Windows is acting odd


Recommended Posts

Hello, Flash! I'm posting this in relation to my recent experience. I haven't noticed anything else that is unusual; just that the static IPs that used to work before now no longer work. Only setting everything to 'Auto' allows me to get online.

 

As per your instructions in the stickies, here are the scan logs so far...

 

1. AdwCleaner


 

# AdwCleaner v3.204 - Report created 26/04/2014 at 18:56:49

# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Behemoth - BEHEMOTH-PC
# Running from : C:\Program Files (x86)\AdwCleaner\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Users\Behemoth\AppData\Local\PackageAware
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v34.0.1847.116
 
[ File : C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [850 octets] - [26/04/2014 18:56:49]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [909 octets] ##########
 

 


 

# AdwCleaner v3.204 - Report created 26/04/2014 at 18:57:22

# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Behemoth - BEHEMOTH-PC
# Running from : C:\Program Files (x86)\AdwCleaner\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Behemoth\AppData\Local\PackageAware
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v34.0.1847.116
 
[ File : C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [988 octets] - [26/04/2014 18:56:49]
AdwCleaner[s0].txt - [916 octets] - [26/04/2014 18:57:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [975 octets] ##########
 

 

 

2. aswMBR


 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2014-04-26 19:02:40

-----------------------------

19:02:40.338    OS Version: Windows x64 6.1.7601 Service Pack 1

19:02:40.338    Number of processors: 4 586 0x3A09

19:02:40.339    ComputerName: BEHEMOTH-PC  UserName: Behemoth

19:02:40.498    Initialize success

19:02:43.283    AVAST engine defs: 14042601

19:03:07.132    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065

19:03:07.135    Disk 0 Vendor: ATA_____ 1A01 Size: 953869MB BusType: 11

19:03:07.137    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000066

19:03:07.140    Disk 1 Vendor: ATA_____ 0___ Size: 30533MB BusType: 11

19:03:07.143    Disk 2  \Device\Harddisk2\DR2 -> \Device\00000067

19:03:07.145    Disk 2 Vendor: ATA_____ 3.42 Size: 152627MB BusType: 11

19:03:07.213    Disk 0 MBR read successfully

19:03:07.217    Disk 0 MBR scan

19:03:07.221    Disk 0 Windows 7 default MBR code

19:03:07.225    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048

19:03:07.239    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       953767 MB offset 206848

19:03:07.259    Disk 0 scanning C:\Windows\system32\drivers

19:03:12.313    Service scanning

19:03:18.381    Modules scanning

19:03:18.391    Disk 0 trace - called modules:

19:03:18.403    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys 

19:03:18.408    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800988c060]

19:03:18.413    3 CLASSPNP.SYS[fffff88001d2843f] -> nt!IofCallDriver -> [0xfffffa8007ac9c50]

19:03:18.418    5 iaStorF.sys[fffff88001cc4168] -> nt!IofCallDriver -> \Device\00000065[0xfffffa80074b79c0]

19:03:18.537    AVAST engine scan C:\Windows

19:03:19.964    AVAST engine scan C:\Windows\system32

19:04:40.305    AVAST engine scan C:\Windows\system32\drivers

19:04:47.019    AVAST engine scan C:\Users\Behemoth

19:05:29.425    AVAST engine scan C:\ProgramData

19:05:56.704    Scan finished successfully

19:10:27.932    Disk 0 MBR has been saved successfully to "F:\Downloads\MBR.dat"

19:10:27.934    The log file has been saved successfully to "F:\Downloads\aswMBR.txt"

 

 

3. MBAM


 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 4/26/2014

Scan Time: 6:48:39 PM

Logfile: mbam-log.txt

Administrator: Yes

 

Version: 2.00.1.1004

Malware Database: v2014.04.26.05

Rootkit Database: v2014.03.27.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Chameleon: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Behemoth

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 235300

Time Elapsed: 3 min, 2 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Shuriken: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

 

4. OTL


 

OTL logfile created on: 4/26/2014 7:29:46 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Program Files (x86)\OTL

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17041)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

7.89 Gb Total Physical Memory | 5.11 Gb Available Physical Memory | 64.85% Memory free

15.87 Gb Paging File | 13.11 Gb Available in Paging File | 82.58% Paging File free

Paging file location(s): c:\pagefile.sys 100 100e:\pagefil [binary data over 200 bytes]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 931.41 Gb Total Space | 885.25 Gb Free Space | 95.04% Space Free | Partition Type: NTFS

Drive E: | 10.00 Gb Total Space | 2.02 Gb Free Space | 20.24% Space Free | Partition Type: NTFS

Drive F: | 139.05 Gb Total Space | 138.90 Gb Free Space | 99.89% Space Free | Partition Type: NTFS

 

Computer Name: BEHEMOTH-PC | User Name: Behemoth | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014/04/26 18:52:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Program Files (x86)\OTL\OTL.exe

PRC - [2014/04/24 10:32:42 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE

PRC - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

PRC - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

PRC - [2014/04/03 09:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

PRC - [2014/03/29 15:31:26 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2014/03/29 15:31:26 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2012/09/11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2012/09/11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2012/09/01 18:07:22 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

PRC - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2012/08/21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

PRC - [2012/07/05 08:23:18 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

PRC - [2012/02/27 03:01:56 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2014/03/29 22:42:09 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll

MOD - [2014/03/29 22:41:22 | 002,997,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll

MOD - [2014/03/29 22:41:20 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll

MOD - [2014/03/29 22:41:12 | 000,029,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\c168447e4d828f48b0b416bb0dc128bb\IAStorDataMgrSvcInterfaces.ni.dll

MOD - [2014/03/29 22:41:11 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\ea7a8fb74933181836838ff94b5d04d3\IAStorCommon.ni.dll

MOD - [2014/03/29 22:26:18 | 000,371,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\59bbcc02f949910c4baae888c45e90d7\IAStorUtil.ni.dll

