.0512 4784 NetTcpActivator - ok
    11:31:51.0512 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:31:51.0522 4784 NetTcpPortSharing - ok
    11:31:51.0522 4784 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    11:31:51.0532 4784 nfrd960 - ok
    11:31:51.0572 4784 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
    11:31:51.0592 4784 NlaSvc - ok
    11:31:51.0612 4784 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    11:31:51.0632 4784 Npfs - ok
    11:31:51.0642 4784 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    11:31:51.0682 4784 nsi - ok
    11:31:51.0692 4784 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    11:31:51.0722 4784 nsiproxy - ok
    11:31:51.0752 4784 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    11:31:51.0792 4784 Ntfs - ok
    11:31:51.0802 4784 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    11:31:51.0822 4784 Null - ok
    11:31:51.0852 4784 [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
    11:31:55.0462 4784 nusb3hub - ok
    11:32:02.0692 4784 [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
    11:32:06.0302 4784 nusb3xhc - ok
    11:32:06.0372 4784 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    11:32:06.0392 4784 nvraid - ok
    11:32:06.0432 4784 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    11:32:06.0452 4784 nvstor - ok
    11:32:06.0472 4784 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    11:32:06.0492 4784 nv_agp - ok
    11:32:06.0582 4784 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    11:32:06.0602 4784 odserv - ok
    11:32:06.0642 4784 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    11:32:06.0652 4784 ohci1394 - ok
    11:32:06.0682 4784 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    11:32:06.0702 4784 ose - ok
    11:32:06.0732 4784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    11:32:06.0772 4784 p2pimsvc - ok
    11:32:06.0792 4784 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    11:32:06.0802 4784 p2psvc - ok
    11:32:06.0822 4784 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    11:32:06.0832 4784 Parport - ok
    11:32:06.0852 4784 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    11:32:06.0862 4784 partmgr - ok
    11:32:06.0932 4784 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
    11:32:06.0962 4784 pbfilter - ok
    11:32:06.0982 4784 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    11:32:07.0022 4784 PcaSvc - ok
    11:32:07.0042 4784 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    11:32:07.0052 4784 pci - ok
    11:32:07.0072 4784 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    11:32:07.0082 4784 pciide - ok
    11:32:07.0092 4784 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    11:32:07.0112 4784 pcmcia - ok
    11:32:07.0112 4784 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    11:32:07.0122 4784 pcw - ok
    11:32:07.0142 4784 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    11:32:07.0172 4784 PEAUTH - ok
    11:32:07.0242 4784 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    11:32:07.0282 4784 PerfHost - ok
    11:32:07.0342 4784 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    11:32:07.0402 4784 pla - ok
    11:32:07.0452 4784 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    11:32:07.0522 4784 PlugPlay - ok
    11:32:07.0532 4784 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    11:32:07.0552 4784 PNRPAutoReg - ok
    11:32:07.0562 4784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    11:32:07.0572 4784 PNRPsvc - ok
    11:32:07.0582 4784 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    11:32:07.0622 4784 PolicyAgent - ok
    11:32:07.0652 4784 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    11:32:07.0672 4784 Power - ok
    11:32:07.0702 4784 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    11:32:07.0762 4784 PptpMiniport - ok
    11:32:07.0782 4784 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
    11:32:07.0802 4784 Processor - ok
    11:32:07.0822 4784 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    11:32:07.0842 4784 ProfSvc - ok
    11:32:07.0852 4784 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    11:32:07.0852 4784 ProtectedStorage - ok
    11:32:13.0292 4784 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    11:32:17.0072 4784 Psched - ok
    11:32:22.0512 4784 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
    11:32:22.0552 4784 PxHlpa64 - ok
    11:32:22.0592 4784 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    11:32:22.0632 4784 ql2300 - ok
    11:32:22.0682 4784 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    11:32:22.0712 4784 ql40xx - ok
    11:32:22.0732 4784 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    11:32:22.0742 4784 QWAVE - ok
    11:32:22.0752 4784 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    11:32:22.0772 4784 QWAVEdrv - ok
    11:32:22.0782 4784 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    11:32:22.0802 4784 RasAcd - ok
    11:32:22.0842 4784 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    11:32:22.0862 4784 RasAgileVpn - ok
    11:32:22.0862 4784 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    11:32:22.0882 4784 RasAuto - ok
    11:32:22.0912 4784 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    11:32:23.0042 4784 Rasl2tp - ok
