Falcon1986
-
Content Count
250 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by Falcon1986
-
-
I recommend using Revo Uninstaller. The free version is fine. It will clean up a lot of program traces that you might not be able to find yourself.
Check the folders in C:\Users\***\AppData\ for anything associated with 'Google'. If Chrome was the only Google application you used, you can safely delete any 'Google' folder that you find in there.
-
Awesome! Thanks a lot, Flash! Really appreciate your expertise.
I think whatever it was got muddled up when I did the system restore. So far, so good, though.
All the best!
-
Here is the result of the OTL fix...
OTL fix log
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-3913706258-2513946957-3325762992-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3913706258-2513946957-3325762992-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} folder moved successfully.
C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions folder moved successfully.
Folder C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\osf\ deleted successfully.
File Protocol\Handler\osf - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: Behemoth
User: Default
User: Default User
User: Public
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: Behemoth
->Flash cache emptied: 1911 bytes
User: Default
->Flash cache emptied: 41620 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: All Users
User: Behemoth
->Temp folder emptied: 205088326 bytes
->Temporary Internet Files folder emptied: 58928875 bytes
->Google Chrome cache emptied: 351117255 bytes
->Flash cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 94656 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 539634 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 587.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 04272014_095215
Files\Folders moved on Reboot...
C:\Users\Behemoth\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Behemoth\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\NitroUpdateService.slog scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
As for qtBittorrent, it's the only P2P application I have installed. Had intentions for a private file synchronization/backup setup apart from cloud storage, but will work that out when I have more free time on my hands.
-
Thanks, Pete! I've joined.
-
Thanks, Flash!
1. RogueKiller
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Behemoth [Admin rights]
Mode : Scan -- Date : 04/27/2014 07:52:35
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 9 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ATA WDC WD10EZEX-22B SCSI Disk Device +++++
--- User ---
[MBR] 619acb0a5be3c34ee627fd21404eca3a
[bSP] 95171d8b45317bbbad54f4c4de950a75 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ATA SanDisk SDSSDRC0 SCSI Disk Device +++++
--- User ---
[MBR] a54123f79964a220c425de15d5be222d
[bSP] 0a9420da5d388cf72c9f5653515471d4 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 2048 | Size: 30532 MB
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) ATA ST3160827AS SCSI Disk Device +++++
--- User ---
[MBR] 75b9762d07989f0aa8fbe37c5d4d281d
[bSP] 626761ca413d20263787e82035f22f70 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 10240 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 142384 MB
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_04272014_075235.txt >>
2. TDSSKiller
07:56:04.0820 0x0714 TDSS rootkit removing tool 3.0.0.33 Apr 24 2014 14:02:50
07:56:08.0689 0x0714 ============================================================
07:56:08.0689 0x0714 Current date / time: 2014/04/27 07:56:08.0689
07:56:08.0689 0x0714 SystemInfo:
07:56:08.0689 0x0714
07:56:08.0689 0x0714 OS Version: 6.1.7601 ServicePack: 1.0
07:56:08.0689 0x0714 Product type: Workstation
07:56:08.0689 0x0714 ComputerName: BEHEMOTH-PC
07:56:08.0689 0x0714 UserName: Behemoth
07:56:08.0689 0x0714 Windows directory: C:\Windows
07:56:08.0689 0x0714 System windows directory: C:\Windows
07:56:08.0689 0x0714 Running under WOW64
07:56:08.0689 0x0714 Processor architecture: Intel x64
07:56:08.0689 0x0714 Number of processors: 4
07:56:08.0689 0x0714 Page size: 0x1000
07:56:08.0689 0x0714 Boot type: Normal boot
07:56:08.0689 0x0714 ============================================================
07:56:10.0592 0x0714 KLMD registered as C:\Windows\system32\drivers\89341552.sys
07:56:10.0670 0x0714 System UUID: {6ED84571-DDDA-C2FD-EB32-D8F8059E9D54}
07:56:10.0936 0x0714 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:56:10.0936 0x0714 Drive \Device\Harddisk1\DR1 - Size: 0x7745D6000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:56:10.0936 0x0714 Drive \Device\Harddisk2\DR2 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:56:10.0951 0x0714 ============================================================
07:56:10.0951 0x0714 \Device\Harddisk0\DR0:
07:56:10.0951 0x0714 MBR partitions:
07:56:10.0951 0x0714 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
07:56:10.0951 0x0714 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
07:56:10.0951 0x0714 \Device\Harddisk1\DR1:
07:56:10.0951 0x0714 MBR partitions:
07:56:10.0951 0x0714 \Device\Harddisk2\DR2:
07:56:10.0951 0x0714 MBR partitions:
07:56:10.0951 0x0714 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1400000
07:56:10.0951 0x0714 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x11618000
07:56:10.0951 0x0714 ============================================================
07:56:10.0967 0x0714 C: <-> \Device\Harddisk0\DR0\Partition2
07:56:10.0982 0x0714 E: <-> \Device\Harddisk2\DR2\Partition1
07:56:11.0014 0x0714 F: <-> \Device\Harddisk2\DR2\Partition2
07:56:11.0014 0x0714 ============================================================
07:56:11.0014 0x0714 Initialize success
07:56:11.0014 0x0714 ============================================================
07:56:24.0601 0x0aa8 ============================================================
07:56:24.0601 0x0aa8 Scan started
07:56:24.0601 0x0aa8 Mode: Manual;
07:56:24.0601 0x0aa8 ============================================================
07:56:24.0601 0x0aa8 KSN ping started
07:56:27.0472 0x0aa8 KSN ping finished: true
07:56:27.0737 0x0aa8 ================ Scan system memory ========================
07:56:27.0737 0x0aa8 System memory - ok
07:56:27.0753 0x0aa8 ================ Scan services =============================
07:56:27.0909 0x0aa8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
07:56:27.0909 0x0aa8 1394ohci - ok
07:56:27.0940 0x0aa8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
07:56:27.0940 0x0aa8 ACPI - ok
07:56:27.0955 0x0aa8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
07:56:27.0955 0x0aa8 AcpiPmi - ok
07:56:27.0971 0x0aa8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
07:56:27.0971 0x0aa8 adp94xx - ok
07:56:27.0971 0x0aa8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
07:56:27.0987 0x0aa8 adpahci - ok
07:56:28.0018 0x0aa8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
07:56:28.0018 0x0aa8 adpu320 - ok
07:56:28.0049 0x0aa8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:56:28.0049 0x0aa8 AeLookupSvc - ok
07:56:28.0080 0x0aa8 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
07:56:28.0096 0x0aa8 AFD - ok
07:56:28.0111 0x0aa8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
07:56:28.0111 0x0aa8 agp440 - ok
07:56:28.0127 0x0aa8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
07:56:28.0127 0x0aa8 ALG - ok
07:56:28.0143 0x0aa8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
07:56:28.0143 0x0aa8 aliide - ok
07:56:28.0158 0x0aa8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
07:56:28.0158 0x0aa8 amdide - ok
07:56:28.0158 0x0aa8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
07:56:28.0158 0x0aa8 AmdK8 - ok
07:56:28.0158 0x0aa8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
07:56:28.0158 0x0aa8 AmdPPM - ok
07:56:28.0174 0x0aa8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:56:28.0174 0x0aa8 amdsata - ok
07:56:28.0189 0x0aa8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
07:56:28.0189 0x0aa8 amdsbs - ok
07:56:28.0189 0x0aa8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:56:28.0189 0x0aa8 amdxata - ok
07:56:28.0189 0x0aa8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
07:56:28.0205 0x0aa8 AppID - ok
07:56:28.0205 0x0aa8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:56:28.0205 0x0aa8 AppIDSvc - ok
07:56:28.0236 0x0aa8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
07:56:28.0236 0x0aa8 Appinfo - ok
07:56:28.0267 0x0aa8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
07:56:28.0267 0x0aa8 AppMgmt - ok
07:56:28.0283 0x0aa8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
07:56:28.0283 0x0aa8 arc - ok
07:56:28.0299 0x0aa8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
07:56:28.0299 0x0aa8 arcsas - ok
07:56:28.0361 0x0aa8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:56:28.0361 0x0aa8 aspnet_state - ok
07:56:28.0392 0x0aa8 [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
07:56:28.0392 0x0aa8 AsrAppCharger - ok
07:56:28.0392 0x0aa8 [ 67C03C21F319647834DAA61704D8A248, A0845AE5B13E1208CDDEB77863AB2D40CA5D1C709AD5B1976C3AC595F7A516D5 ] AsrRamDisk C:\Windows\system32\DRIVERS\AsrRamDisk.sys
07:56:28.0408 0x0aa8 AsrRamDisk - ok
07:56:28.0408 0x0aa8 [ 30F92A4B666E1E53C418B2D3024FDF6E, 164639CD210201FFEE76E7F63A9484419BF396EA416AAACDECFC501349A790AB ] AsrVDrive C:\Windows\system32\DRIVERS\AsrVDrive.sys
07:56:28.0408 0x0aa8 AsrVDrive - ok
07:56:28.0423 0x0aa8 [ 8BE618EB795A87DBFD1E09DA63F009C7, 87443A8DB2B4CA4CCA280E0BBB3EAFBD218F7B0B6485C304CAA6B0BFDCBEB3EC ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
07:56:28.0423 0x0aa8 aswMonFlt - ok
07:56:28.0439 0x0aa8 [ D4259F75734EBCC8D815753B09EB2F0A, 93E06432F3E74B4CE606F4BECB80D11580FB72832630164427F36BD62C467103 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
07:56:28.0455 0x0aa8 aswRdr - ok
07:56:28.0455 0x0aa8 [ 8D4B8BF93C65BDBC133B20706A3B5208, BBCC103F722434DE38FD4D3DF8D543478405E139C5923B0EDFBA80A6C2762AB2 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
07:56:28.0455 0x0aa8 aswRvrt - ok
07:56:28.0486 0x0aa8 [ AA0D1B47BE967E1E17301DDFB66C432C, 0283A503D9875C7D51288FAD28BC3F44E4637EDBBBFD968E51D4D505E3AE97B1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
07:56:28.0501 0x0aa8 aswSnx - ok
07:56:28.0517 0x0aa8 [ 15C6B7D20EE0E44A4DF82183A89CCFC2, 8CCE561CF25A6ED686DDD15C6041B29A82EF52247AFAD937EA5ADBA61C6A18AF ] aswSP C:\Windows\system32\drivers\aswSP.sys
07:56:28.0517 0x0aa8 aswSP - ok
07:56:28.0533 0x0aa8 [ 81FA56F29440406A7264CBD7B1C7CB29, 704FAC64596D949C2F83AEE9E3B235CB3E9240EEF310361691CB213A30341141 ] aswStm C:\Windows\system32\drivers\aswStm.sys
07:56:28.0533 0x0aa8 aswStm - ok
07:56:28.0533 0x0aa8 [ 0606875650850B0697D662934529F6FC, BC0D7B83888F88966F2DFC0BC26D038290FFBA83079DC7C3B67272557DA3E25D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
07:56:28.0533 0x0aa8 aswVmm - ok
07:56:28.0548 0x0aa8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:56:28.0548 0x0aa8 AsyncMac - ok
07:56:28.0548 0x0aa8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
07:56:28.0548 0x0aa8 atapi - ok
07:56:28.0564 0x0aa8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:56:28.0579 0x0aa8 AudioEndpointBuilder - ok
07:56:28.0595 0x0aa8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:56:28.0611 0x0aa8 AudioSrv - ok
07:56:28.0642 0x0aa8 [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
07:56:28.0657 0x0aa8 avast! Antivirus - ok
07:56:28.0657 0x0aa8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:56:28.0673 0x0aa8 AxInstSV - ok
07:56:28.0689 0x0aa8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
07:56:28.0704 0x0aa8 b06bdrv - ok
07:56:28.0720 0x0aa8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:56:28.0720 0x0aa8 b57nd60a - ok
07:56:28.0735 0x0aa8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
07:56:28.0735 0x0aa8 BDESVC - ok
07:56:28.0751 0x0aa8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
07:56:28.0751 0x0aa8 Beep - ok
07:56:28.0767 0x0aa8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
07:56:28.0767 0x0aa8 BFE - ok
07:56:28.0813 0x0aa8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
07:56:28.0813 0x0aa8 BITS - ok
07:56:28.0829 0x0aa8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
07:56:28.0829 0x0aa8 blbdrive - ok
07:56:28.0845 0x0aa8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:56:28.0845 0x0aa8 bowser - ok
07:56:28.0845 0x0aa8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
07:56:28.0860 0x0aa8 BrFiltLo - ok
07:56:28.0860 0x0aa8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
07:56:28.0860 0x0aa8 BrFiltUp - ok
07:56:28.0876 0x0aa8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
07:56:28.0876 0x0aa8 Browser - ok
07:56:28.0876 0x0aa8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:56:28.0876 0x0aa8 Brserid - ok
07:56:28.0891 0x0aa8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:56:28.0891 0x0aa8 BrSerWdm - ok
07:56:28.0891 0x0aa8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:56:28.0891 0x0aa8 BrUsbMdm - ok
07:56:28.0891 0x0aa8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:56:28.0891 0x0aa8 BrUsbSer - ok
07:56:28.0891 0x0aa8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
07:56:28.0891 0x0aa8 BTHMODEM - ok
07:56:28.0907 0x0aa8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
07:56:28.0907 0x0aa8 bthserv - ok
07:56:28.0907 0x0aa8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:56:28.0907 0x0aa8 cdfs - ok
07:56:28.0923 0x0aa8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
07:56:28.0923 0x0aa8 cdrom - ok
07:56:28.0938 0x0aa8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
07:56:28.0938 0x0aa8 CertPropSvc - ok
07:56:28.0938 0x0aa8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
07:56:28.0938 0x0aa8 circlass - ok
07:56:28.0954 0x0aa8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
07:56:28.0954 0x0aa8 CLFS - ok
07:56:29.0001 0x0aa8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:56:29.0001 0x0aa8 clr_optimization_v2.0.50727_32 - ok
07:56:29.0032 0x0aa8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:56:29.0032 0x0aa8 clr_optimization_v2.0.50727_64 - ok
07:56:29.0063 0x0aa8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:56:29.0063 0x0aa8 clr_optimization_v4.0.30319_32 - ok
07:56:29.0079 0x0aa8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:56:29.0079 0x0aa8 clr_optimization_v4.0.30319_64 - ok
07:56:29.0079 0x0aa8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
07:56:29.0079 0x0aa8 CmBatt - ok
07:56:29.0110 0x0aa8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:56:29.0110 0x0aa8 cmdide - ok
07:56:29.0125 0x0aa8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
07:56:29.0141 0x0aa8 CNG - ok
07:56:29.0172 0x0aa8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
07:56:29.0172 0x0aa8 Compbatt - ok
07:56:29.0188 0x0aa8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
07:56:29.0188 0x0aa8 CompositeBus - ok
07:56:29.0188 0x0aa8 COMSysApp - ok
07:56:29.0250 0x0aa8 [ 6CB6EBB6B85594D5E4E8941363A6C9C2, FFE10DBE42FD507D677AF1A2FF0EADE1C1F21E13F5F2F39B0C5DB7FF3C5431DB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
07:56:29.0266 0x0aa8 cphs - ok
07:56:29.0297 0x0aa8 [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
07:56:29.0297 0x0aa8 cpudrv64 - ok