MOD - [2014/03/29 22:26:17 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll

MOD - [2014/03/29 22:26:17 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll

MOD - [2014/03/29 22:26:16 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll

MOD - [2014/03/29 21:42:20 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll

MOD - [2014/03/29 21:42:20 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll

MOD - [2014/03/29 21:42:16 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll

MOD - [2014/03/29 21:42:14 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll

MOD - [2014/03/29 21:42:13 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll

MOD - [2014/03/29 21:42:12 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll

MOD - [2014/03/29 21:42:09 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll

MOD - [2014/03/29 15:31:27 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2014/03/29 15:31:26 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2014/03/17 16:33:20 | 000,282,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)

SRV:64bit: - [2014/03/06 04:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2014/01/29 13:30:08 | 000,828,656 | ---- | M] (Condusiv Technologies) [Auto | Running] -- C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe -- (ExpressCache)

SRV:64bit: - [2013/12/09 15:22:42 | 000,018,152 | ---- | M] (LucidLogix) [Auto | Running] -- C:\Program Files\Lucidlogix Technologies\VIRTU MVP\LucidSvc.exe -- (LucidSvc)

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2012/10/04 17:29:24 | 001,976,696 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)

SRV:64bit: - [2012/10/04 17:29:02 | 003,367,288 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe -- (PDEngine)

SRV:64bit: - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®

SRV:64bit: - [2012/02/09 16:26:48 | 000,133,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)

SRV:64bit: - [2010/12/13 14:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)

SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2014/04/24 10:32:42 | 000,417,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Nitro\Pro 9\Nitro_UpdateService.exe -- (NitroUpdateService)

SRV - [2014/04/24 10:32:42 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)

SRV - [2014/04/24 10:32:36 | 000,230,920 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files (x86)\Nitro\Pro 9\NitroPDFDriverService9x64.exe -- (NitroDriverReadSpool9)

SRV - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2014/03/17 16:33:24 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)

SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2012/09/11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2012/09/11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2012/08/21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)

SRV - [2012/07/05 08:23:18 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®

SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)

SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2014/04/26 19:16:46 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)

DRV:64bit: - [2014/04/26 18:58:24 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)

DRV:64bit: - [2014/04/12 10:14:52 | 000,032,320 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)

DRV:64bit: - [2014/04/12 10:14:50 | 000,016,648 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)

DRV:64bit: - [2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)

DRV:64bit: - [2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2014/03/29 15:31:27 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2014/03/29 15:31:27 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2014/03/29 15:31:27 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)

DRV:64bit: - [2014/03/29 15:31:27 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2014/03/29 15:31:27 | 000,084,816 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)

DRV:64bit: - [2014/03/29 15:31:27 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2014/03/29 15:31:27 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)

DRV:64bit: - [2014/03/07 09:26:44 | 000,450,520 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [2014/03/07 09:18:24 | 003,729,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2014/01/29 13:30:12 | 000,118,000 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\excsd.sys -- (excsd)

DRV:64bit: - [2014/01/29 13:30:12 | 000,025,840 | ---- | M] (Condusiv Technologies) [File_System | System | Running] -- C:\Windows\SysNative\drivers\excfs.sys -- (excfs)

DRV:64bit: - [2013/12/09 15:22:46 | 000,097,512 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)

DRV:64bit: - [2013/11/28 09:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013/01/19 00:52:08 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)

DRV:64bit: - [2012/09/11 15:24:32 | 000,126,232 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DefragFs.sys -- (DefragFS)

DRV:64bit: - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)

DRV:64bit: - [2012/09/01 18:01:56 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)

DRV:64bit: - [2012/08/23 17:57:16 | 000,083,224 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFSFilter)

DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/08/09 17:03:06 | 000,034,640 | ---- | M] (ASRock Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AsrRamDisk.sys -- (AsrRamDisk)

DRV:64bit: - [2012/07/02 10:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/02/27 03:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)

DRV:64bit: - [2012/02/27 03:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)

DRV:64bit: - [2012/02/27 03:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)

DRV:64bit: - [2012/02/09 16:24:16 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)

DRV:64bit: - [2012/02/09 16:24:14 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)

DRV:64bit: - [2011/11/07 10:13:06 | 000,017,192 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)

DRV:64bit: - [2011/08/23 21:57:24 | 000,565,352 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/01/26 17:11:06 | 000,023,048 | ---- | M] (ASRock Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsrVDrive.sys -- (AsrVDrive)

DRV:64bit: - [2010/12/13 14:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)

DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)

DRV:64bit: - [2009/11/18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ncr

IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 91 A9 B4 73 7F 4B CF 01  [binary data]

IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/29 23:43:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

 

[2014/03/29 23:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions

[2014/03/29 23:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2013/11/15 03:30:36 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/ncr

CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll

CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: Microsoft Office 2013 (Disabled) = C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

CHR - plugin: Intel® Identity Protection Technology (Disabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

CHR - plugin: Intel® Identity Protection Technology (Disabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

CHR - plugin: Microsoft Office 2013 (Disabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

CHR - Extension: Google Drive = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google Search = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: AdBlock = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.26_0\

CHR - Extension: LastPass: Free Password Manager = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.1.17_0\

CHR - Extension: Google Wallet = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

CHR - Extension: Gmail = C:\Users\Behemoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe ()

O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)

O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab (SysInfo Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{835D2B06-7C54-4855-9621-275A8FE67F7B}: DhcpNameServer = 192.168.100.2

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\osf - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\appinit_dll.dll) - C:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (PDBoot.exe)

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014/04/26 19:12:02 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2014/04/26 18:57:09 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll

[2014/04/26 18:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\rkill

[2014/04/26 18:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OTL

[2014/04/26 18:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRT

[2014/04/26 18:36:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AdwCleaner

[2014/04/26 18:33:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hijackthis

[2014/04/26 18:31:04 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Programs