    11:32:23.0082 4784 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    11:32:23.0112 4784 RasMan - ok
    11:32:23.0122 4784 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    11:32:23.0162 4784 RasPppoe - ok
    11:32:23.0162 4784 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    11:32:23.0182 4784 RasSstp - ok
    11:32:23.0202 4784 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    11:32:23.0242 4784 rdbss - ok
    11:32:23.0252 4784 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    11:32:23.0262 4784 rdpbus - ok
    11:32:23.0272 4784 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    11:32:23.0292 4784 RDPCDD - ok
    11:32:23.0302 4784 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    11:32:23.0332 4784 RDPENCDD - ok
    11:32:23.0342 4784 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    11:32:23.0362 4784 RDPREFMP - ok
    11:32:23.0382 4784 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    11:32:23.0402 4784 RDPWD - ok
    11:32:23.0422 4784 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    11:32:23.0432 4784 rdyboost - ok
    11:32:23.0472 4784 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    11:32:23.0532 4784 RemoteAccess - ok
    11:32:23.0542 4784 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    11:32:23.0582 4784 RemoteRegistry - ok
    11:32:23.0612 4784 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
    11:32:23.0622 4784 RFCOMM - ok
    11:32:23.0622 4784 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    11:32:23.0642 4784 RpcEptMapper - ok
    11:32:23.0662 4784 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    11:32:23.0682 4784 RpcLocator - ok
    11:32:23.0712 4784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    11:32:23.0742 4784 RpcSs - ok
    11:32:23.0752 4784 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    11:32:23.0792 4784 rspndr - ok
    11:32:23.0832 4784 [ 60EB8A87357CA5B088B422D1E55A2405 ] rt61x64 C:\Windows\system32\DRIVERS\netr6164.sys
    11:32:25.0672 4784 rt61x64 - ok
    11:32:38.0402 4784 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    11:32:38.0432 4784 RTL8167 - ok
    11:32:38.0542 4784 [ FD66FFCE55D6F5D78FD9939F10E81569 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
    11:32:38.0582 4784 RTL8192Ce - ok
    11:32:38.0602 4784 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    11:32:38.0602 4784 SamSs - ok
    11:32:38.0642 4784 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    11:32:38.0672 4784 sbp2port - ok
    11:32:38.0682 4784 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    11:32:38.0732 4784 SCardSvr - ok
    11:32:38.0762 4784 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    11:32:38.0802 4784 scfilter - ok
    11:32:38.0842 4784 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    11:32:38.0872 4784 Schedule - ok
    11:32:38.0902 4784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    11:32:38.0952 4784 SCPolicySvc - ok
    11:32:38.0982 4784 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    11:32:39.0012 4784 SDRSVC - ok
    11:32:39.0042 4784 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    11:32:39.0072 4784 secdrv - ok
    11:32:39.0102 4784 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    11:32:39.0132 4784 seclogon - ok
    11:32:39.0152 4784 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    11:32:39.0182 4784 SENS - ok
    11:32:39.0182 4784 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    11:32:39.0212 4784 SensrSvc - ok
    11:32:39.0212 4784 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    11:32:39.0222 4784 Serenum - ok
    11:32:39.0232 4784 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    11:32:39.0242 4784 Serial - ok
    11:32:39.0252 4784 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    11:32:39.0262 4784 sermouse - ok
    11:32:39.0292 4784 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    11:32:39.0362 4784 SessionEnv - ok
    11:32:39.0392 4784 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    11:32:39.0422 4784 sffdisk - ok
    11:32:39.0432 4784 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    11:32:39.0442 4784 sffp_mmc - ok
    11:32:39.0452 4784 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    11:32:39.0462 4784 sffp_sd - ok
    11:32:39.0472 4784 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    11:32:39.0472 4784 sfloppy - ok
    11:32:39.0512 4784 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    11:32:39.0572 4784 ShellHWDetection - ok
    11:32:39.0582 4784 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    11:32:39.0592 4784 SiSRaid2 - ok
    11:32:39.0602 4784 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    11:32:39.0612 4784 SiSRaid4 - ok
    11:32:39.0662 4784 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    11:32:39.0682 4784 SkypeUpdate - ok
    11:32:39.0702 4784 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    11:32:39.0722 4784 Smb - ok
    11:32:39.0742 4784 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    11:32:39.0762 4784 SNMPTRAP - ok
    11:32:39.0772 4784 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    11:32:39.0782 4784 spldr - ok
    11:32:39.0812 4784 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    11:32:39.0832 4784 Spooler - ok