07:56:29.0313 0x0aa8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
07:56:29.0313 0x0aa8 crcdisk - ok
07:56:29.0328 0x0aa8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:56:29.0344 0x0aa8 CryptSvc - ok
07:56:29.0375 0x0aa8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
07:56:29.0391 0x0aa8 CSC - ok
07:56:29.0406 0x0aa8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
07:56:29.0422 0x0aa8 CscService - ok
07:56:29.0453 0x0aa8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:56:29.0453 0x0aa8 DcomLaunch - ok
07:56:29.0484 0x0aa8 [ 7194353A9303E80BA0B22187E559EB13, 80AB8FAD012A712E3658541ACEB66BBBF3518E839E3C32173F6FB0FFA7B699E3 ] DefragFS C:\Windows\system32\drivers\DefragFS.sys
07:56:29.0484 0x0aa8 DefragFS - ok
07:56:29.0500 0x0aa8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
07:56:29.0515 0x0aa8 defragsvc - ok
07:56:29.0515 0x0aa8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:56:29.0515 0x0aa8 DfsC - ok
07:56:29.0531 0x0aa8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
07:56:29.0531 0x0aa8 Dhcp - ok
07:56:29.0547 0x0aa8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
07:56:29.0547 0x0aa8 discache - ok
07:56:29.0547 0x0aa8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
07:56:29.0547 0x0aa8 Disk - ok
07:56:29.0562 0x0aa8 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
07:56:29.0562 0x0aa8 dmvsc - ok
07:56:29.0578 0x0aa8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:56:29.0578 0x0aa8 Dnscache - ok
07:56:29.0593 0x0aa8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
07:56:29.0593 0x0aa8 dot3svc - ok
07:56:29.0609 0x0aa8 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
07:56:29.0609 0x0aa8 Dot4 - ok
07:56:29.0625 0x0aa8 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
07:56:29.0625 0x0aa8 Dot4Print - ok
07:56:29.0625 0x0aa8 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
07:56:29.0625 0x0aa8 dot4usb - ok
07:56:29.0640 0x0aa8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
07:56:29.0640 0x0aa8 DPS - ok
07:56:29.0656 0x0aa8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:56:29.0656 0x0aa8 drmkaud - ok
07:56:29.0671 0x0aa8 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:56:29.0687 0x0aa8 DXGKrnl - ok
07:56:29.0703 0x0aa8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
07:56:29.0703 0x0aa8 EapHost - ok
07:56:29.0781 0x0aa8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
07:56:29.0812 0x0aa8 ebdrv - ok
07:56:29.0827 0x0aa8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
07:56:29.0827 0x0aa8 EFS - ok
07:56:29.0890 0x0aa8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:56:29.0890 0x0aa8 ehRecvr - ok
07:56:29.0905 0x0aa8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
07:56:29.0905 0x0aa8 ehSched - ok
07:56:29.0921 0x0aa8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
07:56:29.0937 0x0aa8 elxstor - ok
07:56:29.0937 0x0aa8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
07:56:29.0937 0x0aa8 ErrDev - ok
07:56:29.0968 0x0aa8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
07:56:29.0968 0x0aa8 EventSystem - ok
07:56:29.0968 0x0aa8 [ 27CE917868B08E8BC04A3CB0A80A43AE, 9DCFD4FC76412DA85FED64295369501DB7A9DBC50C6FD739336C8772BF57845C ] excfs C:\Windows\system32\DRIVERS\excfs.sys
07:56:29.0983 0x0aa8 excfs - ok
07:56:29.0983 0x0aa8 [ 535A8B1821071019E074FDA912322225, AC798F7DB8E017E3079C0CABDB9D16D79CB5D7191D2A11E598E0FDCD4A5CDFBF ] excsd C:\Windows\system32\DRIVERS\excsd.sys
07:56:29.0983 0x0aa8 excsd - ok
07:56:29.0983 0x0aa8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
07:56:29.0983 0x0aa8 exfat - ok
07:56:30.0015 0x0aa8 [ A02DACE3AFB4AFC5A5A71BB6ED2ABB7B, 67BDF9AF4DCC59F4B423277D6B9B3FDC87A435F5C0D7FE51CFDDAE9A34583D79 ] ExpressCache C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
07:56:30.0030 0x0aa8 ExpressCache - ok
07:56:30.0046 0x0aa8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:56:30.0046 0x0aa8 fastfat - ok
07:56:30.0061 0x0aa8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
07:56:30.0077 0x0aa8 Fax - ok
07:56:30.0077 0x0aa8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
07:56:30.0093 0x0aa8 fdc - ok
07:56:30.0093 0x0aa8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
07:56:30.0093 0x0aa8 fdPHost - ok
07:56:30.0093 0x0aa8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
07:56:30.0093 0x0aa8 FDResPub - ok
07:56:30.0108 0x0aa8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:56:30.0108 0x0aa8 FileInfo - ok
07:56:30.0108 0x0aa8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:56:30.0108 0x0aa8 Filetrace - ok
07:56:30.0108 0x0aa8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
07:56:30.0108 0x0aa8 flpydisk - ok
07:56:30.0124 0x0aa8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:56:30.0124 0x0aa8 FltMgr - ok
07:56:30.0139 0x0aa8 [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
07:56:30.0139 0x0aa8 FNETTBOH_305 - ok
07:56:30.0155 0x0aa8 [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
07:56:30.0155 0x0aa8 FNETURPX - ok
07:56:30.0186 0x0aa8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
07:56:30.0217 0x0aa8 FontCache - ok
07:56:30.0233 0x0aa8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:56:30.0233 0x0aa8 FontCache3.0.0.0 - ok
07:56:30.0233 0x0aa8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:56:30.0233 0x0aa8 FsDepends - ok
07:56:30.0249 0x0aa8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:56:30.0249 0x0aa8 Fs_Rec - ok
07:56:30.0264 0x0aa8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:56:30.0264 0x0aa8 fvevol - ok
07:56:30.0280 0x0aa8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
07:56:30.0280 0x0aa8 gagp30kx - ok
07:56:30.0311 0x0aa8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
07:56:30.0327 0x0aa8 gpsvc - ok
07:56:30.0358 0x0aa8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:56:30.0358 0x0aa8 gupdate - ok
07:56:30.0358 0x0aa8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:56:30.0358 0x0aa8 gupdatem - ok
07:56:30.0358 0x0aa8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:56:30.0358 0x0aa8 hcw85cir - ok
07:56:30.0405 0x0aa8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:56:30.0405 0x0aa8 HdAudAddService - ok
07:56:30.0405 0x0aa8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
07:56:30.0420 0x0aa8 HDAudBus - ok
07:56:30.0420 0x0aa8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
07:56:30.0420 0x0aa8 HidBatt - ok
07:56:30.0420 0x0aa8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
07:56:30.0420 0x0aa8 HidBth - ok
07:56:30.0420 0x0aa8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
07:56:30.0420 0x0aa8 HidIr - ok
07:56:30.0436 0x0aa8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
07:56:30.0436 0x0aa8 hidserv - ok
07:56:30.0451 0x0aa8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
07:56:30.0451 0x0aa8 HidUsb - ok
07:56:30.0467 0x0aa8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:56:30.0483 0x0aa8 hkmsvc - ok
07:56:30.0483 0x0aa8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:56:30.0483 0x0aa8 HomeGroupListener - ok
07:56:30.0498 0x0aa8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:56:30.0498 0x0aa8 HomeGroupProvider - ok
07:56:30.0514 0x0aa8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:56:30.0514 0x0aa8 HpSAMD - ok
07:56:30.0529 0x0aa8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:56:30.0545 0x0aa8 HTTP - ok
07:56:30.0545 0x0aa8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:56:30.0545 0x0aa8 hwpolicy - ok
07:56:30.0561 0x0aa8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
07:56:30.0561 0x0aa8 i8042prt - ok
07:56:30.0576 0x0aa8 [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
07:56:30.0592 0x0aa8 iaStorA - ok
07:56:30.0607 0x0aa8 [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
07:56:30.0607 0x0aa8 IAStorDataMgrSvc - ok
07:56:30.0623 0x0aa8 [ 2B38F13E18E272459CD2CE83E6722C12, 58FB127C05FF7399F88F3B53CE4B460A7D3EA739AFCD273C0E687053BBA074D6 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
07:56:30.0623 0x0aa8 iaStorF - ok
07:56:30.0639 0x0aa8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:56:30.0654 0x0aa8 iaStorV - ok
07:56:30.0701 0x0aa8 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
07:56:30.0701 0x0aa8 ICCS - ok
07:56:30.0748 0x0aa8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:56:30.0779 0x0aa8 idsvc - ok
07:56:30.0779 0x0aa8 IEEtwCollectorService - ok
07:56:30.0857 0x0aa8 [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
07:56:30.0904 0x0aa8 igfx - ok
07:56:30.0935 0x0aa8 [ B54E51AF05F883B2282693B4214ED228, 1083DA63D8DF1149644A3BDA0BD8B69C35D98C745E23F5FD9FDD2D9FF5682ABA ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
07:56:30.0935 0x0aa8 igfxCUIService1.0.0.0 - ok
07:56:30.0951 0x0aa8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
07:56:30.0951 0x0aa8 iirsp - ok
07:56:30.0951 0x0aa8 [ 67999A9D34A0B2479381E7A61AFC37AB, 7A1F72B2AD859345E1F092CE80C269767E4EF9931146B7F01E891EC12CCA684F ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
07:56:30.0951 0x0aa8 ikbevent - ok
07:56:30.0982 0x0aa8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
07:56:30.0997 0x0aa8 IKEEXT - ok
07:56:30.0997 0x0aa8 [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4, A7019D2335CB46DCD9ABDB896622254E58AB265EC3D72A92B1C4890D45DEE85F ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
07:56:30.0997 0x0aa8 imsevent - ok
07:56:31.0107 0x0aa8 [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
07:56:31.0153 0x0aa8 IntcAzAudAddService - ok
07:56:31.0216 0x0aa8 [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
07:56:31.0216 0x0aa8 IntcDAud - ok
07:56:31.0247 0x0aa8 [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
07:56:31.0263 0x0aa8 Intel® Capability Licensing Service Interface - ok
07:56:31.0278 0x0aa8 [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
07:56:31.0278 0x0aa8 Intel® ME Service - ok
07:56:31.0294 0x0aa8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
07:56:31.0294 0x0aa8 intelide - ok
07:56:31.0309 0x0aa8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:56:31.0309 0x0aa8 intelppm - ok
07:56:31.0309 0x0aa8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:56:31.0325 0x0aa8 IPBusEnum - ok
07:56:31.0325 0x0aa8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:56:31.0325 0x0aa8 IpFilterDriver - ok
07:56:31.0341 0x0aa8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:56:31.0356 0x0aa8 iphlpsvc - ok
07:56:31.0356 0x0aa8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:56:31.0356 0x0aa8 IPMIDRV - ok
07:56:31.0356 0x0aa8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:56:31.0356 0x0aa8 IPNAT - ok
07:56:31.0356 0x0aa8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:56:31.0356 0x0aa8 IRENUM - ok
07:56:31.0372 0x0aa8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:56:31.0372 0x0aa8 isapnp - ok
07:56:31.0387 0x0aa8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:56:31.0387 0x0aa8 iScsiPrt - ok
07:56:31.0403 0x0aa8 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
07:56:31.0403 0x0aa8 ISCT - ok
07:56:31.0419 0x0aa8 [ 6F60B7AD044924B8C1E32D692C593612, 93EFBC2EC24E7B4B908010955F1B9A6DC231C7A4B55BE0D2DC6103E2A5457EC6 ] ISCTAgent C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
07:56:31.0434 0x0aa8 ISCTAgent - ok
07:56:31.0434 0x0aa8 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
07:56:31.0434 0x0aa8 iusb3hcs - ok
07:56:31.0450 0x0aa8 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
07:56:31.0450 0x0aa8 iusb3hub - ok
07:56:31.0481 0x0aa8 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
07:56:31.0481 0x0aa8 iusb3xhc - ok
07:56:31.0497 0x0aa8 [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
07:56:31.0497 0x0aa8 jhi_service - ok
07:56:31.0512 0x0aa8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
07:56:31.0512 0x0aa8 kbdclass - ok
07:56:31.0512 0x0aa8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
07:56:31.0512 0x0aa8 kbdhid - ok
07:56:31.0528 0x0aa8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
07:56:31.0528 0x0aa8 KeyIso - ok
07:56:31.0543 0x0aa8 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:56:31.0543 0x0aa8 KSecDD - ok
07:56:31.0559 0x0aa8 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:56:31.0559 0x0aa8 KSecPkg - ok
07:56:31.0575 0x0aa8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:56:31.0575 0x0aa8 ksthunk - ok
07:56:31.0590 0x0aa8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
07:56:31.0590 0x0aa8 KtmRm - ok
07:56:31.0606 0x0aa8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:56:31.0621 0x0aa8 LanmanServer - ok
07:56:31.0621 0x0aa8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:56:31.0637 0x0aa8 LanmanWorkstation - ok
07:56:31.0637 0x0aa8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:56:31.0637 0x0aa8 lltdio - ok
07:56:31.0653 0x0aa8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:56:31.0668 0x0aa8 lltdsvc - ok
07:56:31.0668 0x0aa8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:56:31.0668 0x0aa8 lmhosts - ok
07:56:31.0684 0x0aa8 [ 3974B7CE015A6EEF30DA4ADD5F1203D0, ED776F1C1B1834550F3D45591EB1F0829BBA07F9F7CB73F7FBB0AFDEF8F4411B ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
07:56:31.0684 0x0aa8 LMS - ok
07:56:31.0699 0x0aa8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
07:56:31.0699 0x0aa8 LSI_FC - ok
07:56:31.0715 0x0aa8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
07:56:31.0715 0x0aa8 LSI_SAS - ok
07:56:31.0715 0x0aa8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
07:56:31.0715 0x0aa8 LSI_SAS2 - ok
07:56:31.0715 0x0aa8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
07:56:31.0715 0x0aa8 LSI_SCSI - ok
07:56:31.0715 0x0aa8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
07:56:31.0731 0x0aa8 luafv - ok
07:56:31.0746 0x0aa8 [ 8E4B11C56298C4F01479C2D53222BB24, 5522A6F575BF001D08BA6494F309E50989F1234A3BB41F2EA3399E07C5C4D29C ] LucidSvc C:\Program Files\Lucidlogix Technologies\VIRTU MVP\LucidSvc.exe
07:56:31.0746 0x0aa8 LucidSvc - ok
07:56:31.0777 0x0aa8 [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
07:56:31.0777 0x0aa8 MBAMProtector - ok
07:56:31.0840 0x0aa8 [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
07:56:31.0855 0x0aa8 MBAMScheduler - ok
07:56:31.0887 0x0aa8 [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
07:56:31.0902 0x0aa8 MBAMService - ok
07:56:31.0902 0x0aa8 [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
07:56:31.0902 0x0aa8 MBAMWebAccessControl - ok
07:56:31.0902 0x0aa8 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
07:56:31.0902 0x0aa8 MBfilt - ok
07:56:31.0933 0x0aa8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:56:31.0933 0x0aa8 Mcx2Svc - ok
07:56:31.0949 0x0aa8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
07:56:31.0949 0x0aa8 megasas - ok
07:56:31.0965 0x0aa8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
07:56:31.0965 0x0aa8 MegaSR - ok
07:56:31.0980 0x0aa8 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
07:56:31.0980 0x0aa8 MEIx64 - ok
07:56:31.0980 0x0aa8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
07:56:31.0980 0x0aa8 MMCSS - ok
07:56:31.0996 0x0aa8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
07:56:31.0996 0x0aa8 Modem - ok
07:56:31.0996 0x0aa8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:56:31.0996 0x0aa8 monitor - ok
07:56:32.0011 0x0aa8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:56:32.0011 0x0aa8 mouclass - ok