[2014/04/26 18:11:53 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\ElevatedDiagnostics

[2014/04/26 17:54:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP

[2014/04/26 17:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

[2014/04/26 17:53:42 | 000,000,000 | ---D | C] -- C:\TEMP

[2014/04/26 17:46:36 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll

[2014/04/26 09:57:24 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2014/04/26 09:57:24 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2014/04/25 21:00:10 | 000,029,704 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon9.dll

[2014/04/25 21:00:10 | 000,017,928 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui9.dll

[2014/04/25 20:59:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro

[2014/04/25 20:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro

[2014/04/25 19:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\mvp

[2014/04/25 19:58:32 | 000,097,512 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysNative\drivers\VirtuWDDM.sys

[2014/04/25 19:58:31 | 000,539,880 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysNative\appinit_dll.dll

[2014/04/25 19:58:31 | 000,512,232 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysWow64\appinit_dll.dll

[2014/04/25 19:58:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lucidlogix Technologies

[2014/04/25 19:58:31 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\Lucidlogix

[2014/04/25 19:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Lucidlogix

[2014/04/24 18:31:34 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Topaz Labs

[2014/04/24 18:19:08 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs

[2014/04/24 18:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs

[2014/04/24 18:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Topaz Labs

[2014/04/24 18:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Topaz Labs

[2014/04/24 18:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Topaz Labs

[2014/04/24 17:57:45 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\NVIDIA

[2014/04/24 10:32:42 | 000,069,640 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\NLSSRV32.EXE

[2014/04/24 07:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2014/04/24 07:46:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2014/04/24 07:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2014/04/24 07:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player

[2014/04/24 07:44:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2014/04/24 07:42:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR

[2014/04/24 07:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

[2014/04/24 07:40:25 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Adobe

[2014/04/24 07:40:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2014/04/24 07:39:55 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Adobe

[2014/04/24 07:30:55 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

[2014/04/24 07:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

[2014/04/24 07:30:54 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Notepad++

[2014/04/24 07:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++

[2014/04/23 21:23:44 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\foobar2000

[2014/04/23 21:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000

[2014/04/23 19:23:16 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Nitro

[2014/04/23 19:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro

[2014/04/23 19:21:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro

[2014/04/23 19:20:05 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Downloaded Installations

[2014/04/23 19:15:09 | 000,000,000 | ---D | C] -- F:\My Documents\Epiphany

[2014/04/23 19:14:59 | 000,000,000 | ---D | C] -- F:\My Documents\QBC

[2014/04/23 09:27:49 | 000,000,000 | R--D | C] -- F:\My Documents\Scanned Documents

[2014/04/23 09:27:49 | 000,000,000 | ---D | C] -- F:\My Documents\Fax

[2014/04/12 10:44:34 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASRock Utility

[2014/04/12 10:14:52 | 000,032,320 | ---- | C] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS

[2014/04/12 10:14:50 | 000,016,648 | ---- | C] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS

[2014/04/12 10:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\FNET

[2014/04/12 10:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XFastUSB

[2014/04/12 10:06:34 | 001,632,128 | ---- | C] (cFos Software GmbH) -- C:\Windows\SysNative\drivers\cfosspeed6.sys

[2014/04/12 10:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock

[2014/04/12 10:03:29 | 000,034,640 | ---- | C] (ASRock Inc.) -- C:\Windows\SysNative\drivers\AsrRamDisk.sys

[2014/04/12 10:03:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASRock Utility

[2014/04/12 10:02:13 | 000,023,048 | ---- | C] (ASRock Inc.) -- C:\Windows\SysNative\drivers\AsrVDrive.sys

[2014/04/11 12:06:14 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\EmieUserList

[2014/04/11 12:06:14 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\EmieSiteList

[2014/04/08 23:13:01 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Filters

[2014/04/08 23:09:02 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2014/04/08 23:09:01 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2014/04/08 23:09:00 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2014/04/08 23:08:56 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2014/04/08 23:08:56 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll

[2014/04/08 23:08:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2014/04/08 23:08:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll

[2014/04/08 23:08:55 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll

[2014/04/08 23:08:55 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2014/04/08 23:08:55 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2014/04/08 23:08:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2014/04/08 23:08:55 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2014/04/08 23:08:55 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2014/04/08 23:08:54 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2014/04/08 23:08:54 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2014/04/08 23:08:54 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2014/04/08 23:08:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2014/04/08 23:08:54 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2014/04/08 23:08:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll

[2014/04/08 23:08:53 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll

[2014/04/08 23:08:53 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll

[2014/04/08 23:08:52 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe

[2014/04/08 23:08:52 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2014/04/08 23:08:52 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2014/04/08 23:08:52 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe

[2014/04/08 23:08:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll

[2014/04/08 23:08:51 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2014/04/08 23:08:51 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2014/04/08 23:08:49 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2014/04/08 21:47:59 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys

[2014/04/08 21:47:59 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys

[2014/04/08 21:47:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll

[2014/04/08 21:47:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll

[2014/04/08 21:47:58 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2014/04/08 21:47:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2014/04/08 21:47:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2014/04/08 21:47:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2014/04/08 21:47:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2014/04/08 21:47:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2014/04/08 21:47:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2014/04/08 21:47:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2014/04/08 21:47:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2014/04/08 21:47:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2014/04/03 09:50:37 | 000,000,000 | ---D | C] -- F:\My Documents\reference-letters

[2014/03/31 22:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2014/03/31 21:14:28 | 000,000,000 | ---D | C] -- F:\My Documents\Custom Office Templates

[2014/03/30 20:23:52 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\IntelGraphicsProfiles