    11:32:54.0502 4784 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    11:32:54.0552 4784 sppsvc - ok
    11:32:54.0592 4784 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    11:32:54.0672 4784 sppuinotify - ok
    11:32:54.0702 4784 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    11:32:54.0742 4784 srv - ok
    11:32:54.0762 4784 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    11:32:54.0772 4784 srv2 - ok
    11:32:54.0792 4784 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    11:32:54.0802 4784 srvnet - ok
    11:32:54.0812 4784 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    11:32:54.0852 4784 SSDPSRV - ok
    11:32:54.0912 4784 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
    11:32:54.0932 4784 SSPORT - ok
    11:32:54.0962 4784 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    11:32:55.0002 4784 SstpSvc - ok
    11:32:55.0012 4784 Steam Client Service - ok
    11:32:55.0032 4784 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    11:32:55.0042 4784 stexstor - ok
    11:32:55.0072 4784 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    11:32:55.0092 4784 stisvc - ok
    11:32:55.0122 4784 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    11:32:55.0132 4784 swenum - ok
    11:32:55.0212 4784 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    11:32:55.0242 4784 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
    11:32:55.0242 4784 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
    11:32:55.0262 4784 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    11:32:55.0322 4784 swprv - ok
    11:32:55.0362 4784 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    11:32:55.0402 4784 SysMain - ok
    11:32:55.0432 4784 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    11:32:55.0472 4784 TabletInputService - ok
    11:32:55.0502 4784 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    11:32:55.0562 4784 TapiSrv - ok
    11:32:55.0592 4784 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    11:32:55.0642 4784 TBS - ok
    11:32:55.0702 4784 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    11:32:55.0742 4784 Tcpip - ok
    11:32:55.0782 4784 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    11:32:55.0802 4784 TCPIP6 - ok
    11:32:55.0822 4784 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    11:32:55.0832 4784 tcpipreg - ok
    11:32:55.0852 4784 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    11:33:01.0362 4784 TDPIPE - ok
    11:33:05.0002 4784 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    11:33:06.0812 4784 TDTCP - ok
    11:33:10.0472 4784 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    11:33:10.0502 4784 tdx - ok
    11:33:10.0612 4784 [ 1C46C27E9F1938B9589859C70450D275 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    11:33:10.0682 4784 TeamViewer6 - ok
    11:33:10.0692 4784 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    11:33:10.0702 4784 TermDD - ok
    11:33:10.0732 4784 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    11:33:10.0802 4784 TermService - ok
    11:33:10.0822 4784 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    11:33:10.0832 4784 Themes - ok
    11:33:10.0852 4784 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    11:33:10.0882 4784 THREADORDER - ok
    11:33:10.0892 4784 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    11:33:10.0912 4784 TrkWks - ok
    11:33:10.0962 4784 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    11:33:10.0992 4784 TrustedInstaller - ok
    11:33:11.0022 4784 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    11:33:11.0082 4784 tssecsrv - ok
    11:33:11.0122 4784 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    11:33:11.0152 4784 TsUsbFlt - ok
    11:33:11.0182 4784 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    11:33:11.0212 4784 tunnel - ok
    11:33:11.0222 4784 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    11:33:11.0232 4784 uagp35 - ok
    11:33:11.0272 4784 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    11:33:11.0292 4784 udfs - ok
    11:33:11.0312 4784 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    11:33:11.0312 4784 UI0Detect - ok
    11:33:11.0332 4784 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    11:33:11.0342 4784 uliagpkx - ok
    11:33:11.0372 4784 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    11:33:11.0382 4784 umbus - ok
    11:33:11.0382 4784 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    11:33:11.0392 4784 UmPass - ok
    11:33:11.0442 4784 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    11:33:11.0472 4784 UMVPFSrv - ok
    11:33:11.0492 4784 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    11:33:11.0532 4784 upnphost - ok
    11:33:11.0572 4784 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
    11:33:11.0582 4784 usbaudio - ok
    11:33:11.0602 4784 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    11:33:11.0612 4784 usbccgp - ok
    11:33:11.0642 4784 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    11:33:11.0652 4784 usbcir - ok
    11:33:11.0682 4784 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    11:33:11.0692 4784 usbehci - ok
    11:33:11.0712 4784 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    11:33:11.0722 4784 usbhub - ok