07:56:32.0011 0x0aa8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:56:32.0011 0x0aa8 mouhid - ok
07:56:32.0011 0x0aa8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:56:32.0011 0x0aa8 mountmgr - ok
07:56:32.0027 0x0aa8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
07:56:32.0027 0x0aa8 mpio - ok
07:56:32.0027 0x0aa8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:56:32.0027 0x0aa8 mpsdrv - ok
07:56:32.0043 0x0aa8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:56:32.0058 0x0aa8 MpsSvc - ok
07:56:32.0074 0x0aa8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:56:32.0089 0x0aa8 MRxDAV - ok
07:56:32.0089 0x0aa8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:56:32.0089 0x0aa8 mrxsmb - ok
07:56:32.0121 0x0aa8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:56:32.0121 0x0aa8 mrxsmb10 - ok
07:56:32.0121 0x0aa8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:56:32.0121 0x0aa8 mrxsmb20 - ok
07:56:32.0136 0x0aa8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
07:56:32.0136 0x0aa8 msahci - ok
07:56:32.0152 0x0aa8 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
07:56:32.0167 0x0aa8 MSCamSvc - ok
07:56:32.0167 0x0aa8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:56:32.0183 0x0aa8 msdsm - ok
07:56:32.0183 0x0aa8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
07:56:32.0199 0x0aa8 MSDTC - ok
07:56:32.0199 0x0aa8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:56:32.0199 0x0aa8 Msfs - ok
07:56:32.0214 0x0aa8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:56:32.0214 0x0aa8 mshidkmdf - ok
07:56:32.0214 0x0aa8 [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
07:56:32.0230 0x0aa8 MSHUSBVideo - ok
07:56:32.0230 0x0aa8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:56:32.0230 0x0aa8 msisadrv - ok
07:56:32.0230 0x0aa8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:56:32.0245 0x0aa8 MSiSCSI - ok
07:56:32.0245 0x0aa8 msiserver - ok
07:56:32.0261 0x0aa8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:56:32.0261 0x0aa8 MSKSSRV - ok
07:56:32.0277 0x0aa8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:56:32.0277 0x0aa8 MSPCLOCK - ok
07:56:32.0277 0x0aa8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:56:32.0277 0x0aa8 MSPQM - ok
07:56:32.0292 0x0aa8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:56:32.0308 0x0aa8 MsRPC - ok
07:56:32.0308 0x0aa8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
07:56:32.0308 0x0aa8 mssmbios - ok
07:56:32.0308 0x0aa8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:56:32.0308 0x0aa8 MSTEE - ok
07:56:32.0323 0x0aa8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
07:56:32.0323 0x0aa8 MTConfig - ok
07:56:32.0323 0x0aa8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
07:56:32.0323 0x0aa8 Mup - ok
07:56:32.0355 0x0aa8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
07:56:32.0355 0x0aa8 napagent - ok
07:56:32.0370 0x0aa8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:56:32.0370 0x0aa8 NativeWifiP - ok
07:56:32.0401 0x0aa8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
07:56:32.0417 0x0aa8 NDIS - ok
07:56:32.0417 0x0aa8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:56:32.0417 0x0aa8 NdisCap - ok
07:56:32.0433 0x0aa8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:56:32.0433 0x0aa8 NdisTapi - ok
07:56:32.0433 0x0aa8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:56:32.0433 0x0aa8 Ndisuio - ok
07:56:32.0433 0x0aa8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:56:32.0448 0x0aa8 NdisWan - ok
07:56:32.0448 0x0aa8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:56:32.0448 0x0aa8 NDProxy - ok
07:56:32.0464 0x0aa8 [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
07:56:32.0464 0x0aa8 Net Driver HPZ12 - ok
07:56:32.0464 0x0aa8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:56:32.0464 0x0aa8 NetBIOS - ok
07:56:32.0479 0x0aa8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:56:32.0479 0x0aa8 NetBT - ok
07:56:32.0495 0x0aa8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
07:56:32.0495 0x0aa8 Netlogon - ok
07:56:32.0511 0x0aa8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
07:56:32.0511 0x0aa8 Netman - ok
07:56:32.0542 0x0aa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:56:32.0557 0x0aa8 NetMsmqActivator - ok
07:56:32.0557 0x0aa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:56:32.0557 0x0aa8 NetPipeActivator - ok
07:56:32.0589 0x0aa8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
07:56:32.0589 0x0aa8 netprofm - ok
07:56:32.0604 0x0aa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:56:32.0604 0x0aa8 NetTcpActivator - ok
07:56:32.0604 0x0aa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:56:32.0620 0x0aa8 NetTcpPortSharing - ok
07:56:32.0620 0x0aa8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
07:56:32.0620 0x0aa8 nfrd960 - ok
07:56:32.0667 0x0aa8 [ 12844E91585A372CD1C143DBF6C69190, D2397A896551D0DA080B3171901468EF6A1E52F11AC7C18727ABBC97C72B1C0E ] NitroDriverReadSpool9 C:\Program Files (x86)\Nitro\Pro 9\NitroPDFDriverService9x64.exe
07:56:32.0667 0x0aa8 NitroDriverReadSpool9 - ok
07:56:32.0698 0x0aa8 [ AD2F1140F079C467A7F76D0B7C0F8677, 981AF7EDF207DAE928DF6D8A5594BE58445C432A793031CC04856E31E07717C2 ] NitroUpdateService C:\Program Files (x86)\Nitro\Pro 9\Nitro_UpdateService.exe
07:56:32.0713 0x0aa8 NitroUpdateService - ok
07:56:32.0729 0x0aa8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:56:32.0745 0x0aa8 NlaSvc - ok
07:56:32.0791 0x0aa8 [ BC61DCD295A60FACAB575CEBEA03DC17, 8802ABC25FC06789AE856C63C5A3B0F9D4408695CCD6C84E80C29BFDBE710291 ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
07:56:32.0791 0x0aa8 nlsX86cc - ok
07:56:32.0807 0x0aa8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:56:32.0807 0x0aa8 Npfs - ok
07:56:32.0823 0x0aa8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
07:56:32.0823 0x0aa8 nsi - ok
07:56:32.0823 0x0aa8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:56:32.0823 0x0aa8 nsiproxy - ok
07:56:32.0885 0x0aa8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:56:32.0901 0x0aa8 Ntfs - ok
07:56:32.0916 0x0aa8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
07:56:32.0916 0x0aa8 Null - ok
07:56:32.0932 0x0aa8 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
07:56:32.0932 0x0aa8 NVHDA - ok
07:56:33.0181 0x0aa8 [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:56:33.0322 0x0aa8 nvlddmkm - ok
07:56:33.0353 0x0aa8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:56:33.0353 0x0aa8 nvraid - ok
07:56:33.0384 0x0aa8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:56:33.0384 0x0aa8 nvstor - ok
07:56:33.0415 0x0aa8 [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc C:\Windows\system32\nvvsvc.exe
07:56:33.0447 0x0aa8 nvsvc - ok
07:56:33.0447 0x0aa8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:56:33.0447 0x0aa8 nv_agp - ok
07:56:33.0447 0x0aa8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:56:33.0462 0x0aa8 ohci1394 - ok
07:56:33.0478 0x0aa8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:56:33.0478 0x0aa8 ose - ok
07:56:33.0571 0x0aa8 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:56:33.0634 0x0aa8 osppsvc - ok
07:56:33.0649 0x0aa8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:56:33.0665 0x0aa8 p2pimsvc - ok
07:56:33.0681 0x0aa8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
07:56:33.0681 0x0aa8 p2psvc - ok
07:56:33.0696 0x0aa8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
07:56:33.0696 0x0aa8 Parport - ok
07:56:33.0712 0x0aa8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:56:33.0712 0x0aa8 partmgr - ok
07:56:33.0712 0x0aa8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
07:56:33.0727 0x0aa8 PcaSvc - ok
07:56:33.0727 0x0aa8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
07:56:33.0727 0x0aa8 pci - ok
07:56:33.0759 0x0aa8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
07:56:33.0759 0x0aa8 pciide - ok
07:56:33.0774 0x0aa8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
07:56:33.0774 0x0aa8 pcmcia - ok
07:56:33.0774 0x0aa8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
07:56:33.0774 0x0aa8 pcw - ok
07:56:33.0868 0x0aa8 [ C77DD8658E5DFA4CAD3E8BC624D57DD6, 629E4BF8EB8F48611BB3A7F3D51B1A3F26502649BD71AEA5F86DA4A076FBD67D ] PDAgent C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
07:56:33.0883 0x0aa8 PDAgent - ok
07:56:33.0977 0x0aa8 [ A5807A41FC0B0BBC4F67F0E5389B21A8, B79B2935B6C993FD7172622CDF076FF8653F8954F2140CE925590F3837122FFE ] PDEngine C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
07:56:34.0024 0x0aa8 PDEngine - ok
07:56:34.0024 0x0aa8 [ 9F5E27C8B88A8DA1DC93E93A5C27BB9B, 296516C813F0AFE1BC6B837B213141C0B07F06448F706988990B802FA89D45DC ] PDFSFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys
07:56:34.0024 0x0aa8 PDFSFilter - ok
07:56:34.0039 0x0aa8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:56:34.0055 0x0aa8 PEAUTH - ok
07:56:34.0086 0x0aa8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
07:56:34.0102 0x0aa8 PeerDistSvc - ok
07:56:34.0133 0x0aa8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:56:34.0133 0x0aa8 PerfHost - ok
07:56:34.0164 0x0aa8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
07:56:34.0180 0x0aa8 pla - ok
07:56:34.0227 0x0aa8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:56:34.0242 0x0aa8 PlugPlay - ok
07:56:34.0242 0x0aa8 [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
07:56:34.0242 0x0aa8 Pml Driver HPZ12 - ok
07:56:34.0258 0x0aa8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:56:34.0258 0x0aa8 PNRPAutoReg - ok
07:56:34.0273 0x0aa8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:56:34.0289 0x0aa8 PNRPsvc - ok
07:56:34.0305 0x0aa8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:56:34.0305 0x0aa8 PolicyAgent - ok
07:56:34.0367 0x0aa8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
07:56:34.0383 0x0aa8 Power - ok
07:56:34.0383 0x0aa8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:56:34.0383 0x0aa8 PptpMiniport - ok
07:56:34.0398 0x0aa8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
07:56:34.0398 0x0aa8 Processor - ok
07:56:34.0414 0x0aa8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
07:56:34.0414 0x0aa8 ProfSvc - ok
07:56:34.0429 0x0aa8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
07:56:34.0429 0x0aa8 ProtectedStorage - ok
07:56:34.0445 0x0aa8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:56:34.0445 0x0aa8 Psched - ok
07:56:34.0476 0x0aa8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
07:56:34.0492 0x0aa8 ql2300 - ok
07:56:34.0507 0x0aa8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
07:56:34.0507 0x0aa8 ql40xx - ok
07:56:34.0523 0x0aa8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
07:56:34.0539 0x0aa8 QWAVE - ok
07:56:34.0539 0x0aa8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:56:34.0554 0x0aa8 QWAVEdrv - ok
07:56:34.0554 0x0aa8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:56:34.0554 0x0aa8 RasAcd - ok
07:56:34.0570 0x0aa8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:56:34.0570 0x0aa8 RasAgileVpn - ok
07:56:34.0585 0x0aa8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
07:56:34.0585 0x0aa8 RasAuto - ok
07:56:34.0601 0x0aa8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:56:34.0601 0x0aa8 Rasl2tp - ok
07:56:34.0632 0x0aa8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
07:56:34.0648 0x0aa8 RasMan - ok
07:56:34.0663 0x0aa8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:56:34.0663 0x0aa8 RasPppoe - ok
07:56:34.0663 0x0aa8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:56:34.0663 0x0aa8 RasSstp - ok
07:56:34.0695 0x0aa8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:56:34.0695 0x0aa8 rdbss - ok
07:56:34.0710 0x0aa8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
07:56:34.0710 0x0aa8 rdpbus - ok
07:56:34.0726 0x0aa8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:56:34.0726 0x0aa8 RDPCDD - ok
07:56:34.0726 0x0aa8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
07:56:34.0741 0x0aa8 RDPDR - ok
07:56:34.0741 0x0aa8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:56:34.0741 0x0aa8 RDPENCDD - ok
07:56:34.0741 0x0aa8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:56:34.0741 0x0aa8 RDPREFMP - ok
07:56:34.0757 0x0aa8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
07:56:34.0757 0x0aa8 RdpVideoMiniport - ok
07:56:34.0788 0x0aa8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:56:34.0788 0x0aa8 RDPWD - ok
07:56:34.0804 0x0aa8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:56:34.0804 0x0aa8 rdyboost - ok
07:56:34.0819 0x0aa8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:56:34.0819 0x0aa8 RemoteAccess - ok
07:56:34.0835 0x0aa8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:56:34.0835 0x0aa8 RemoteRegistry - ok
07:56:34.0851 0x0aa8 [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
07:56:34.0851 0x0aa8 Revoflt - ok
07:56:34.0866 0x0aa8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:56:34.0866 0x0aa8 RpcEptMapper - ok
07:56:34.0882 0x0aa8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
07:56:34.0882 0x0aa8 RpcLocator - ok
07:56:34.0897 0x0aa8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
07:56:34.0913 0x0aa8 RpcSs - ok
07:56:34.0913 0x0aa8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:56:34.0913 0x0aa8 rspndr - ok
07:56:34.0944 0x0aa8 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
07:56:34.0944 0x0aa8 RTL8167 - ok
07:56:34.0960 0x0aa8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
07:56:34.0960 0x0aa8 s3cap - ok
07:56:34.0960 0x0aa8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
07:56:34.0960 0x0aa8 SamSs - ok
07:56:34.0960 0x0aa8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:56:34.0975 0x0aa8 sbp2port - ok
07:56:34.0975 0x0aa8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:56:34.0991 0x0aa8 SCardSvr - ok
07:56:34.0991 0x0aa8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:56:34.0991 0x0aa8 scfilter - ok
07:56:35.0022 0x0aa8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
07:56:35.0038 0x0aa8 Schedule - ok
07:56:35.0053 0x0aa8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
07:56:35.0053 0x0aa8 SCPolicySvc - ok
07:56:35.0069 0x0aa8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:56:35.0069 0x0aa8 SDRSVC - ok
07:56:35.0085 0x0aa8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:56:35.0085 0x0aa8 secdrv - ok
07:56:35.0100 0x0aa8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
07:56:35.0100 0x0aa8 seclogon - ok
07:56:35.0116 0x0aa8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
07:56:35.0116 0x0aa8 SENS - ok
07:56:35.0116 0x0aa8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:56:35.0116 0x0aa8 SensrSvc - ok
07:56:35.0131 0x0aa8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
07:56:35.0131 0x0aa8 Serenum - ok
07:56:35.0147 0x0aa8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
07:56:35.0147 0x0aa8 Serial - ok
07:56:35.0163 0x0aa8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
07:56:35.0163 0x0aa8 sermouse - ok
07:56:35.0178 0x0aa8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
07:56:35.0178 0x0aa8 SessionEnv - ok
07:56:35.0178 0x0aa8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:56:35.0178 0x0aa8 sffdisk - ok
07:56:35.0194 0x0aa8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:56:35.0194 0x0aa8 sffp_mmc - ok