[2014/03/30 20:22:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel

[2014/03/30 20:18:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab

[2014/03/30 19:52:35 | 000,000,000 | RHSD | C] -- C:\ProgramData\Key-Base

[2014/03/30 17:53:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0

[2014/03/30 16:24:46 | 000,000,000 | ---D | C] -- C:\Windows\jumpshot.com

[2014/03/30 16:22:07 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll

[2014/03/30 10:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard

[2014/03/30 10:26:32 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510a-f

[2014/03/30 10:26:22 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l70w.dll

[2014/03/30 10:26:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP

[2014/03/30 10:26:19 | 000,000,000 | -H-D | C] -- C:\Config.Msi

[2014/03/30 10:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HP

[2014/03/30 10:25:23 | 001,417,728 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwtiop6.dll

[2014/03/30 10:25:23 | 000,901,632 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwwiax7.dll

[2014/03/30 10:25:23 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll

[2014/03/30 10:25:23 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll

[2014/03/30 10:25:23 | 000,502,272 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwvst01.dll

[2014/03/30 10:25:23 | 000,043,008 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwentco.dll

[2014/03/30 09:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Raxco

[2014/03/30 09:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Raxco

[2014/03/30 09:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Raxco

[2014/03/30 04:18:42 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2014/03/30 03:19:26 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2014/03/30 03:19:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2014/03/30 02:42:07 | 000,017,192 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\AsrAppCharger.sys

[2014/03/30 02:42:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility

[2014/03/30 02:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock Utility

[2014/03/30 02:38:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM

[2014/03/30 02:38:35 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2014/03/30 02:38:30 | 003,845,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll

[2014/03/30 02:38:30 | 002,652,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll

[2014/03/30 02:38:30 | 002,603,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll

[2014/03/30 02:38:30 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll

[2014/03/30 02:38:30 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl

[2014/03/30 02:38:30 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll

[2014/03/30 02:38:30 | 000,958,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll

[2014/03/30 02:38:30 | 000,894,040 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll

[2014/03/30 02:38:30 | 000,823,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll

[2014/03/30 02:38:30 | 000,750,680 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll

[2014/03/30 02:38:30 | 000,626,264 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBTHX64.dll

[2014/03/30 02:38:30 | 000,561,752 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBTHX32.dll

[2014/03/30 02:38:30 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll

[2014/03/30 02:38:30 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll

[2014/03/30 02:38:30 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll

[2014/03/30 02:38:30 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll

[2014/03/30 02:38:30 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll

[2014/03/30 02:38:30 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll

[2014/03/30 02:38:30 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll

[2014/03/30 02:38:30 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll

[2014/03/30 02:38:30 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll

[2014/03/30 02:38:30 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll

[2014/03/30 02:38:30 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll

[2014/03/30 02:38:30 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll

[2014/03/30 02:38:30 | 000,100,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll

[2014/03/30 02:38:30 | 000,080,984 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll

[2014/03/30 02:38:30 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll

[2014/03/30 02:38:30 | 000,032,344 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\MBfilt64.sys

[2014/03/30 02:38:30 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll

[2014/03/30 02:38:29 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll

[2014/03/30 02:38:29 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll

[2014/03/30 02:38:29 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll

[2014/03/30 02:38:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp

[2014/03/30 02:38:23 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll

[2014/03/30 02:38:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield

[2014/03/30 01:50:50 | 000,064,000 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL

[2014/03/30 01:50:50 | 000,060,416 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL

[2014/03/30 01:49:08 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll

[2014/03/30 01:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation

[2014/03/30 01:46:58 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Intel Corporation

[2014/03/30 00:37:01 | 000,565,352 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys

[2014/03/30 00:36:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek

[2014/03/30 00:36:25 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\ExpressCache

[2014/03/30 00:35:40 | 000,647,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys

[2014/03/30 00:35:40 | 000,028,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys

[2014/03/30 00:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanDisk

[2014/03/30 00:34:17 | 000,025,840 | ---- | C] (Condusiv Technologies) -- C:\Windows\SysNative\drivers\excfs.sys

[2014/03/30 00:34:16 | 000,118,000 | ---- | C] (Condusiv Technologies) -- C:\Windows\SysNative\drivers\excsd.sys

[2014/03/30 00:34:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE

[2014/03/30 00:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Diskeeper Corporation

[2014/03/30 00:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Condusiv Technologies

[2014/03/30 00:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\Condusiv Technologies

[2014/03/30 00:34:06 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

[2014/03/30 00:34:00 | 000,015,168 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll

[2014/03/30 00:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel

[2014/03/30 00:33:53 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2014/03/30 00:33:41 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2014/03/30 00:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent

[2014/03/30 00:33:24 | 000,062,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys

[2014/03/30 00:33:23 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information

[2014/03/30 00:33:23 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\InstallShield

[2014/03/30 00:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SanDisk

[2014/03/30 00:29:44 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll

[2014/03/30 00:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel

[2014/03/30 00:29:14 | 000,000,000 | ---D | C] -- C:\Intel

[2014/03/30 00:25:17 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2014/03/30 00:25:17 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Searches

[2014/03/30 00:25:17 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2014/03/30 00:25:17 | 000,000,000 | -H-D | C] -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2014/03/30 00:25:10 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Identities

[2014/03/30 00:25:08 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Contacts

[2014/03/30 00:25:05 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\VirtualStore

[2014/03/30 00:24:56 | 000,000,000 | --SD | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft

[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Saved Games

[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Links

[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Favorites

[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\Desktop

[2014/03/30 00:24:56 | 000,000,000 | R--D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\Temporary Internet Files

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Templates

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Start Menu

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\SendTo

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Recent

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\PrintHood

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\NetHood

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\My Documents

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Local Settings

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\History

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Cookies

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\Application Data

[2014/03/30 00:24:56 | 000,000,000 | -HSD | C] -- C:\Users\Behemoth\AppData\Local\Application Data