    11:33:11.0732 4784 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
    11:33:11.0742 4784 usbohci - ok
    11:33:11.0752 4784 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    11:33:11.0762 4784 usbprint - ok
    11:33:11.0772 4784 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    11:33:11.0782 4784 USBSTOR - ok
    11:33:11.0792 4784 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
    11:33:11.0792 4784 usbuhci - ok
    11:33:11.0852 4784 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
    11:33:11.0872 4784 usb_rndisx - ok
    11:33:17.0302 4784 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    11:33:20.0992 4784 UxSms - ok
    11:33:24.0582 4784 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    11:33:24.0602 4784 VaultSvc - ok
    11:33:26.0442 4784 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    11:33:26.0472 4784 vdrvroot - ok
    11:33:26.0532 4784 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    11:33:26.0562 4784 vds - ok
    11:33:26.0572 4784 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    11:33:26.0582 4784 vga - ok
    11:33:26.0592 4784 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    11:33:26.0622 4784 VgaSave - ok
    11:33:26.0642 4784 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    11:33:26.0652 4784 vhdmp - ok
    11:33:26.0652 4784 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    11:33:26.0662 4784 viaide - ok
    11:33:26.0692 4784 [ 3B59BB6D10CF969DBE4DB93D9EAD7FB4 ] VKbms C:\Windows\system32\DRIVERS\VKbms.sys
    11:33:26.0712 4784 VKbms - ok
    11:33:26.0732 4784 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    11:33:26.0742 4784 volmgr - ok
    11:33:26.0782 4784 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    11:33:26.0792 4784 volmgrx - ok
    11:33:26.0802 4784 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    11:33:26.0812 4784 volsnap - ok
    11:33:26.0832 4784 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    11:33:26.0832 4784 vsmraid - ok
    11:33:26.0872 4784 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    11:33:26.0922 4784 VSS - ok
    11:33:27.0002 4784 [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    11:33:27.0042 4784 vToolbarUpdater13.2.0 - ok
    11:33:27.0042 4784 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    11:33:27.0072 4784 vwifibus - ok
    11:33:27.0092 4784 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    11:33:27.0112 4784 vwififlt - ok
    11:33:27.0132 4784 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    11:33:27.0182 4784 vwifimp - ok
    11:33:27.0202 4784 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    11:33:27.0232 4784 W32Time - ok
    11:33:27.0252 4784 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    11:33:27.0262 4784 WacomPen - ok
    11:33:27.0272 4784 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    11:33:27.0302 4784 WANARP - ok
    11:33:27.0312 4784 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    11:33:27.0332 4784 Wanarpv6 - ok
    11:33:27.0372 4784 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    11:33:27.0402 4784 WatAdminSvc - ok
    11:33:27.0442 4784 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    11:33:27.0472 4784 wbengine - ok
    11:33:27.0482 4784 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    11:33:27.0492 4784 WbioSrvc - ok
    11:33:27.0532 4784 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    11:33:27.0562 4784 wcncsvc - ok
    11:33:27.0582 4784 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    11:33:27.0592 4784 WcsPlugInService - ok
    11:33:27.0602 4784 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
    11:33:27.0612 4784 Wd - ok
    11:33:27.0642 4784 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    11:33:27.0662 4784 Wdf01000 - ok
    11:33:27.0672 4784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    11:33:27.0752 4784 WdiServiceHost - ok
    11:33:27.0762 4784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    11:33:27.0782 4784 WdiSystemHost - ok
    11:33:27.0802 4784 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    11:33:27.0812 4784 WebClient - ok
    11:33:27.0832 4784 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    11:33:27.0852 4784 Wecsvc - ok
    11:33:31.0492 4784 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    11:33:33.0362 4784 wercplsupport - ok
    11:33:38.0782 4784 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    11:33:42.0452 4784 WerSvc - ok
    11:33:42.0492 4784 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    11:33:42.0512 4784 WfpLwf - ok
    11:33:42.0542 4784 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    11:33:42.0552 4784 WIMMount - ok
    11:33:42.0562 4784 WinHttpAutoProxySvc - ok
    11:33:42.0632 4784 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    11:33:42.0692 4784 Winmgmt - ok
    11:33:42.0782 4784 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    11:33:42.0922 4784 WinRM - ok
    11:33:42.0952 4784 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
    11:33:42.0962 4784 WinUSB - ok
    11:33:42.0992 4784 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    11:33:43.0032 4784 Wlansvc - ok
    11:33:43.0112 4784 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    11:33:43.0182 4784 wlidsvc - ok