07:56:35.0194 0x0aa8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:56:35.0194 0x0aa8 sffp_sd - ok
07:56:35.0194 0x0aa8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
07:56:35.0194 0x0aa8 sfloppy - ok
07:56:35.0225 0x0aa8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:56:35.0241 0x0aa8 SharedAccess - ok
07:56:35.0256 0x0aa8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:56:35.0272 0x0aa8 ShellHWDetection - ok
07:56:35.0272 0x0aa8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
07:56:35.0272 0x0aa8 SiSRaid2 - ok
07:56:35.0272 0x0aa8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
07:56:35.0272 0x0aa8 SiSRaid4 - ok
07:56:35.0303 0x0aa8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
07:56:35.0303 0x0aa8 SkypeUpdate - ok
07:56:35.0303 0x0aa8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:56:35.0303 0x0aa8 Smb - ok
07:56:35.0319 0x0aa8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:56:35.0319 0x0aa8 SNMPTRAP - ok
07:56:35.0334 0x0aa8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
07:56:35.0334 0x0aa8 spldr - ok
07:56:35.0365 0x0aa8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
07:56:35.0381 0x0aa8 Spooler - ok
07:56:35.0443 0x0aa8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
07:56:35.0490 0x0aa8 sppsvc - ok
07:56:35.0506 0x0aa8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:56:35.0506 0x0aa8 sppuinotify - ok
07:56:35.0521 0x0aa8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
07:56:35.0537 0x0aa8 srv - ok
07:56:35.0553 0x0aa8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:56:35.0553 0x0aa8 srv2 - ok
07:56:35.0568 0x0aa8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:56:35.0568 0x0aa8 srvnet - ok
07:56:35.0584 0x0aa8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:56:35.0584 0x0aa8 SSDPSRV - ok
07:56:35.0599 0x0aa8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:56:35.0599 0x0aa8 SstpSvc - ok
07:56:35.0599 0x0aa8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
07:56:35.0615 0x0aa8 stexstor - ok
07:56:35.0631 0x0aa8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
07:56:35.0631 0x0aa8 stisvc - ok
07:56:35.0677 0x0aa8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
07:56:35.0677 0x0aa8 storflt - ok
07:56:35.0677 0x0aa8 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
07:56:35.0677 0x0aa8 StorSvc - ok
07:56:35.0693 0x0aa8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
07:56:35.0693 0x0aa8 storvsc - ok
07:56:35.0693 0x0aa8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
07:56:35.0693 0x0aa8 swenum - ok
07:56:35.0755 0x0aa8 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
07:56:35.0771 0x0aa8 SwitchBoard - ok
07:56:35.0802 0x0aa8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
07:56:35.0818 0x0aa8 swprv - ok
07:56:35.0849 0x0aa8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
07:56:35.0880 0x0aa8 SysMain - ok
07:56:35.0896 0x0aa8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:56:35.0896 0x0aa8 TabletInputService - ok
07:56:35.0911 0x0aa8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
07:56:35.0927 0x0aa8 TapiSrv - ok
07:56:35.0927 0x0aa8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
07:56:35.0927 0x0aa8 TBS - ok
07:56:35.0974 0x0aa8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:56:35.0989 0x0aa8 Tcpip - ok
07:56:36.0021 0x0aa8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:56:36.0036 0x0aa8 TCPIP6 - ok
07:56:36.0052 0x0aa8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:56:36.0052 0x0aa8 tcpipreg - ok
07:56:36.0067 0x0aa8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:56:36.0067 0x0aa8 TDPIPE - ok
07:56:36.0083 0x0aa8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:56:36.0083 0x0aa8 TDTCP - ok
07:56:36.0099 0x0aa8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:56:36.0114 0x0aa8 tdx - ok
07:56:36.0114 0x0aa8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
07:56:36.0114 0x0aa8 TermDD - ok
07:56:36.0145 0x0aa8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
07:56:36.0161 0x0aa8 TermService - ok
07:56:36.0177 0x0aa8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
07:56:36.0177 0x0aa8 Themes - ok
07:56:36.0177 0x0aa8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
07:56:36.0192 0x0aa8 THREADORDER - ok
07:56:36.0192 0x0aa8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
07:56:36.0208 0x0aa8 TrkWks - ok
07:56:36.0239 0x0aa8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:56:36.0239 0x0aa8 TrustedInstaller - ok
07:56:36.0270 0x0aa8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:56:36.0270 0x0aa8 tssecsrv - ok
07:56:36.0301 0x0aa8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:56:36.0301 0x0aa8 TsUsbFlt - ok
07:56:36.0317 0x0aa8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
07:56:36.0333 0x0aa8 TsUsbGD - ok
07:56:36.0348 0x0aa8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:56:36.0348 0x0aa8 tunnel - ok
07:56:36.0348 0x0aa8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
07:56:36.0364 0x0aa8 uagp35 - ok
07:56:36.0379 0x0aa8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:56:36.0395 0x0aa8 udfs - ok
07:56:36.0411 0x0aa8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:56:36.0411 0x0aa8 UI0Detect - ok
07:56:36.0411 0x0aa8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:56:36.0426 0x0aa8 uliagpkx - ok
07:56:36.0442 0x0aa8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:56:36.0442 0x0aa8 umbus - ok
07:56:36.0442 0x0aa8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
07:56:36.0442 0x0aa8 UmPass - ok
07:56:36.0473 0x0aa8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
07:56:36.0473 0x0aa8 UmRdpService - ok
07:56:36.0535 0x0aa8 [ 1E9A5658E0EBDBC381F52123363F74CB, 62CB592F32BCC10FC9C3AF44941CC473F2F62EEBF829CA383F118650451F8F7E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
07:56:36.0551 0x0aa8 UNS - ok
07:56:36.0567 0x0aa8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
07:56:36.0582 0x0aa8 upnphost - ok
07:56:36.0598 0x0aa8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
07:56:36.0598 0x0aa8 usbaudio - ok
07:56:36.0613 0x0aa8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:56:36.0613 0x0aa8 usbccgp - ok
07:56:36.0629 0x0aa8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:56:36.0629 0x0aa8 usbcir - ok
07:56:36.0645 0x0aa8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
07:56:36.0645 0x0aa8 usbehci - ok
07:56:36.0645 0x0aa8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:56:36.0660 0x0aa8 usbhub - ok
07:56:36.0660 0x0aa8 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:56:36.0660 0x0aa8 usbohci - ok
07:56:36.0676 0x0aa8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
07:56:36.0676 0x0aa8 usbprint - ok
07:56:36.0691 0x0aa8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
07:56:36.0691 0x0aa8 usbscan - ok
07:56:36.0707 0x0aa8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:56:36.0723 0x0aa8 USBSTOR - ok
07:56:36.0738 0x0aa8 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:56:36.0738 0x0aa8 usbuhci - ok
07:56:36.0738 0x0aa8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
07:56:36.0754 0x0aa8 usbvideo - ok
07:56:36.0769 0x0aa8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
07:56:36.0769 0x0aa8 UxSms - ok
07:56:36.0785 0x0aa8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
07:56:36.0785 0x0aa8 VaultSvc - ok
07:56:36.0801 0x0aa8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:56:36.0801 0x0aa8 vdrvroot - ok
07:56:36.0816 0x0aa8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
07:56:36.0832 0x0aa8 vds - ok
07:56:36.0847 0x0aa8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:56:36.0847 0x0aa8 vga - ok
07:56:36.0847 0x0aa8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
07:56:36.0847 0x0aa8 VgaSave - ok
07:56:36.0863 0x0aa8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:56:36.0863 0x0aa8 vhdmp - ok
07:56:36.0863 0x0aa8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
07:56:36.0863 0x0aa8 viaide - ok
07:56:36.0894 0x0aa8 [ 079F8C7A0EAE7E28933629145F698885, 9DC95450356E97C6DA1772A7154844729FD765D92B2898FEBA3B0C38EF432A10 ] VirtuWDDM C:\Windows\system32\DRIVERS\VirtuWDDM.sys
07:56:36.0894 0x0aa8 VirtuWDDM - ok
07:56:36.0910 0x0aa8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
07:56:36.0910 0x0aa8 vmbus - ok
07:56:36.0925 0x0aa8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
07:56:36.0925 0x0aa8 VMBusHID - ok
07:56:36.0925 0x0aa8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:56:36.0925 0x0aa8 volmgr - ok
07:56:36.0941 0x0aa8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:56:36.0941 0x0aa8 volmgrx - ok
07:56:36.0957 0x0aa8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:56:36.0957 0x0aa8 volsnap - ok
07:56:36.0972 0x0aa8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
07:56:36.0972 0x0aa8 vsmraid - ok
07:56:37.0003 0x0aa8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
07:56:37.0035 0x0aa8 VSS - ok
07:56:37.0050 0x0aa8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
07:56:37.0050 0x0aa8 vwifibus - ok
07:56:37.0050 0x0aa8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
07:56:37.0066 0x0aa8 W32Time - ok
07:56:37.0066 0x0aa8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
07:56:37.0066 0x0aa8 WacomPen - ok
07:56:37.0081 0x0aa8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:56:37.0081 0x0aa8 WANARP - ok
07:56:37.0081 0x0aa8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:56:37.0081 0x0aa8 Wanarpv6 - ok
07:56:37.0128 0x0aa8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:56:37.0144 0x0aa8 WatAdminSvc - ok
07:56:37.0191 0x0aa8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
07:56:37.0222 0x0aa8 wbengine - ok
07:56:37.0237 0x0aa8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:56:37.0237 0x0aa8 WbioSrvc - ok
07:56:37.0253 0x0aa8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:56:37.0269 0x0aa8 wcncsvc - ok
07:56:37.0269 0x0aa8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:56:37.0269 0x0aa8 WcsPlugInService - ok
07:56:37.0284 0x0aa8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
07:56:37.0284 0x0aa8 Wd - ok
07:56:37.0315 0x0aa8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:56:37.0315 0x0aa8 Wdf01000 - ok
07:56:37.0331 0x0aa8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:56:37.0331 0x0aa8 WdiServiceHost - ok
07:56:37.0331 0x0aa8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:56:37.0331 0x0aa8 WdiSystemHost - ok
07:56:37.0362 0x0aa8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
07:56:37.0362 0x0aa8 WebClient - ok
07:56:37.0378 0x0aa8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:56:37.0393 0x0aa8 Wecsvc - ok
07:56:37.0393 0x0aa8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:56:37.0393 0x0aa8 wercplsupport - ok
07:56:37.0409 0x0aa8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
07:56:37.0409 0x0aa8 WerSvc - ok
07:56:37.0409 0x0aa8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:56:37.0409 0x0aa8 WfpLwf - ok
07:56:37.0425 0x0aa8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:56:37.0425 0x0aa8 WIMMount - ok
07:56:37.0425 0x0aa8 WinDefend - ok
07:56:37.0440 0x0aa8 WinHttpAutoProxySvc - ok
07:56:37.0487 0x0aa8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:56:37.0487 0x0aa8 Winmgmt - ok
07:56:37.0565 0x0aa8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
07:56:37.0596 0x0aa8 WinRM - ok
07:56:37.0612 0x0aa8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
07:56:37.0627 0x0aa8 Wlansvc - ok
07:56:37.0643 0x0aa8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:56:37.0643 0x0aa8 WmiAcpi - ok
07:56:37.0643 0x0aa8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:56:37.0659 0x0aa8 wmiApSrv - ok
07:56:37.0659 0x0aa8 WMPNetworkSvc - ok
07:56:37.0659 0x0aa8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:56:37.0674 0x0aa8 WPCSvc - ok
07:56:37.0674 0x0aa8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:56:37.0690 0x0aa8 WPDBusEnum - ok
07:56:37.0705 0x0aa8 [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
07:56:37.0705 0x0aa8 WPRO_41_2001 - ok
07:56:37.0705 0x0aa8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:56:37.0705 0x0aa8 ws2ifsl - ok
07:56:37.0721 0x0aa8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
07:56:37.0737 0x0aa8 wscsvc - ok
07:56:37.0737 0x0aa8 WSearch - ok
07:56:37.0799 0x0aa8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
07:56:37.0830 0x0aa8 wuauserv - ok
07:56:37.0861 0x0aa8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:56:37.0861 0x0aa8 WudfPf - ok
07:56:37.0877 0x0aa8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:56:37.0877 0x0aa8 WUDFRd - ok
07:56:37.0877 0x0aa8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:56:37.0893 0x0aa8 wudfsvc - ok
07:56:37.0908 0x0aa8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
07:56:37.0924 0x0aa8 WwanSvc - ok
07:56:37.0924 0x0aa8 ================ Scan global ===============================
07:56:37.0939 0x0aa8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
07:56:37.0955 0x0aa8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
07:56:37.0971 0x0aa8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
07:56:37.0986 0x0aa8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
07:56:38.0002 0x0aa8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
07:56:38.0017 0x0aa8 [ Global ] - ok
07:56:38.0017 0x0aa8 ================ Scan MBR ==================================
07:56:38.0033 0x0aa8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:56:38.0189 0x0aa8 \Device\Harddisk0\DR0 - ok
07:56:38.0205 0x0aa8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
07:56:38.0220 0x0aa8 \Device\Harddisk1\DR1 - ok
07:56:38.0236 0x0aa8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
07:56:38.0251 0x0aa8 \Device\Harddisk2\DR2 - ok
07:56:38.0251 0x0aa8 ================ Scan VBR ==================================
07:56:38.0251 0x0aa8 [ 37593E46109EFD64AC4558BBD7356D38 ] \Device\Harddisk0\DR0\Partition1
07:56:38.0314 0x0aa8 \Device\Harddisk0\DR0\Partition1 - ok
07:56:38.0314 0x0aa8 [ 30BA46CDC20EF2B29CD0A83F0AC88620 ] \Device\Harddisk0\DR0\Partition2
07:56:38.0361 0x0aa8 \Device\Harddisk0\DR0\Partition2 - ok
07:56:38.0361 0x0aa8 [ F76D72248304CFE6927D859FBCA02D4B ] \Device\Harddisk2\DR2\Partition1
07:56:38.0361 0x0aa8 \Device\Harddisk2\DR2\Partition1 - ok
07:56:38.0376 0x0aa8 [ 1857A2B3F51FB5FCDAF6406908769A53 ] \Device\Harddisk2\DR2\Partition2
07:56:38.0376 0x0aa8 \Device\Harddisk2\DR2\Partition2 - ok
07:56:38.0376 0x0aa8 Waiting for KSN requests completion. In queue: 259
07:56:39.0390 0x0aa8 Waiting for KSN requests completion. In queue: 259
07:56:40.0404 0x0aa8 Waiting for KSN requests completion. In queue: 259
07:56:41.0418 0x0aa8 Waiting for KSN requests completion. In queue: 259
07:56:42.0432 0x0aa8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2016.330 ), 0x41000 ( enabled : updated )
07:56:42.0448 0x0aa8 Win FW state via NFP2: enabled
07:56:45.0287 0x0aa8 ============================================================
07:56:45.0287 0x0aa8 Scan finished
07:56:45.0287 0x0aa8 ============================================================
07:56:45.0287 0x12c0 Detected object count: 0
07:56:45.0287 0x12c0 Actual detected object count: 0
08:02:22.0138 0x13d0 Deinitialize success
-
Just an update: running a Winsock reset seems to have solved the network settings problem.
-
I executed a Winsock reset by running the following command at the command prompt and the IP settings are holding even after reboot! Yay! Thanks for the suggestion, TT.
netsh winsock reset
-
Hello, Flash! I'm posting this in relation to my recent experience. I haven't noticed anything else that is unusual; just that the static IPs that used to work before now no longer work. Only setting everything to 'Auto' allows me to get online.
As per your instructions in the stickies, here are the scan logs so far...
1. AdwCleaner
# AdwCleaner v3.204 - Report created 26/04/2014 at 18:56:49
# Updated 26/04/2014 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : Behemoth - BEHEMOTH-PC# Running from : C:\Program Files (x86)\AdwCleaner\AdwCleaner.exe# Option : Scan***** [ Services ] ********** [ Files / Folders ] *****Folder Found : C:\Users\Behemoth\AppData\Local\PackageAware***** [ Shortcuts ] ********** [ Registry ] ********** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.17041-\\ Google Chrome v34.0.1847.116[ File : C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\preferences ]*************************AdwCleaner[R0].txt - [850 octets] - [26/04/2014 18:56:49]########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [909 octets] ########### AdwCleaner v3.204 - Report created 26/04/2014 at 18:57:22
# Updated 26/04/2014 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : Behemoth - BEHEMOTH-PC# Running from : C:\Program Files (x86)\AdwCleaner\AdwCleaner.exe# Option : Clean***** [ Services ] ********** [ Files / Folders ] *****Folder Deleted : C:\Users\Behemoth\AppData\Local\PackageAware***** [ Shortcuts ] ********** [ Registry ] ********** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.17041-\\ Google Chrome v34.0.1847.116[ File : C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\preferences ]*************************AdwCleaner[R0].txt - [988 octets] - [26/04/2014 18:56:49]AdwCleaner[s0].txt - [916 octets] - [26/04/2014 18:57:22]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [975 octets] ##########2. aswMBR
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-04-26 19:02:40
-----------------------------
19:02:40.338 OS Version: Windows x64 6.1.7601 Service Pack 1
19:02:40.338 Number of processors: 4 586 0x3A09
19:02:40.339 ComputerName: BEHEMOTH-PC UserName: Behemoth
19:02:40.498 Initialize success
19:02:43.283 AVAST engine defs: 14042601
19:03:07.132 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
19:03:07.135 Disk 0 Vendor: ATA_____ 1A01 Size: 953869MB BusType: 11
19:03:07.137 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000066
19:03:07.140 Disk 1 Vendor: ATA_____ 0___ Size: 30533MB BusType: 11
19:03:07.143 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000067
19:03:07.145 Disk 2 Vendor: ATA_____ 3.42 Size: 152627MB BusType: 11
19:03:07.213 Disk 0 MBR read successfully
19:03:07.217 Disk 0 MBR scan
19:03:07.221 Disk 0 Windows 7 default MBR code
19:03:07.225 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:03:07.239 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
19:03:07.259 Disk 0 scanning C:\Windows\system32\drivers
19:03:12.313 Service scanning
19:03:18.381 Modules scanning
19:03:18.391 Disk 0 trace - called modules:
19:03:18.403 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
19:03:18.408 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800988c060]
19:03:18.413 3 CLASSPNP.SYS[fffff88001d2843f] -> nt!IofCallDriver -> [0xfffffa8007ac9c50]
19:03:18.418 5 iaStorF.sys[fffff88001cc4168] -> nt!IofCallDriver -> \Device\00000065[0xfffffa80074b79c0]
19:03:18.537 AVAST engine scan C:\Windows
19:03:19.964 AVAST engine scan C:\Windows\system32
19:04:40.305 AVAST engine scan C:\Windows\system32\drivers
19:04:47.019 AVAST engine scan C:\Users\Behemoth
19:05:29.425 AVAST engine scan C:\ProgramData
19:05:56.704 Scan finished successfully
19:10:27.932 Disk 0 MBR has been saved successfully to "F:\Downloads\MBR.dat"
19:10:27.934 The log file has been saved successfully to "F:\Downloads\aswMBR.txt"
3. MBAM
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 4/26/2014
Scan Time: 6:48:39 PM
Logfile: mbam-log.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.26.05
Rootkit Database: v2014.03.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Behemoth
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 235300
Time Elapsed: 3 min, 2 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
4. OTL
OTL logfile created on: 4/26/2014 7:29:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files (x86)\OTL
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.89 Gb Total Physical Memory | 5.11 Gb Available Physical Memory | 64.85% Memory free
15.87 Gb Paging File | 13.11 Gb Available in Paging File | 82.58% Paging File free
Paging file location(s): c:\pagefile.sys 100 100e:\pagefil [binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 885.25 Gb Free Space | 95.04% Space Free | Partition Type: NTFS
Drive E: | 10.00 Gb Total Space | 2.02 Gb Free Space | 20.24% Space Free | Partition Type: NTFS
Drive F: | 139.05 Gb Total Space | 138.90 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
Computer Name: BEHEMOTH-PC | User Name: Behemoth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/04/26 18:52:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Program Files (x86)\OTL\OTL.exe
PRC - [2014/04/24 10:32:42 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/04/03 09:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/03/29 15:31:26 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/03/29 15:31:26 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/09/11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/09/01 18:07:22 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/08/21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/05 08:23:18 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/02/27 03:01:56 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
========== Modules (No Company Name) ==========
MOD - [2014/03/29 22:42:09 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll
MOD - [2014/03/29 22:41:22 | 002,997,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll
MOD - [2014/03/29 22:41:20 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
MOD - [2014/03/29 22:41:12 | 000,029,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\c168447e4d828f48b0b416bb0dc128bb\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2014/03/29 22:41:11 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\ea7a8fb74933181836838ff94b5d04d3\IAStorCommon.ni.dll
MOD - [2014/03/29 22:26:18 | 000,371,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\59bbcc02f949910c4baae888c45e90d7\IAStorUtil.ni.dll
MOD - [2014/03/29 22:26:17 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014/03/29 22:26:17 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014/03/29 22:26:16 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014/03/29 21:42:20 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/03/29 21:42:20 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/03/29 21:42:16 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/03/29 21:42:14 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/03/29 21:42:13 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/03/29 21:42:12 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/03/29 21:42:09 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/03/29 15:31:27 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/03/29 15:31:26 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/03/17 16:33:20 | 000,282,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/03/06 04:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/01/29 13:30:08 | 000,828,656 | ---- | M] (Condusiv Technologies) [Auto | Running] -- C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe -- (ExpressCache)
SRV:64bit: - [2013/12/09 15:22:42 | 000,018,152 | ---- | M] (LucidLogix) [Auto | Running] -- C:\Program Files\Lucidlogix Technologies\VIRTU MVP\LucidSvc.exe -- (LucidSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/10/04 17:29:24 | 001,976,696 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV:64bit: - [2012/10/04 17:29:02 | 003,367,288 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe -- (PDEngine)
SRV:64bit: - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/02/09 16:26:48 | 000,133,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2010/12/13 14:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/04/24 10:32:42 | 000,417,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Nitro\Pro 9\Nitro_UpdateService.exe -- (NitroUpdateService)
SRV - [2014/04/24 10:32:42 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2014/04/24 10:32:36 | 000,230,920 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files (x86)\Nitro\Pro 9\NitroPDFDriverService9x64.exe -- (NitroDriverReadSpool9)
SRV - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/03/17 16:33:24 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/09/11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/09/11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/08/21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/05 08:23:18 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/04/26 19:16:46 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/04/26 18:58:24 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2014/04/12 10:14:52 | 000,032,320 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:64bit: - [2014/04/12 10:14:50 | 000,016,648 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:64bit: - [2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/03/29 15:31:27 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/03/29 15:31:27 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/03/29 15:31:27 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/03/29 15:31:27 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/03/29 15:31:27 | 000,084,816 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/03/29 15:31:27 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/03/29 15:31:27 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/03/07 09:26:44 | 000,450,520 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/03/07 09:18:24 | 003,729,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/01/29 13:30:12 | 000,118,000 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\excsd.sys -- (excsd)
DRV:64bit: - [2014/01/29 13:30:12 | 000,025,840 | ---- | M] (Condusiv Technologies) [File_System | System | Running] -- C:\Windows\SysNative\drivers\excfs.sys -- (excfs)
DRV:64bit: - [2013/12/09 15:22:46 | 000,097,512 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2013/11/28 09:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/01/19 00:52:08 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012/09/11 15:24:32 | 000,126,232 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DefragFs.sys -- (DefragFS)
DRV:64bit: - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/09/01 18:01:56 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012/08/23 17:57:16 | 000,083,224 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFSFilter)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/09 17:03:06 | 000,034,640 | ---- | M] (ASRock Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AsrRamDisk.sys -- (AsrRamDisk)
DRV:64bit: - [2012/07/02 10:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 03:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 03:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 03:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/09 16:24:16 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2012/02/09 16:24:14 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2011/11/07 10:13:06 | 000,017,192 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2011/08/23 21:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/26 17:11:06 | 000,023,048 | ---- | M] (ASRock Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsrVDrive.sys -- (AsrVDrive)
DRV:64bit: - [2010/12/13 14:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/11/18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ncr
IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 91 A9 B4 73 7F 4B CF 01 [binary data]
IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/29 23:43:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2014/03/29 23:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions
[2014/03/29 23:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/11/15 03:30:36 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ncr
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2013 (Disabled) = C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Disabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Disabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Microsoft Office 2013 (Disabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
CHR - Extension: Google Drive = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.26_0\
CHR - Extension: LastPass: Free Password Manager = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.1.17_0\
CHR - Extension: Google Wallet = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{835D2B06-7C54-4855-9621-275A8FE67F7B}: DhcpNameServer = 192.168.100.2
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\appinit_dll.dll) - C:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/04/26 19:12:02 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/26 18:57:09 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/04/26 18:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\rkill
[2014/04/26 18:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OTL
[2014/04/26 18:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRT
[2014/04/26 18:36:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AdwCleaner
[2014/04/26 18:33:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hijackthis
[2014/04/26 18:31:04 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Programs
[2014/04/26 18:11:53 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\ElevatedDiagnostics
[2014/04/26 17:54:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2014/04/26 17:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/04/26 17:53:42 | 000,000,000 | ---D | C] -- C:\TEMP
[2014/04/26 17:46:36 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2014/04/26 09:57:24 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/26 09:57:24 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/25 21:00:10 | 000,029,704 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon9.dll
[2014/04/25 21:00:10 | 000,017,928 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui9.dll
[2014/04/25 20:59:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2014/04/25 20:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2014/04/25 19:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\mvp
[2014/04/25 19:58:32 | 000,097,512 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysNative\drivers\VirtuWDDM.sys
[2014/04/25 19:58:31 | 000,539,880 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysNative\appinit_dll.dll
[2014/04/25 19:58:31 | 000,512,232 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysWow64\appinit_dll.dll
[2014/04/25 19:58:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lucidlogix Technologies
[2014/04/25 19:58:31 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\Lucidlogix
[2014/04/25 19:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Lucidlogix
[2014/04/24 18:31:34 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Topaz Labs
[2014/04/24 18:19:08 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs
[2014/04/24 18:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
[2014/04/24 18:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Topaz Labs
[2014/04/24 18:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Topaz Labs
[2014/04/24 18:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Topaz Labs
[2014/04/24 17:57:45 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\NVIDIA
[2014/04/24 10:32:42 | 000,069,640 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\NLSSRV32.EXE
[2014/04/24 07:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2014/04/24 07:46:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/04/24 07:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/04/24 07:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2014/04/24 07:44:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2014/04/24 07:42:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2014/04/24 07:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/04/24 07:40:25 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Adobe
[2014/04/24 07:40:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/04/24 07:39:55 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Adobe
[2014/04/24 07:30:55 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/04/24 07:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/04/24 07:30:54 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Notepad++
[2014/04/24 07:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2014/04/23 21:23:44 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\foobar2000
[2014/04/23 21:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2014/04/23 19:23:16 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Nitro
[2014/04/23 19:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2014/04/23 19:21:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2014/04/23 19:20:05 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Downloaded Installations
[2014/04/23 19:15:09 | 000,000,000 | ---D | C] -- F:\My Documents\Epiphany
[2014/04/23 19:14:59 | 000,000,000 | ---D | C] -- F:\My Documents\QBC
[2014/04/23 09:27:49 | 000,000,000 | R--D | C] -- F:\My Documents\Scanned Documents
[2014/04/23 09:27:49 | 000,000,000 | ---D | C] -- F:\My Documents\Fax
[2014/04/12 10:44:34 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASRock Utility
[2014/04/12 10:14:52 | 000,032,320 | ---- | C] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS
[2014/04/12 10:14:50 | 000,016,648 | ---- | C] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS
[2014/04/12 10:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\FNET
[2014/04/12 10:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XFastUSB
[2014/04/12 10:06:34 | 001,632,128 | ---- | C] (cFos Software GmbH) -- C:\Windows\SysNative\drivers\cfosspeed6.sys
[2014/04/12 10:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock
[2014/04/12 10:03:29 | 000,034,640 | ---- | C] (ASRock Inc.) -- C:\Windows\SysNative\drivers\AsrRamDisk.sys
[2014/04/12 10:03:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASRock Utility
[2014/04/12 10:02:13 | 000,023,048 | ---- | C] (ASRock Inc.) -- C:\Windows\SysNative\drivers\AsrVDrive.sys
[2014/04/11 12:06:14 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\EmieUserList
[2014/04/11 12:06:14 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\EmieSiteList
[2014/04/08 23:13:01 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Filters
[2014/04/08 23:09:02 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/08 23:09:01 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/08 23:09:00 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/04/08 23:08:56 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/04/08 23:08:56 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/04/08 23:08:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/04/08 23:08:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/04/08 23:08:55 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/04/08 23:08:55 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/08 23:08:55 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/04/08 23:08:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/04/08 23:08:55 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/04/08 23:08:55 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/04/08 23:08:54 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/04/08 23:08:54 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/04/08 23:08:54 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/04/08 23:08:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/04/08 23:08:54 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/04/08 23:08:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/04/08 23:08:53 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/04/08 23:08:53 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/04/08 23:08:52 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/04/08 23:08:52 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/04/08 23:08:52 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/04/08 23:08:52 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/04/08 23:08:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/04/08 23:08:51 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/04/08 23:08:51 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/04/08 23:08:49 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/04/08 21:47:59 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/08 21:47:59 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/08 21:47:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/08 21:47:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/08 21:47:58 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/08 21:47:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/08 21:47:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/08 21:47:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/08 21:47:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/08 21:47:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/08 21:47:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/08 21:47:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/08 21:47:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/08 21:47:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/04/03 09:50:37 | 000,000,000 | ---D | C] -- F:\My Documents\reference-letters
[2014/03/31 22:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/03/31 21:14:28 | 000,000,000 | ---D | C] -- F:\My Documents\Custom Office Templates
[2014/03/30 20:23:52 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\IntelGraphicsProfiles
[2014/03/30 20:22:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/03/30 20:18:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2014/03/30 19:52:35 | 000,000,000 | RHSD | C] -- C:\ProgramData\Key-Base
[2014/03/30 17:53:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/03/30 16:24:46 | 000,000,000 | ---D | C] -- C:\Windows\jumpshot.com
[2014/03/30 16:22:07 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/03/30 10:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2014/03/30 10:26:32 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510a-f
[2014/03/30 10:26:22 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l70w.dll
[2014/03/30 10:26:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/03/30 10:26:19 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2014/03/30 10:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/03/30 10:25:23 | 001,417,728 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwtiop6.dll
[2014/03/30 10:25:23 | 000,901,632 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwwiax7.dll
[2014/03/30 10:25:23 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2014/03/30 10:25:23 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2014/03/30 10:25:23 | 000,502,272 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwvst01.dll
[2014/03/30 10:25:23 | 000,043,008 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwentco.dll
[2014/03/30 09:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Raxco
[2014/03/30 09:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Raxco
[2014/03/30 09:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Raxco
[2014/03/30 04:18:42 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/03/30 03:19:26 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/03/30 03:19:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/03/30 02:42:07 | 000,017,192 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\AsrAppCharger.sys
[2014/03/30 02:42:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
[2014/03/30 02:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock Utility
[2014/03/30 02:38:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2014/03/30 02:38:35 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/03/30 02:38:30 | 003,845,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2014/03/30 02:38:30 | 002,652,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014/03/30 02:38:30 | 002,603,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2014/03/30 02:38:30 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2014/03/30 02:38:30 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2014/03/30 02:38:30 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014/03/30 02:38:30 | 000,958,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/03/30 02:38:30 | 000,894,040 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2014/03/30 02:38:30 | 000,823,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014/03/30 02:38:30 | 000,750,680 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2014/03/30 02:38:30 | 000,626,264 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBTHX64.dll