    11:33:43.0212 4784 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    11:33:43.0222 4784 WmiAcpi - ok
    11:33:43.0232 4784 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    11:33:43.0252 4784 wmiApSrv - ok
    11:33:43.0272 4784 WMPNetworkSvc - ok
    11:33:43.0332 4784 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
    11:33:43.0362 4784 WMZuneComm - ok
    11:33:43.0382 4784 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    11:33:43.0382 4784 WPCSvc - ok
    11:33:43.0412 4784 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    11:33:43.0422 4784 WPDBusEnum - ok
    11:33:43.0432 4784 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    11:33:43.0472 4784 ws2ifsl - ok
    11:33:43.0482 4784 WSearch - ok
    11:33:43.0562 4784 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    11:33:43.0602 4784 wuauserv - ok
    11:33:43.0632 4784 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    11:33:43.0642 4784 WudfPf - ok
    11:33:43.0662 4784 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    11:33:43.0662 4784 WUDFRd - ok
    11:33:43.0682 4784 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    11:33:43.0712 4784 wudfsvc - ok
    11:33:43.0732 4784 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
    11:33:43.0742 4784 WwanSvc - ok
    11:33:43.0772 4784 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
    11:33:43.0782 4784 xusb21 - ok
    11:33:58.0542 4784 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
    11:33:58.0712 4784 ZuneNetworkSvc - ok
    11:33:58.0752 4784 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
    11:33:58.0762 4784 ZuneWlanCfgSvc - ok
    11:33:58.0792 4784 ================ Scan global ===============================
    11:33:58.0822 4784 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    11:33:58.0852 4784 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
    11:33:58.0862 4784 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
    11:33:58.0872 4784 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    11:33:58.0882 4784 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    11:33:58.0882 4784 [Global] - ok
    11:33:58.0882 4784 ================ Scan MBR ==================================
    11:33:58.0892 4784 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    11:33:59.0152 4784 \Device\Harddisk0\DR0 - ok
    11:33:59.0162 4784 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1
    11:33:59.0292 4784 \Device\Harddisk1\DR1 - ok
    11:33:59.0292 4784 ================ Scan VBR ==================================
    11:33:59.0292 4784 [ 1B3C970B4C4CF2DD15FF8CD8A234CB56 ] \Device\Harddisk0\DR0\Partition1
    11:33:59.0302 4784 \Device\Harddisk0\DR0\Partition1 - ok
    11:33:59.0312 4784 [ 6234A8E20D6B81836BAF2A05A1FA2225 ] \Device\Harddisk0\DR0\Partition2
    11:33:59.0322 4784 \Device\Harddisk0\DR0\Partition2 - ok
    11:33:59.0322 4784 [ E3D6DD67F7FCED849EAAE4536CEBC4C6 ] \Device\Harddisk1\DR1\Partition1
    11:33:59.0332 4784 \Device\Harddisk1\DR1\Partition1 - ok
    11:33:59.0332 4784 ============================================================
    11:33:59.0332 4784 Scan finished
    11:33:59.0332 4784 ============================================================
    11:33:59.0342 2492 Detected object count: 8
    11:33:59.0342 2492 Actual detected object count: 8
    11:34:24.0762 2492 AsusSE ( UnsignedFile.Multi.Generic ) - skipped by user
    11:34:24.0762 2492 AsusSE ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:34:24.0762 2492 ChatpadKeyboard ( UnsignedFile.Multi.Generic ) - skipped by user
    11:34:24.0762 2492 ChatpadKeyboard ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:34:24.0772 2492 ChatpadKeyboardKMDF ( UnsignedFile.Multi.Generic ) - skipped by user
    11:34:24.0772 2492 ChatpadKeyboardKMDF ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:34:24.0772 2492 ChatpadMouse ( UnsignedFile.Multi.Generic ) - skipped by user
    11:34:24.0772 2492 ChatpadMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:34:24.0772 2492 ChatpadMouseKMDF ( UnsignedFile.Multi.Generic ) - skipped by user
    11:34:24.0772 2492 ChatpadMouseKMDF ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:34:24.0772 2492 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
    11:34:24.0772 2492 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:34:24.0772 2492 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
    11:34:24.0772 2492 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    11:34:24.0782 2492 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
    11:34:24.0782 2492 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
     
  20. Senkai

    Senkai Registered Members

    Joined:
    Jan 17, 2013
    Messages:
    15
    Location:
    Plymouth, Vermont
    Operating System:
    Windows 7
    I do have my OS disk. I think i am just going to transfer my important documents onto my flash drive now that I am able to load, albeit very very slowly. I will not however plug the flash drive back in to transfer back onto the clean install unless you believe it would be safe to do so, or have a method by which I can ensure the flash drive remained clean.

    I do appreciate all the help you have given me I am definitely going to bookmark this site! (not that I plan on getting more malware, but things happen)
     
Thread Status:
Not open for further replies.

Share This Page