[2014/03/30 02:38:30 | 000,561,752 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBTHX32.dll
[2014/03/30 02:38:30 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014/03/30 02:38:30 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014/03/30 02:38:30 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2014/03/30 02:38:30 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014/03/30 02:38:30 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014/03/30 02:38:30 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014/03/30 02:38:30 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014/03/30 02:38:30 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014/03/30 02:38:30 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014/03/30 02:38:30 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014/03/30 02:38:30 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2014/03/30 02:38:30 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014/03/30 02:38:30 | 000,100,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014/03/30 02:38:30 | 000,080,984 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2014/03/30 02:38:30 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014/03/30 02:38:30 | 000,032,344 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\MBfilt64.sys
[2014/03/30 02:38:30 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2014/03/30 02:38:29 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/03/30 02:38:29 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2014/03/30 02:38:29 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2014/03/30 02:38:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2014/03/30 02:38:23 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2014/03/30 02:38:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/03/30 01:50:50 | 000,064,000 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL
[2014/03/30 01:50:50 | 000,060,416 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL
[2014/03/30 01:49:08 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll
[2014/03/30 01:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2014/03/30 01:46:58 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Intel Corporation
[2014/03/30 00:37:01 | 000,565,352 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014/03/30 00:36:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014/03/30 00:36:25 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\ExpressCache
[2014/03/30 00:35:40 | 000,647,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2014/03/30 00:35:40 | 000,028,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2014/03/30 00:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanDisk
[2014/03/30 00:34:17 | 000,025,840 | ---- | C] (Condusiv Technologies) -- C:\Windows\SysNative\drivers\excfs.sys
[2014/03/30 00:34:16 | 000,118,000 | ---- | C] (Condusiv Technologies) -- C:\Windows\SysNative\drivers\excsd.sys
[2014/03/30 00:34:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/03/30 00:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Diskeeper Corporation
[2014/03/30 00:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Condusiv Technologies
[2014/03/30 00:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\Condusiv Technologies
[2014/03/30 00:34:06 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2014/03/30 00:34:00 | 000,015,168 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2014/03/30 00:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2014/03/30 00:33:53 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/03/30 00:33:41 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/03/30 00:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2014/03/30 00:33:24 | 000,062,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2014/03/30 00:33:23 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/03/30 00:33:23 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\InstallShield
[2014/03/30 00:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SanDisk
[2014/03/30 00:29:44 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2014/03/30 00:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/03/30 00:29:14 | 000,000,000 | ---D | C] -- C:\Intel
[2014/03/30 00:25:17 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/03/30 00:25:17 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Searches
[2014/03/30 00:25:17 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/03/30 00:25:17 | 000,000,000 | -H-D | C] -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/03/30 00:25:10 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Identities
[2014/03/30 00:25:08 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Contacts
[2014/03/30 00:25:05 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\VirtualStore
[2014/03/30 00:24:56 | 000,000,000 | --SD | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft
[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Saved Games
[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Links
[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Favorites
[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Desktop
[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\Temporary Internet Files
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Templates
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Start Menu
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\SendTo
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Recent
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\PrintHood
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\NetHood
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\My Documents
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Local Settings
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\History
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Cookies
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Application Data
[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\Application Data
[2014/03/30 00:24:56 | 000,000,000 | -H-D | C] -- C:\Users\Behemoth\AppData
[2014/03/30 00:24:56 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Temp
[2014/03/30 00:24:56 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Microsoft
[2014/03/30 00:24:56 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Media Center Programs
[2014/03/30 00:24:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/03/30 00:24:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/03/30 00:23:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/03/30 00:23:38 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/03/29 23:23:52 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Thunderbird
[2014/03/29 23:23:52 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Thunderbird
[2014/03/29 23:23:52 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Mozilla
[2014/03/29 23:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird
[2014/03/29 23:22:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2014/03/29 21:52:22 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P2P
[2014/03/29 21:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P2P
[2014/03/29 21:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014/03/29 21:49:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/03/29 21:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014/03/29 21:48:28 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Apple
[2014/03/29 21:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014/03/29 21:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/03/29 21:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/29 21:25:20 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/03/29 21:25:20 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/03/29 21:20:19 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/03/29 21:20:19 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/03/29 21:16:08 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/03/29 21:15:48 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014/03/29 21:15:48 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014/03/29 21:15:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014/03/29 21:15:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014/03/29 21:15:48 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014/03/29 21:15:47 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014/03/29 21:15:25 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/03/29 21:15:24 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/03/29 21:15:24 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/03/29 21:15:23 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/03/29 21:14:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2014/03/29 21:11:24 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\VS Revo Group
[2014/03/29 21:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/03/29 21:11:20 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2014/03/29 21:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/03/29 20:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2014/03/29 20:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/03/29 20:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/03/29 20:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/03/29 20:42:01 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/03/29 20:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2014/03/29 20:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014/03/29 20:41:12 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Microsoft Help
[2014/03/29 20:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/03/29 20:40:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014/03/29 20:40:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/03/29 20:38:52 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/03/29 20:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\drivepurge
[2014/03/29 20:24:11 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\qBittorrent
[2014/03/29 20:24:07 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\qBittorrent
[2014/03/29 20:22:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\qBittorrent
[2014/03/29 20:12:10 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Skype
[2014/03/29 20:12:03 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Skype
[2014/03/29 20:11:59 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/03/29 20:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/03/29 20:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/03/29 20:11:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/03/29 20:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
[2014/03/29 20:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2014/03/29 20:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam
[2014/03/29 20:04:35 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014/03/29 20:04:35 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014/03/29 19:59:27 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Macromedia
[2014/03/29 19:50:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filters
[2014/03/29 19:49:44 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\vlc
[2014/03/29 19:49:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/03/29 19:47:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/03/29 19:47:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/03/29 19:39:25 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/29 19:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toolbox
[2014/03/29 19:39:15 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/03/29 19:39:15 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/03/29 19:39:15 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/29 19:39:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/03/29 19:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/29 19:30:23 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/03/29 19:28:52 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/03/29 19:28:49 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/03/29 19:28:49 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/03/29 19:28:49 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/03/29 19:28:49 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/29 19:28:49 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/03/29 19:28:49 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/03/29 19:28:49 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/03/29 19:28:49 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/29 19:28:49 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/03/29 19:28:49 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/03/29 19:28:49 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/03/29 19:28:49 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/03/29 19:28:49 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/03/29 19:28:49 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/03/29 19:28:49 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/03/29 19:28:49 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/03/29 19:28:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/03/29 19:28:49 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/03/29 19:28:49 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/03/29 19:28:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/03/29 19:28:49 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/03/29 19:28:49 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/03/29 19:28:49 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/03/29 19:28:49 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/03/29 19:28:49 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/03/29 19:28:49 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/03/29 19:28:49 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/03/29 19:28:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/03/29 19:28:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/03/29 19:28:49 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/03/29 19:28:49 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/03/29 19:28:49 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/03/29 19:28:49 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/03/29 19:28:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/03/29 19:28:49 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/03/29 19:28:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/03/29 19:28:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/03/29 19:28:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/03/29 19:28:49 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/03/29 19:28:49 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/03/29 19:28:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/03/29 19:28:49 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/03/29 19:28:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/03/29 19:28:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/03/29 19:28:49 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/03/29 19:28:49 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/03/29 19:28:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/03/29 19:28:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/03/29 19:28:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/03/29 19:28:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/03/29 19:16:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014/03/29 19:16:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014/03/29 19:16:46 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014/03/29 19:16:46 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014/03/29 19:16:45 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/03/29 19:16:45 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/03/29 19:16:45 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014/03/29 19:16:45 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014/03/29 19:16:45 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/03/29 19:16:45 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014/03/29 19:16:45 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/03/29 19:16:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014/03/29 19:16:45 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014/03/29 19:16:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014/03/29 19:16:44 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/03/29 19:16:44 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/03/29 19:16:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014/03/29 19:16:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2014/03/29 19:16:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014/03/29 19:16:03 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/03/29 19:16:03 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014/03/29 19:16:03 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014/03/29 19:16:03 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014/03/29 19:15:29 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/03/29 19:15:29 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/03/29 19:15:27 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/03/29 19:15:27 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/03/29 19:02:26 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014/03/29 19:02:25 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014/03/29 19:02:25 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014/03/29 19:02:24 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014/03/29 18:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/03/29 18:57:22 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/03/29 16:19:03 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/03/29 16:19:03 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/03/29 16:19:03 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/03/29 16:19:03 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/03/29 16:19:03 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/03/29 16:19:03 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/03/29 16:19:03 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/03/29 16:19:03 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/03/29 16:19:03 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/03/29 16:19:03 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/03/29 16:19:03 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/03/29 16:19:03 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/03/29 16:19:03 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/03/29 16:19:03 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/03/29 16:19:03 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/03/29 16:19:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/29 16:19:03 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/29 16:19:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/29 16:19:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/29 16:19:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/29 16:19:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/29 16:19:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/29 16:19:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/29 16:19:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/29 16:19:03 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/29 16:04:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/03/29 16:03:58 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014/03/29 16:03:58 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/03/29 16:03:58 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/03/29 16:03:58 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014/03/29 16:01:37 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2014/03/29 15:59:11 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/03/29 15:59:11 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/03/29 15:59:11 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/03/29 15:59:11 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/03/29 15:59:10 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/03/29 15:59:10 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/03/29 15:59:10 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/03/29 15:59:10 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/03/29 15:59:10 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/03/29 15:59:10 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/03/29 15:59:10 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/03/29 15:59:10 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/03/29 15:59:10 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/03/29 15:59:10 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/03/29 15:59:10 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/03/29 15:59:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/03/29 15:59:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/03/29 15:59:00 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/03/29 15:59:00 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/03/29 15:59:00 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/03/29 15:59:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014/03/29 15:58:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014/03/29 15:58:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014/03/29 15:58:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014/03/29 15:58:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/03/29 15:58:55 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/03/29 15:58:55 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/03/29 15:58:51 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/03/29 15:58:51 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/03/29 15:58:51 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/03/29 15:58:50 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/03/29 15:58:50 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/03/29 15:58:50 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/03/29 15:58:50 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/03/29 15:58:39 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/03/29 15:58:39 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014/03/29 15:58:39 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014/03/29 15:58:38 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014/03/29 15:58:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014/03/29 15:58:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014/03/29 15:58:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014/03/29 15:58:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014/03/29 15:58:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014/03/29 15:58:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014/03/29 15:58:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014/03/29 15:58:29 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014/03/29 15:58:29 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014/03/29 15:58:29 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/03/29 15:58:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014/03/29 15:58:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014/03/29 15:58:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014/03/29 15:58:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014/03/29 15:58:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014/03/29 15:58:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014/03/29 15:58:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014/03/29 15:58:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014/03/29 15:58:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014/03/29 15:58:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014/03/29 15:58:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014/03/29 15:58:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014/03/29 15:58:29 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014/03/29 15:58:29 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014/03/29 15:58:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014/03/29 15:58:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014/03/29 15:58:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014/03/29 15:58:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014/03/29 15:58:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014/03/29 15:58:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014/03/29 15:58:28 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/03/29 15:58:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014/03/29 15:58:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014/03/29 15:58:28 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014/03/29 15:58:28 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014/03/29 15:58:28 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014/03/29 15:58:28 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014/03/29 15:58:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014/03/29 15:58:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014/03/29 15:58:24 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/03/29 15:58:24 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014/03/29 15:58:21 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/03/29 15:58:18 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2014/03/29 15:58:18 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/03/29 15:58:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/03/29 15:58:18 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/03/29 15:58:18 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/03/29 15:58:18 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/03/29 15:58:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014/03/29 15:58:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/03/29 15:58:13 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014/03/29 15:58:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014/03/29 15:58:11 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014/03/29 15:58:10 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014/03/29 15:58:10 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014/03/29 15:58:10 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014/03/29 15:58:00 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/03/29 15:57:58 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014/03/29 15:57:58 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014/03/29 15:57:58 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014/03/29 15:57:58 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014/03/29 15:57:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014/03/29 15:57:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014/03/29 15:57:57 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2014/03/29 15:57:57 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2014/03/29 15:57:57 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2014/03/29 15:57:56 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2014/03/29 15:57:56 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2014/03/29 15:57:56 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2014/03/29 15:57:56 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2014/03/29 15:57:56 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2014/03/29 15:57:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2014/03/29 15:57:56 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2014/03/29 15:57:56 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2014/03/29 15:57:56 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2014/03/29 15:57:56 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2014/03/29 15:57:55 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014/03/29 15:57:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014/03/29 15:57:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/03/29 15:57:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/03/29 15:57:52 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2014/03/29 15:57:52 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2014/03/29 15:57:47 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/03/29 15:57:46 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014/03/29 15:57:44 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2014/03/29 15:57:44 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2014/03/29 15:57:44 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2014/03/29 15:57:44 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2014/03/29 15:57:43 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/03/29 15:57:39 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/03/29 15:57:39 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/03/29 15:57:39 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/03/29 15:57:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/03/29 15:57:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/03/29 15:57:37 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014/03/29 15:57:36 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2014/03/29 15:57:36 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2014/03/29 15:57:33 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/03/29 15:57:31 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014/03/29 15:57:31 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014/03/29 15:57:25 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2014/03/29 15:57:25 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2014/03/29 15:57:24 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/03/29 15:57:24 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/03/29 15:57:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014/03/29 15:57:24 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014/03/29 15:57:24 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014/03/29 15:57:22 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/03/29 15:57:21 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/03/29 15:57:21 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/03/29 15:57:19 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2014/03/29 15:57:19 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/03/29 15:57:18 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/03/29 15:57:18 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/03/29 15:57:18 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/03/29 15:57:17 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/03/29 15:57:17 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2014/03/29 15:57:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2014/03/29 15:57:14 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014/03/29 15:57:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2014/03/29 15:57:09 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/03/29 15:57:09 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/03/29 15:57:09 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/03/29 15:57:09 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/03/29 15:57:08 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/03/29 15:57:06 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014/03/29 15:57:06 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014/03/29 15:57:05 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/03/29 15:57:05 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2014/03/29 15:57:05 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/03/29 15:57:05 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/03/29 15:57:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/03/29 15:57:05 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/03/29 15:57:04 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2014/03/29 15:56:57 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2014/03/29 15:56:57 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2014/03/29 15:56:56 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/03/29 15:56:56 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2014/03/29 15:56:56 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2014/03/29 15:56:55 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/03/29 15:56:54 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/03/29 15:56:52 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/03/29 15:56:52 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2014/03/29 15:56:52 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2014/03/29 15:56:51 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/03/29 15:56:51 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/03/29 15:56:51 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014/03/29 15:56:50 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/03/29 15:56:49 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2014/03/29 15:56:49 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2014/03/29 15:56:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2014/03/29 15:56:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2014/03/29 15:56:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2014/03/29 15:56:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2014/03/29 15:56:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2014/03/29 15:56:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2014/03/29 15:56:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2014/03/29 15:56:48 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2014/03/29 15:56:48 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2014/03/29 15:56:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2014/03/29 15:56:45 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2014/03/29 15:56:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2014/03/29 15:56:44 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/03/29 15:56:43 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2014/03/29 15:56:42 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/03/29 15:56:42 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/03/29 15:56:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014/03/29 15:56:41 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014/03/29 15:56:41 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014/03/29 15:56:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014/03/29 15:56:39 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014/03/29 15:56:39 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014/03/29 15:56:38 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2014/03/29 15:56:38 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2014/03/29 15:56:38 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2014/03/29 15:56:38 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2014/03/29 15:56:38 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2014/03/29 15:56:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2014/03/29 15:56:37 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/03/29 15:56:36 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014/03/29 15:56:36 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014/03/29 15:56:36 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014/03/29 15:56:36 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/03/29 15:56:36 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2014/03/29 15:56:36 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2014/03/29 15:56:36 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2014/03/29 15:56:28 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/03/29 15:56:27 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2014/03/29 15:56:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2014/03/29 15:56:26 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/03/29 15:56:26 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014/03/29 15:56:25 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/29 15:56:25 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/29 15:56:25 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/03/29 15:56:25 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/03/29 15:56:25 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2014/03/29 15:56:24 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2014/03/29 15:56:24 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/03/29 15:56:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/03/29 15:56:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014/03/29 15:56:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014/03/29 15:46:50 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/03/29 15:46:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/03/29 15:41:26 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/03/29 15:41:26 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/03/29 15:41:26 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/03/29 15:41:21 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/03/29 15:41:21 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/03/29 15:41:21 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/03/29 15:41:12 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/03/29 15:41:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/03/29 15:31:55 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\AVAST Software
[2014/03/29 15:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/03/29 15:31:32 | 000,084,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/03/29 15:31:31 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/03/29 15:31:31 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/03/29 15:31:30 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/03/29 15:31:30 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/03/29 15:31:28 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/03/29 15:31:27 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/03/29 15:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/03/29 15:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/03/29 15:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014/03/29 15:29:47 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2014/03/29 15:29:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2014/03/29 15:12:32 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbox
[2014/03/29 15:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CodeStuff
[2014/03/29 15:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2014/03/29 15:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2014/03/29 15:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/03/29 15:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/03/29 15:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/03/29 15:03:20 | 006,714,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014/03/29 15:03:20 | 003,497,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014/03/29 15:03:20 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014/03/29 15:03:20 | 000,064,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014/03/29 15:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/03/29 15:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/03/29 15:02:46 | 031,474,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/03/29 15:02:46 | 025,255,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/03/29 15:02:46 | 023,716,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/03/29 15:02:46 | 018,302,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014/03/29 15:02:46 | 017,755,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/03/29 15:02:46 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/03/29 15:02:46 | 015,783,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/03/29 15:02:46 | 014,709,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014/03/29 15:02:46 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/03/29 15:02:46 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/03/29 15:02:46 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/03/29 15:02:46 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/03/29 15:02:46 | 003,143,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/03/29 15:02:46 | 003,093,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014/03/29 15:02:46 | 002,958,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/03/29 15:02:46 | 002,783,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014/03/29 15:02:46 | 002,715,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014/03/29 15:02:46 | 002,411,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014/03/29 15:02:46 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433523.dll
[2014/03/29 15:02:46 | 001,516,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433523.dll
[2014/03/29 15:02:46 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2014/03/29 15:02:46 | 000,947,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014/03/29 15:02:46 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/03/29 15:02:46 | 000,877,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/03/29 15:02:46 | 000,863,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/03/29 15:02:46 | 000,846,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/03/29 15:02:46 | 000,832,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014/03/29 15:02:46 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/03/29 15:02:46 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/03/29 15:02:46 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2014/03/29 15:02:46 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014/03/29 15:02:46 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014/03/29 15:02:46 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2014/03/29 14:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/03/29 14:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/03/29 14:50:43 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Google
[2014/03/29 14:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/03/29 14:50:25 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Deployment
[2014/03/29 14:50:25 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Apps
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/26 19:29:03 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync
[2014/04/26 19:16:46 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/26 19:02:59 | 000,783,114 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/26 19:02:59 | 000,662,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/26 19:02:59 | 000,122,060 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/26 19:00:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/26 18:58:53 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/26 18:58:52 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/04/26 18:58:24 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2014/04/26 18:58:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/26 18:58:19 | 2056,863,743 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/26 18:57:46 | 000,020,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/26 18:57:46 | 000,020,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/26 18:44:33 | 000,007,603 | ---- | M] () -- C:\Users\Behemoth\AppData\Local\Resmon.ResmonCfg
[2014/04/26 17:57:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/04/26 17:55:52 | 000,098,438 | ---- | M] () -- C:\Windows\hpwins27.dat
[2014/04/26 17:45:20 | 004,994,784 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/26 10:02:12 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/26 10:02:12 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/25 21:00:05 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Pro 9.lnk
[2014/04/24 18:37:37 | 000,002,789 | ---- | M] () -- C:\Users\Behemoth\Desktop\Excel 2013.lnk
[2014/04/24 18:37:33 | 000,002,837 | ---- | M] () -- C:\Users\Behemoth\Desktop\Word 2013.lnk
[2014/04/24 10:32:42 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\NLSSRV32.EXE
[2014/04/24 10:32:12 | 000,029,704 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon9.dll
[2014/04/24 10:32:12 | 000,017,928 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui9.dll
[2014/04/12 10:14:52 | 000,032,320 | ---- | M] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS
[2014/04/12 10:14:50 | 000,016,648 | ---- | M] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS
[2014/04/12 10:06:35 | 000,000,003 | ---- | M] () -- C:\Users\Behemoth\AppData\Local\user_data.ini
[2014/04/11 12:01:47 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/03 09:50:31 | 000,000,908 | ---- | M] () -- C:\Users\Behemoth\Desktop\My Documents.lnk
[2014/03/30 20:23:49 | 000,000,244 | ---- | M] () -- C:\Windows\SysNative\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
[2014/03/30 09:51:22 | 000,000,280 | ---- | M] () -- C:\Windows\SysNative\PDBootState
[2014/03/30 03:21:26 | 000,122,093 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/03/30 03:21:26 | 000,122,093 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/03/30 03:19:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/03/30 02:37:24 | 000,018,600 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2014/03/30 01:49:21 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2014/03/30 00:24:22 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2014/03/30 00:24:22 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2014/03/30 00:24:22 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2014/03/30 00:24:21 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2014/03/29 23:23:52 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2014/03/29 23:22:53 | 000,002,033 | ---- | M] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/03/29 23:22:53 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/03/29 21:39:44 | 000,775,352 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/29 20:11:59 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/29 19:28:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/03/29 19:28:49 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/03/29 19:28:49 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/03/29 19:28:49 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/03/29 19:28:49 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/29 19:28:49 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/03/29 19:28:49 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/03/29 19:28:49 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/03/29 19:28:49 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/29 19:28:49 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/03/29 19:28:49 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/03/29 19:28:49 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/03/29 19:28:49 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/03/29 19:28:49 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/03/29 19:28:49 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/03/29 19:28:49 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/03/29 19:28:49 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/03/29 19:28:49 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/03/29 19:28:49 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/03/29 19:28:49 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/03/29 19:28:49 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/03/29 19:28:49 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/03/29 19:28:49 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/03/29 19:28:49 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/03/29 19:28:49 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/03/29 19:28:49 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/03/29 19:28:49 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/03/29 19:28:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/03/29 19:28:49 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/03/29 19:28:49 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/03/29 19:28:49 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/03/29 19:28:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/03/29 19:28:49 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/03/29 19:28:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/03/29 19:28:49 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/03/29 19:28:49 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/03/29 19:28:49 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/03/29 19:28:49 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/03/29 19:28:49 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/03/29 19:28:49 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/03/29 19:28:49 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/03/29 19:28:49 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/03/29 19:28:49 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/03/29 19:28:49 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/03/29 19:28:49 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/03/29 19:28:49 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/03/29 19:28:49 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/03/29 19:28:49 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/03/29 19:28:49 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/29 19:28:49 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/29 19:28:49 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/03/29 19:28:49 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/03/29 19:28:49 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/03/29 16:19:03 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/03/29 16:19:03 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/03/29 16:19:03 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/03/29 16:19:03 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/03/29 16:19:03 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/03/29 16:19:03 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/03/29 16:19:03 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/03/29 16:19:03 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/03/29 16:19:03 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/03/29 16:19:03 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/03/29 16:19:03 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/03/29 16:19:03 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/03/29 16:19:03 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/03/29 16:19:03 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/03/29 16:19:03 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/03/29 16:19:03 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/29 16:19:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/29 16:19:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/29 16:19:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/29 16:19:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/29 16:19:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/29 16:19:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/29 16:19:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/29 16:19:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/29 16:19:03 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/29 16:19:03 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/29 15:31:52 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/03/29 15:31:27 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/03/29 15:31:27 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/03/29 15:31:27 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/03/29 15:31:27 | 000,208,928 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/03/29 15:31:27 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/03/29 15:31:27 | 000,084,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/03/29 15:31:27 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/03/29 15:31:27 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/03/29 15:31:27 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/03/29 15:04:41 | 000,002,283 | ---- | M] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/29 14:48:14 | 000,001,441 | ---- | M] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/26 19:29:03 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync
[2014/04/26 17:53:43 | 000,098,438 | ---- | C] () -- C:\Windows\hpwins27.dat
[2014/04/26 17:53:43 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat
[2014/04/26 17:46:36 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2014/04/26 17:45:05 | 004,994,784 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/26 16:57:35 | 2056,863,743 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/26 10:06:59 | 000,007,603 | ---- | C] () -- C:\Users\Behemoth\AppData\Local\Resmon.ResmonCfg
[2014/04/25 21:00:05 | 000,001,978 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk
[2014/04/25 21:00:05 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Pro 9.lnk
[2014/04/25 19:58:19 | 000,000,000 | ---- | C] () -- C:\ProgramData\193847656
[2014/04/24 18:37:37 | 000,002,789 | ---- | C] () -- C:\Users\Behemoth\Desktop\Excel 2013.lnk
[2014/04/24 18:37:33 | 000,002,837 | ---- | C] () -- C:\Users\Behemoth\Desktop\Word 2013.lnk
[2014/04/24 07:46:55 | 000,001,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
[2014/04/24 07:46:31 | 000,001,215 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2014/04/24 07:45:17 | 000,001,177 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2014/04/24 07:45:05 | 000,001,270 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2014/04/24 07:43:24 | 000,001,361 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2014/04/24 07:43:18 | 000,001,527 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2014/04/24 07:43:00 | 000,001,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2014/04/23 21:23:44 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2014/04/12 10:06:35 | 000,000,003 | ---- | C] () -- C:\Users\Behemoth\AppData\Local\user_data.ini
[2014/04/03 09:50:31 | 000,000,908 | ---- | C] () -- C:\Users\Behemoth\Desktop\My Documents.lnk
[2014/03/30 20:23:49 | 000,000,244 | ---- | C] () -- C:\Windows\SysNative\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
[2014/03/30 09:51:22 | 000,000,280 | ---- | C] () -- C:\Windows\SysNative\PDBootState
[2014/03/30 09:23:02 | 000,002,027 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerfectDisk 12.5.lnk
[2014/03/30 03:21:22 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/03/30 03:21:22 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/03/30 03:19:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/03/30 02:38:30 | 002,261,764 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2014/03/30 02:38:30 | 000,223,608 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/03/30 02:37:24 | 000,018,600 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2014/03/30 01:49:21 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2014/03/30 01:47:44 | 000,775,352 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/30 00:34:15 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/03/30 00:34:15 | 000,000,828 | ---- | C] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/03/30 00:25:19 | 000,001,417 | ---- | C] () -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/03/30 00:24:56 | 000,000,290 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/03/30 00:24:56 | 000,000,272 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/03/29 23:23:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2014/03/29 23:22:53 | 000,002,033 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/03/29 23:22:53 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/03/29 21:48:28 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014/03/29 20:11:59 | 000,002,697 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/29 19:28:49 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/29 19:28:49 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/29 16:03:58 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/03/29 15:58:13 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/03/29 15:31:52 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/03/29 15:31:31 | 000,208,928 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/03/29 15:31:31 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/03/29 15:03:20 | 003,649,185 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/03/29 15:02:46 | 000,024,544 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014/03/29 14:51:17 | 000,002,283 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/29 14:51:17 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/29 14:50:45 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/29 14:50:45 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/29 14:48:14 | 000,001,441 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/29 14:42:52 | 000,034,752 | ---- | C] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2014/03/07 09:21:58 | 000,342,944 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/03/07 09:15:00 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/07 09:14:56 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/03/07 09:14:56 | 000,068,608 | ---- | C] () -- C:\Windows\SysWow64\igfxexps32.dll
[2012/09/17 16:24:18 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/09/17 16:23:50 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/06/19 18:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/03/29 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\AVAST Software
[2014/04/25 20:59:36 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\Downloaded Installations
[2014/04/24 17:06:18 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\foobar2000
[2014/04/23 19:23:16 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\Nitro
[2014/04/24 07:32:46 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\Notepad++
[2014/03/29 20:24:56 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\qBittorrent
[2014/03/29 23:23:52 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\Thunderbird
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
< End of report >
OTL Extras logfile created on: 4/26/2014 7:29:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files (x86)\OTL
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.89 Gb Total Physical Memory | 5.11 Gb Available Physical Memory | 64.85% Memory free
15.87 Gb Paging File | 13.11 Gb Available in Paging File | 82.58% Paging File free
Paging file location(s): c:\pagefile.sys 100 100e:\pagefil [binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 885.25 Gb Free Space | 95.04% Space Free | Partition Type: NTFS
Drive E: | 10.00 Gb Total Space | 2.02 Gb Free Space | 20.24% Space Free | Partition Type: NTFS
Drive F: | 139.05 Gb Total Space | 138.90 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
Computer Name: BEHEMOTH-PC | User Name: Behemoth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A5C89AA-00A6-48FC-B929-49E34083E8DD}" = rport=445 | protocol=6 | dir=out | app=system |
"{1DC9940C-4305-47D7-BA15-0F33530A021D}" = rport=139 | protocol=6 | dir=out | app=system |
"{2503E55C-CCF0-465B-A4BF-398483A70D72}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{57190226-DEFD-4BA6-8A21-DA93F2EEA3C5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5D5CA0FE-D0F3-47D6-8BD2-D50977ED3639}" = lport=445 | protocol=6 | dir=in | app=system |
"{6E6556DE-C85B-40FF-B652-61F4FA15BB51}" = lport=138 | protocol=17 | dir=in | app=system |
"{7982E5A9-14A9-4628-BF20-28D4A4516FE6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{851FD9DD-EB29-4B5A-9333-045382E66388}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5F7F7AD-70B4-4305-832B-286E17D0C2F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE5A5F55-08B2-4C3E-A65A-95E96F9537FD}" = rport=137 | protocol=17 | dir=out | app=system |
"{EB01FC1F-D182-4A10-8C30-1BF52CECAA3B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC457B5E-D179-4454-A2D8-D304F20C80A6}" = lport=139 | protocol=6 | dir=in | app=system |
"{F2D38B86-172B-46D8-AF9A-03F40F5D4103}" = rport=138 | protocol=17 | dir=out | app=system |
"{FFA3153F-5187-47B8-85F5-B9D768566981}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1780452A-42EB-4512-A7B3-90441F38141B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{2674C6AA-01DC-48D8-B60F-B7F4C01FA25D}" = protocol=58 | dir=in | [email protected],-28545 |
"{2BED5E15-8C13-45E6-AF1F-B74FA3C7507E}" = protocol=1 | dir=in | [email protected],-28543 |
"{2E5B629D-A9B9-46BF-AFF9-DC8A59023790}" = protocol=17 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{4017A59C-706C-4734-B008-08D711CF316B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{46DA970C-21A9-4185-AA42-17DE096E7557}" = protocol=58 | dir=out | [email protected],-28546 |
"{49C7031E-3FF6-462A-B1C9-1F5FA5B3A521}" = protocol=1 | dir=out | [email protected],-28544 |
"{4BA4CB02-8073-4E64-9A41-7B5D94AA8AF1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{528F2E07-3883-42AD-95C8-5F741653D451}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{55B35400-4A46-4982-84B9-8B0C36893911}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{58256809-0264-435E-9751-08E4CA16852A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{67BD6E37-3BFD-40FF-98CF-AB56465FD96D}" = protocol=6 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{68774137-C2AE-4D5C-B808-C0E081801BE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{6BB38100-C9BC-4E65-91DE-2FAA3239D027}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{74EF1FE7-C58B-4BA4-AABB-E09039FED2E6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{7C6AE36B-48A6-41D4-A033-A92241495999}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8088B11F-FE0B-4548-BE0A-A4E0C013927D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{8AD46FE7-EE14-4BB3-A606-85CE212ADABD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe |
"{8B513AD9-3C9F-447A-B8AF-29DA9E4469DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9A58AD1F-7F1A-497A-BCBB-3D9BFE801C30}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{9AEFB80E-D8B7-480D-9313-A3F0DEFD6A18}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe |
"{A1C8BCC4-0FDD-4CA5-BE70-A972FD1AA38F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{BACA4981-759E-4A53-B9DE-641F419853B7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C04484F7-4D41-4180-9869-83DFEA3330BB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe |
"{C268CDA9-E312-4248-8DF1-7FB6C4A2C89A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{C46B2801-DF14-42FE-8EBD-474E50016D49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe |
"{D523716E-AD54-4FB3-96C5-039BD2006277}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7273C5F-8D9D-4B88-A9E9-AFF677F163FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{F2A3C878-199B-4C23-99B5-F601FF81EB86}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.8
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90150000-002A-0000-1000-0000000FF1CE}" = Microsoft Office 64-bit Components 2013
"{90150000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2013
"{90150000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9EB0073B-20D4-4C03-A931-C8A105B948D3}" = ExpressCache
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BBB1823D-90A6-4ACB-B08B-38632F1E4F1D}" = HP Officejet 4500 G510a-f Corporate Edition 13.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D1B033E8-A077-4B0D-9831-5798E19E861E}" = Intel® Smart Connect Technology 2.0 x64
"{F0C524DF-EAA7-49EA-A712-B55C5D5BDDCD}" = Nitro Pro 9
"{FD310764-B3E5-430F-980E-D6C0016B2660}" = PerfectDisk 12.5 Professional
"ASRock 3TB+ Unlocker_is1" = ASRock 3TB+ Unlocker v1.1
"ASRock App Charger_is1" = ASRock App Charger v1.0.6
"ASRock XFast RAM_is1" = ASRock XFast RAM v2.0.28
"CCleaner" = CCleaner
"VIRTU MVP_is1" = VIRTU MVP 2.1.227
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skypeâ„¢ 6.14
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90150000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-0000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-0000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-0000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-0000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-0000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-0000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-0000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-0000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-0000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00E1-0409-0000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-0000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-0000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95E0772F-0AFD-4388-B84C-43C2F51150F9}" = 4500G510af_Ent
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.338
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.29
"Avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CodeStuff Starter" = CodeStuff Starter
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ExpressCacheApp" = ExpressCacheApp
"foobar2000" = foobar2000 v1.3.2
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Mozilla Thunderbird (3.1.20)" = Mozilla Thunderbird (3.1.20)
"Notepad++" = Notepad++
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"qbittorrent" = qBittorrent 3.1.9
"SpywareBlaster_is1" = SpywareBlaster 5.0
"Topaz Adjust 5" = Topaz Adjust 5
"Topaz BW Effects 2" = Topaz B&W Effects
"Topaz Clarity" = Topaz Clarity
"Topaz Clean 3" = Topaz Clean 3
"Topaz DeJpeg 4" = Topaz DeJpeg 4
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz Detail 3" = Topaz Detail 3
"Topaz Fusion Express 2" = Topaz Fusion Express 2
"Topaz InFocus" = Topaz InFocus
"Topaz Lens Effects" = Topaz Lens Effects
"Topaz ReMask 3" = Topaz ReMask 3
"Topaz Simplify 4" = Topaz Simplify 4
"Topaz Star Effects" = Topaz Star Effects
"VLC media player" = VLC media player 2.1.3
"XFastUSB" = XFastUSB
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
< End of report >
-
OK. I will do that.
-
My Windows 7 Pro desktop (up to date with all Windows Updates) recently started acting strangely. It all started after my sister plugged in a USB flash drive to print some documents, but couldn't get the printer to work. I discovered that Windows was asking to troubleshoot the printer, yet couldn't fix it. After trying to uninstall the printer driver, things got weirder: neither My Computer nor Task Manager would open. I had to resort to a previous System Restore Point which brought things back to normal... almost. After reboot, the LAN connection wasn't being recognized and I had to re-install that, but I now discovered that my custom static IP settings no longer work for this NIC. I have to use auto, which is OK, but it interferes with the firewall rules in my router.
Apparently, this USB flash drive has been used on a public computer and I shudder to think what might have been vectored to my desktop. I have run Avast and MBAM full scans as per the recommendations of the stickies in the Malware Removal section of this forum. Nothing is being detected. I'm in the process of running the other applications and saving the logs, since I'm not sure if they might be useful at a future date as more weirdness is discovered.
Does anyone know what might be the problem with the network properties that it can't utilize the static IPs that I insert? I have double-checked them and "validation" is disabled. Not really sure what is going on.
Thanks.
-
Can you post a screenshot? Not sure where you see this.
-
Oh, sweet!
Did you ever use the Virtu MVP software that comes with your motherboard? If so, how did you set it up?
-
What does your startup list look like?
And what about your browser add-on list?
How many processes do you have running according to Task Manager? Is the Internet Explorer process consuming a lot of CPU/RAM when you're playing a game?
-
In the G4 days, quite a few of the forum members helped me put together a parts lists for my first computer build. It ended up being an AMD socket 939 system (Asus A8N SLI-Deluxe, AMD Athlon 3500+ CPU, 2x512MB DDR XMS Corsair RAM, ATi Radeon X800XL, etc.) which I was very proud to put together. However, as time passed and through OS/application upgrades, the old rig was finding it difficult to keep up. A few minor upgrades followed such as a better aftermarket HSF, an Opteron dual-core processor, 3GB XMS Corsair RAM, SATA HDD, a new PCP&C Silencer PSU and eVGA nVidia GeForce GTX 460, but I felt that the speed of socket 939 was holding back on maximum performance.
Anyway, a sign that I needed to move on came in the form of a message on boot one day: "Boot failure. Unable to boot to hard disk". I changed SATA cables and switched to new ports, but got the same message. Attaching the drive as an external disk to my laptop showed that nothing was wrong with the disk itself; data was accessible. I took the scenario as meaning that the SATA ports were damaged and hoped that the other parts were still salvageable. But replacing a socket 939 motherboard would cost as much or even more than a new system.
I have always been impressed with Intel's CPUs so decided to switch to an Intel build. If I replaced the motherboard, then I'd also need to replace the CPU and RAM. I could reuse the other components. TomsHardware.com's monthly PC builds was my inspiration for choosing the following combo:
- CPU - Intel Core i5-3470 (Ivy Bridge 3.2GHz)
- Motherboard - ASRock Z75 Pro3 LGA 1155
- RAM - Team Vulcan 2x 4GB DDR3-1600
Got a good deal on those parts from Newegg. When the parts arrived, I gutted the old components and quickly installed the new parts. It's amazing how I still knew what to do after all these years.
In addition to the above, I have also added a new Western Digital Blue 1TB 7200RPM (SATA 6Gbps) HDD and Sandisk 32GB ReadyCache which can take full advantage of the SATA 6Gpbs speed. Upgrading to a proper SSD is planned for the future, but as it stands now, this system is 100 times better than what it was before!
-
Do you still have the Toshiba crapware installed? They used to package WildTangent stuff in there; just remove it and all other unneccessary stuff. Disable anything else you don't need at startup. I use Revo Uninstaller to safely remove traces of any application I do not want.
Secondly, disable any browser add-ons you may not need. You can go into IE's menu for this or use CCleaner to edit add-ons (Tools > Startup > IE). If you're not sure what you need, just disable instead of delete.
Thirdly, completely uninstall Adobe's Flash/Shockwave and Java. You don't always need the latter, but if you do, you'll be prompted to install it. Reinstall the Flash Player for your browser and restart. If using Google Chrome, you'll have to change some settings within the program to instruct it to use Adobe Flash plugin rather than its own built-in version.
-
Thanks for the link. Bookmarked.
-
I don't own any copies of Windows 8/8.1 but I have played around with it on friends' computers. Looks similar to Windows 7, which I use, except for more ribbons and the start screen. Can't get used to the latter if it's not a touch screen, though. Is there a way to turn this off?
-
Wow! I'm glad to see some familiar avatars with active posts.
I've been away for a while primarily because of studies and little-to-no free time. I tend to hang out more on car forums ever since getting my first car and looking for ways to improve her.
Yesterday, I was swapping out some parts in the old desktop (which my parents now use). I remember when some of the G4 gang helped me select the parts for it back when AMD's socket 939 platform was the big thing. LOL!
Sorry to hear about the medical problems as well, TT. But glad to see you're still keeping busy helping others with their computer problems.
Anyway, I'll try to pop in more often as I consider it a healthy distraction for me and a way to keep a hobby alive.
-
Glad to hear that things worked out. You tackled the problem correctly: start with the bare minimum and add components individually to see what was the problem-component.
Some side notes...
- Always remember to discharge yourself when handling computer parts.
- Too much thermal compound is not a good thing. A thin even coat is best. Stock Intel HSFs tend to be packaged with thermal compound that is already applied, so that saves the work of putting it on yourself.
- When mounting the motherboard to the case, ensure that the number of risers you use corresponds to the number of screws you place. Also, only use the motherboard screw mounts that are insulated.
- If you're upgrading an existing system, take the time to fully gut the old case, clean it out and tidy up the wiring.
I'm working on an upgrade myself. Did the preliminary work yesterday and will do the rest in my free time. Moving from the old AMD socket 939 to Intel socket LGA1155 (Ivy Bridge) should yield a noticeable speed increase.
-
My laptop came with Windows Vista as well. Hated it from day 1. Switched over to Windows 7 and I haven't looked back since.
In addition to what 'flashh4' recommended, ensure that your programs will run on Windows 7. Most likely they will or you can get upgraded versions that will be compatible. Also check to see if compatible drivers for the new OS are available at your laptop manufacturer's website.
When choosing a path of installation, I would recommend you go with the fresh installation over the upgrade. It's definitely a longer process, but you'll end up with less issues later on.
-
streamWriter will also help with that.
-
Separating OS from the data partition keeps things organized and can also improve general performance, but my understanding is that you only have gains in the latter when these partitions are on separate disks.
You see, if you have a single 1000GB hard disk that is separated into 2 partitions: e.g. 500GB for OS and 500GB for data, reading and writing files won't be optimized since it's the same disk head that has to do the work. If anything, you're making the drive jump from one part of the disk to another part of the disk to do work which can, in the long term, be stressful on mechanical drives especially if large file access is involved. For organizational purposes it makes sense as Jeff mentioned, but not technically so for performance.
On some laptops where you're pretty much stuck with a single disk, having multiple partitions is the best you can do. Windows Vista/7 allows you to expand and shrink partitions from within Disk Management. However, one important thing to remember: Windows might not offer you the full customization of the resize. This is because if files are scattered around the partition, Windows won't allow you to specify new partition boundaries if those boundaries interrupt files. As a result, you need to defragment all partitions on the disk before resizing. Unfortunately, Windows' built-in defragmenter doesn't do a good job at the type of defragmenting you want in this case. You're not looking to optimize file placement; you're looking to relocate files from the front of the partition so there is free space at the end to move your partition boundaries. I know for a fact that PerfectDisk allows you to do this type of defragmentation; other 3rd party options such as O&O should also have it.
Now, there are other free partition tools out there such as EaseUS and bootable alternatives that will allow you to resize partitions. My warning to you is to back up your data before using them. It's not that they are bad at resizing (they actually give you a nice GUI to do your stuff), but they might not look at the data occupying the areas around your proposed partition boundaries. As a result, you can end up losing data after applying the new partition layout.
-
Check out TomsHardware for their regular "Best for the money" lists.
-
^ Agreed.
LOL!
So many new visitors
in Open Chat
Posted
Hi, flash and the rest of the BT community!
Just passing by and thought I'd say hello. Moving to another country and residency work has had me quite busy for a while.
Will try to be around more often as work permits. Have a few questions of my own that I hope others can assist with.
Cheers!