[2014/03/30 00:24:56 | 000,000,000 | -H-D | C] -- C:\Users\Behemoth\AppData

[2014/03/30 00:24:56 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Temp

[2014/03/30 00:24:56 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Microsoft

[2014/03/30 00:24:56 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Media Center Programs

[2014/03/30 00:24:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat

[2014/03/30 00:24:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat

[2014/03/30 00:23:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2014/03/30 00:23:38 | 000,000,000 | -HSD | C] -- C:\Recovery

[2014/03/29 23:23:52 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Thunderbird

[2014/03/29 23:23:52 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Thunderbird

[2014/03/29 23:23:52 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Mozilla

[2014/03/29 23:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird

[2014/03/29 23:22:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird

[2014/03/29 21:52:22 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P2P

[2014/03/29 21:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P2P

[2014/03/29 21:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2014/03/29 21:49:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2014/03/29 21:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

[2014/03/29 21:48:28 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Apple

[2014/03/29 21:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

[2014/03/29 21:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2014/03/29 21:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2014/03/29 21:25:20 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll

[2014/03/29 21:25:20 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll

[2014/03/29 21:20:19 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll

[2014/03/29 21:20:19 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll

[2014/03/29 21:16:08 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll

[2014/03/29 21:15:48 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll

[2014/03/29 21:15:48 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll

[2014/03/29 21:15:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe

[2014/03/29 21:15:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe

[2014/03/29 21:15:48 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys

[2014/03/29 21:15:47 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys

[2014/03/29 21:15:25 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll

[2014/03/29 21:15:24 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2014/03/29 21:15:24 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll

[2014/03/29 21:15:23 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe

[2014/03/29 21:14:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe

[2014/03/29 21:11:24 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\VS Revo Group

[2014/03/29 21:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group

[2014/03/29 21:11:20 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys

[2014/03/29 21:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group

[2014/03/29 20:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit

[2014/03/29 20:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

[2014/03/29 20:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER

[2014/03/29 20:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft

[2014/03/29 20:42:01 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2014/03/29 20:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server

[2014/03/29 20:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services

[2014/03/29 20:41:12 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Microsoft Help

[2014/03/29 20:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2014/03/29 20:40:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office

[2014/03/29 20:40:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2014/03/29 20:38:52 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2014/03/29 20:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\drivepurge

[2014/03/29 20:24:11 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\qBittorrent

[2014/03/29 20:24:07 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\qBittorrent

[2014/03/29 20:22:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\qBittorrent

[2014/03/29 20:12:10 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Skype

[2014/03/29 20:12:03 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Skype

[2014/03/29 20:11:59 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2014/03/29 20:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2014/03/29 20:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2014/03/29 20:11:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2014/03/29 20:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam

[2014/03/29 20:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam

[2014/03/29 20:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam

[2014/03/29 20:04:35 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll

[2014/03/29 20:04:35 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll

[2014/03/29 19:59:27 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Macromedia

[2014/03/29 19:50:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filters

[2014/03/29 19:49:44 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\vlc

[2014/03/29 19:49:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN

[2014/03/29 19:47:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed

[2014/03/29 19:47:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2014/03/29 19:39:25 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2014/03/29 19:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toolbox

[2014/03/29 19:39:15 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys

[2014/03/29 19:39:15 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys

[2014/03/29 19:39:15 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2014/03/29 19:39:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware

[2014/03/29 19:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2014/03/29 19:30:23 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE

[2014/03/29 19:28:52 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll

[2014/03/29 19:28:49 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll

[2014/03/29 19:28:49 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll

[2014/03/29 19:28:49 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll

[2014/03/29 19:28:49 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2014/03/29 19:28:49 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll

[2014/03/29 19:28:49 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2014/03/29 19:28:49 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2014/03/29 19:28:49 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2014/03/29 19:28:49 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2014/03/29 19:28:49 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2014/03/29 19:28:49 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2014/03/29 19:28:49 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2014/03/29 19:28:49 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll

[2014/03/29 19:28:49 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2014/03/29 19:28:49 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2014/03/29 19:28:49 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2014/03/29 19:28:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2014/03/29 19:28:49 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2014/03/29 19:28:49 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2014/03/29 19:28:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2014/03/29 19:28:49 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2014/03/29 19:28:49 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2014/03/29 19:28:49 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2014/03/29 19:28:49 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2014/03/29 19:28:49 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2014/03/29 19:28:49 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2014/03/29 19:28:49 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2014/03/29 19:28:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2014/03/29 19:28:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2014/03/29 19:28:49 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2014/03/29 19:28:49 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll

[2014/03/29 19:28:49 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2014/03/29 19:28:49 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2014/03/29 19:28:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2014/03/29 19:28:49 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2014/03/29 19:28:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2014/03/29 19:28:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2014/03/29 19:28:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2014/03/29 19:28:49 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2014/03/29 19:28:49 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2014/03/29 19:28:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll

[2014/03/29 19:28:49 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2014/03/29 19:28:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2014/03/29 19:28:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2014/03/29 19:28:49 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2014/03/29 19:28:49 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2014/03/29 19:28:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2014/03/29 19:28:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2014/03/29 19:28:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2014/03/29 19:28:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2014/03/29 19:16:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll

[2014/03/29 19:16:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys

[2014/03/29 19:16:46 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe

[2014/03/29 19:16:46 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll

[2014/03/29 19:16:45 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe

[2014/03/29 19:16:45 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe

[2014/03/29 19:16:45 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe

[2014/03/29 19:16:45 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe

[2014/03/29 19:16:45 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll

[2014/03/29 19:16:45 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll

[2014/03/29 19:16:45 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll

[2014/03/29 19:16:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll

[2014/03/29 19:16:45 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll

[2014/03/29 19:16:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll

[2014/03/29 19:16:44 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll

[2014/03/29 19:16:44 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll

[2014/03/29 19:16:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll

[2014/03/29 19:16:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys

[2014/03/29 19:16:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys

[2014/03/29 19:16:03 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll

[2014/03/29 19:16:03 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll

[2014/03/29 19:16:03 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll

[2014/03/29 19:16:03 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll

[2014/03/29 19:15:29 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll

[2014/03/29 19:15:29 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll

[2014/03/29 19:15:27 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll

[2014/03/29 19:15:27 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll

[2014/03/29 19:02:26 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL

[2014/03/29 19:02:25 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL

[2014/03/29 19:02:25 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll

[2014/03/29 19:02:24 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll

[2014/03/29 18:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET

[2014/03/29 18:57:22 | 000,000,000 | ---D | C] -- C:\Windows\Migration

[2014/03/29 16:19:03 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll

[2014/03/29 16:19:03 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll

[2014/03/29 16:19:03 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll

[2014/03/29 16:19:03 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll

[2014/03/29 16:19:03 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll

[2014/03/29 16:19:03 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll

[2014/03/29 16:19:03 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll

[2014/03/29 16:19:03 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll

[2014/03/29 16:19:03 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll

[2014/03/29 16:19:03 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll

[2014/03/29 16:19:03 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll

[2014/03/29 16:19:03 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll

[2014/03/29 16:19:03 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll

[2014/03/29 16:19:03 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll

[2014/03/29 16:19:03 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll

[2014/03/29 16:19:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

[2014/03/29 16:19:03 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll

[2014/03/29 16:19:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

[2014/03/29 16:19:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll

[2014/03/29 16:19:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

[2014/03/29 16:19:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll

[2014/03/29 16:19:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

[2014/03/29 16:19:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll

[2014/03/29 16:19:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

[2014/03/29 16:19:03 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll

[2014/03/29 16:04:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT

[2014/03/29 16:03:58 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll

[2014/03/29 16:03:58 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe

[2014/03/29 16:03:58 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll

[2014/03/29 16:03:58 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll

[2014/03/29 16:01:37 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys

[2014/03/29 15:59:11 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe

[2014/03/29 15:59:11 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe

[2014/03/29 15:59:11 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe

[2014/03/29 15:59:11 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe

[2014/03/29 15:59:10 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe

[2014/03/29 15:59:10 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe

[2014/03/29 15:59:10 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll

[2014/03/29 15:59:10 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe

[2014/03/29 15:59:10 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe

[2014/03/29 15:59:10 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll

[2014/03/29 15:59:10 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll

[2014/03/29 15:59:10 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll

[2014/03/29 15:59:10 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll

[2014/03/29 15:59:10 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll

[2014/03/29 15:59:10 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll

[2014/03/29 15:59:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll

[2014/03/29 15:59:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll

[2014/03/29 15:59:00 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2014/03/29 15:59:00 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2014/03/29 15:59:00 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2014/03/29 15:59:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll

[2014/03/29 15:58:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll

[2014/03/29 15:58:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll

[2014/03/29 15:58:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll

[2014/03/29 15:58:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2014/03/29 15:58:55 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll

[2014/03/29 15:58:55 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll

[2014/03/29 15:58:51 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2014/03/29 15:58:51 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2014/03/29 15:58:51 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2014/03/29 15:58:50 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll

[2014/03/29 15:58:50 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll

[2014/03/29 15:58:50 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll

[2014/03/29 15:58:50 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll

[2014/03/29 15:58:39 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

[2014/03/29 15:58:39 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

[2014/03/29 15:58:39 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2014/03/29 15:58:38 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe

[2014/03/29 15:58:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2014/03/29 15:58:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll

[2014/03/29 15:58:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll

[2014/03/29 15:58:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2014/03/29 15:58:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2014/03/29 15:58:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2014/03/29 15:58:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2014/03/29 15:58:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2014/03/29 15:58:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2014/03/29 15:58:29 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll

[2014/03/29 15:58:29 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll

[2014/03/29 15:58:29 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll

[2014/03/29 15:58:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs

[2014/03/29 15:58:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs

[2014/03/29 15:58:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs

[2014/03/29 15:58:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs

[2014/03/29 15:58:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs

[2014/03/29 15:58:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs

[2014/03/29 15:58:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs

[2014/03/29 15:58:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs

[2014/03/29 15:58:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs

[2014/03/29 15:58:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs

[2014/03/29 15:58:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs

[2014/03/29 15:58:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs

[2014/03/29 15:58:29 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs

[2014/03/29 15:58:29 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs

[2014/03/29 15:58:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs

[2014/03/29 15:58:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs

[2014/03/29 15:58:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs

[2014/03/29 15:58:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs

[2014/03/29 15:58:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs

[2014/03/29 15:58:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs

[2014/03/29 15:58:28 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll

[2014/03/29 15:58:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs

[2014/03/29 15:58:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs

[2014/03/29 15:58:28 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs

[2014/03/29 15:58:28 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs

[2014/03/29 15:58:28 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs

[2014/03/29 15:58:28 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs

[2014/03/29 15:58:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs

[2014/03/29 15:58:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs

[2014/03/29 15:58:24 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll

[2014/03/29 15:58:24 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll

[2014/03/29 15:58:21 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe

[2014/03/29 15:58:18 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll

[2014/03/29 15:58:18 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll

[2014/03/29 15:58:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll

[2014/03/29 15:58:18 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe

[2014/03/29 15:58:18 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx

[2014/03/29 15:58:18 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe

[2014/03/29 15:58:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx

[2014/03/29 15:58:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll

[2014/03/29 15:58:13 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys

[2014/03/29 15:58:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll

[2014/03/29 15:58:11 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe

[2014/03/29 15:58:10 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe

[2014/03/29 15:58:10 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll

[2014/03/29 15:58:10 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll

[2014/03/29 15:58:00 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS

[2014/03/29 15:57:58 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll

[2014/03/29 15:57:58 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll

[2014/03/29 15:57:58 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll

[2014/03/29 15:57:58 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll

[2014/03/29 15:57:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll

[2014/03/29 15:57:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll

[2014/03/29 15:57:57 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll

[2014/03/29 15:57:57 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll

[2014/03/29 15:57:57 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll

[2014/03/29 15:57:56 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll

[2014/03/29 15:57:56 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll

[2014/03/29 15:57:56 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll

[2014/03/29 15:57:56 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll

[2014/03/29 15:57:56 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll

[2014/03/29 15:57:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll

[2014/03/29 15:57:56 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe

[2014/03/29 15:57:56 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe

[2014/03/29 15:57:56 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll

[2014/03/29 15:57:56 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll

[2014/03/29 15:57:55 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe

[2014/03/29 15:57:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe

[2014/03/29 15:57:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll

[2014/03/29 15:57:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll

[2014/03/29 15:57:52 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll

[2014/03/29 15:57:52 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll

[2014/03/29 15:57:47 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll

[2014/03/29 15:57:46 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll

[2014/03/29 15:57:44 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll

[2014/03/29 15:57:44 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll

[2014/03/29 15:57:44 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll

[2014/03/29 15:57:44 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll

[2014/03/29 15:57:43 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll

[2014/03/29 15:57:39 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll

[2014/03/29 15:57:39 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll

[2014/03/29 15:57:39 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll

[2014/03/29 15:57:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll

[2014/03/29 15:57:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll

[2014/03/29 15:57:37 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll

[2014/03/29 15:57:36 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll

[2014/03/29 15:57:36 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2014/03/29 15:57:33 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll

[2014/03/29 15:57:31 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll

[2014/03/29 15:57:31 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll

[2014/03/29 15:57:25 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll

[2014/03/29 15:57:25 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll

[2014/03/29 15:57:24 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll

[2014/03/29 15:57:24 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll

[2014/03/29 15:57:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll

[2014/03/29 15:57:24 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll

[2014/03/29 15:57:24 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll

[2014/03/29 15:57:22 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys

[2014/03/29 15:57:21 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys

[2014/03/29 15:57:21 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys

[2014/03/29 15:57:19 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe

[2014/03/29 15:57:19 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys

[2014/03/29 15:57:18 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll

[2014/03/29 15:57:18 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll

[2014/03/29 15:57:18 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll

[2014/03/29 15:57:17 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll

[2014/03/29 15:57:17 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe

[2014/03/29 15:57:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe

[2014/03/29 15:57:14 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys

[2014/03/29 15:57:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys

[2014/03/29 15:57:09 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll

[2014/03/29 15:57:09 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll

[2014/03/29 15:57:09 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL

[2014/03/29 15:57:09 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL

[2014/03/29 15:57:08 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll

[2014/03/29 15:57:06 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll

[2014/03/29 15:57:06 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll

[2014/03/29 15:57:05 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

[2014/03/29 15:57:05 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll

[2014/03/29 15:57:05 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll

[2014/03/29 15:57:05 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll

[2014/03/29 15:57:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys

[2014/03/29 15:57:05 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys

[2014/03/29 15:57:04 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll

[2014/03/29 15:56:57 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll

[2014/03/29 15:56:57 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax

[2014/03/29 15:56:56 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll

[2014/03/29 15:56:56 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll

[2014/03/29 15:56:56 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax

[2014/03/29 15:56:55 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll

[2014/03/29 15:56:54 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll

[2014/03/29 15:56:52 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll

[2014/03/29 15:56:52 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll

[2014/03/29 15:56:52 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe

[2014/03/29 15:56:51 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll

[2014/03/29 15:56:51 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll

[2014/03/29 15:56:51 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe

[2014/03/29 15:56:50 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll

[2014/03/29 15:56:49 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll

[2014/03/29 15:56:49 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll

[2014/03/29 15:56:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll

[2014/03/29 15:56:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll

[2014/03/29 15:56:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll

[2014/03/29 15:56:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll

[2014/03/29 15:56:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll

[2014/03/29 15:56:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll

[2014/03/29 15:56:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll

[2014/03/29 15:56:48 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl

[2014/03/29 15:56:48 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl

[2014/03/29 15:56:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll

[2014/03/29 15:56:45 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll

[2014/03/29 15:56:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll

[2014/03/29 15:56:44 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll

[2014/03/29 15:56:43 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll

[2014/03/29 15:56:42 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL

[2014/03/29 15:56:42 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL

[2014/03/29 15:56:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys

[2014/03/29 15:56:41 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll

[2014/03/29 15:56:41 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll

[2014/03/29 15:56:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll

[2014/03/29 15:56:39 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll

[2014/03/29 15:56:39 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll

[2014/03/29 15:56:38 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll

[2014/03/29 15:56:38 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll

[2014/03/29 15:56:38 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll

[2014/03/29 15:56:38 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll

[2014/03/29 15:56:38 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax

[2014/03/29 15:56:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax

[2014/03/29 15:56:37 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll

[2014/03/29 15:56:36 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi

[2014/03/29 15:56:36 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe

[2014/03/29 15:56:36 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi

[2014/03/29 15:56:36 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe

[2014/03/29 15:56:36 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll

[2014/03/29 15:56:36 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll

[2014/03/29 15:56:36 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll

[2014/03/29 15:56:28 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys

[2014/03/29 15:56:27 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll

[2014/03/29 15:56:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll

[2014/03/29 15:56:26 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

[2014/03/29 15:56:26 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

[2014/03/29 15:56:25 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll

[2014/03/29 15:56:25 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll

[2014/03/29 15:56:25 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll

[2014/03/29 15:56:25 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe

[2014/03/29 15:56:25 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll

[2014/03/29 15:56:24 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe

[2014/03/29 15:56:24 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys

[2014/03/29 15:56:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll

[2014/03/29 15:56:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe

[2014/03/29 15:56:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe

[2014/03/29 15:46:50 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll

[2014/03/29 15:46:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll

[2014/03/29 15:41:26 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll

[2014/03/29 15:41:26 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe

[2014/03/29 15:41:26 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll

[2014/03/29 15:41:21 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll

[2014/03/29 15:41:21 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll

[2014/03/29 15:41:21 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll

[2014/03/29 15:41:12 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll

[2014/03/29 15:41:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe

[2014/03/29 15:31:55 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\AVAST Software

[2014/03/29 15:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

[2014/03/29 15:31:32 | 000,084,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys

[2014/03/29 15:31:31 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2014/03/29 15:31:31 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2014/03/29 15:31:30 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

[2014/03/29 15:31:30 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2014/03/29 15:31:28 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2014/03/29 15:31:27 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

[2014/03/29 15:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2014/03/29 15:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software

[2014/03/29 15:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses

[2014/03/29 15:29:47 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL

[2014/03/29 15:29:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster

[2014/03/29 15:12:32 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbox

[2014/03/29 15:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CodeStuff

[2014/03/29 15:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

[2014/03/29 15:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2014/03/29 15:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2014/03/29 15:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2014/03/29 15:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies

[2014/03/29 15:03:20 | 006,714,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2014/03/29 15:03:20 | 003,497,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2014/03/29 15:03:20 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2014/03/29 15:03:20 | 000,064,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2014/03/29 15:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2014/03/29 15:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation

[2014/03/29 15:02:46 | 031,474,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2014/03/29 15:02:46 | 025,255,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2014/03/29 15:02:46 | 023,716,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2014/03/29 15:02:46 | 018,302,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2014/03/29 15:02:46 | 017,755,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2014/03/29 15:02:46 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2014/03/29 15:02:46 | 015,783,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2014/03/29 15:02:46 | 014,709,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2014/03/29 15:02:46 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2014/03/29 15:02:46 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2014/03/29 15:02:46 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2014/03/29 15:02:46 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2014/03/29 15:02:46 | 003,143,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2014/03/29 15:02:46 | 003,093,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2014/03/29 15:02:46 | 002,958,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2014/03/29 15:02:46 | 002,783,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2014/03/29 15:02:46 | 002,715,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2014/03/29 15:02:46 | 002,411,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2014/03/29 15:02:46 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433523.dll

[2014/03/29 15:02:46 | 001,516,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433523.dll

[2014/03/29 15:02:46 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll

[2014/03/29 15:02:46 | 000,947,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2014/03/29 15:02:46 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll

[2014/03/29 15:02:46 | 000,877,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll

[2014/03/29 15:02:46 | 000,863,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll

[2014/03/29 15:02:46 | 000,846,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll

[2014/03/29 15:02:46 | 000,832,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2014/03/29 15:02:46 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll

[2014/03/29 15:02:46 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll

[2014/03/29 15:02:46 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2014/03/29 15:02:46 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2014/03/29 15:02:46 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2014/03/29 15:02:46 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2014/03/29 14:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2014/03/29 14:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2014/03/29 14:50:43 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Google

[2014/03/29 14:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[2014/03/29 14:50:25 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Deployment

[2014/03/29 14:50:25 | 000,000,000 | ---D | C] -- C:\Users\Behemoth\AppData\Local\Apps

[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2014/04/26 19:29:03 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync

[2014/04/26 19:16:46 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2014/04/26 19:02:59 | 000,783,114 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2014/04/26 19:02:59 | 000,662,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2014/04/26 19:02:59 | 000,122,060 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2014/04/26 19:00:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/04/26 18:58:53 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/04/26 18:58:52 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job

[2014/04/26 18:58:24 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys

[2014/04/26 18:58:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014/04/26 18:58:19 | 2056,863,743 | -HS- | M] () -- C:\hiberfil.sys

[2014/04/26 18:57:46 | 000,020,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/04/26 18:57:46 | 000,020,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/04/26 18:44:33 | 000,007,603 | ---- | M] () -- C:\Users\Behemoth\AppData\Local\Resmon.ResmonCfg

[2014/04/26 17:57:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

[2014/04/26 17:55:52 | 000,098,438 | ---- | M] () -- C:\Windows\hpwins27.dat

[2014/04/26 17:45:20 | 004,994,784 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2014/04/26 10:02:12 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2014/04/26 10:02:12 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2014/04/25 21:00:05 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Pro 9.lnk

[2014/04/24 18:37:37 | 000,002,789 | ---- | M] () -- C:\Users\Behemoth\Desktop\Excel 2013.lnk

[2014/04/24 18:37:33 | 000,002,837 | ---- | M] () -- C:\Users\Behemoth\Desktop\Word 2013.lnk

[2014/04/24 10:32:42 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\NLSSRV32.EXE

[2014/04/24 10:32:12 | 000,029,704 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon9.dll

[2014/04/24 10:32:12 | 000,017,928 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui9.dll

[2014/04/12 10:14:52 | 000,032,320 | ---- | M] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS

[2014/04/12 10:14:50 | 000,016,648 | ---- | M] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS

[2014/04/12 10:06:35 | 000,000,003 | ---- | M] () -- C:\Users\Behemoth\AppData\Local\user_data.ini

[2014/04/11 12:01:47 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys

[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys

[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2014/04/03 09:50:31 | 000,000,908 | ---- | M] () -- C:\Users\Behemoth\Desktop\My Documents.lnk

[2014/03/30 20:23:49 | 000,000,244 | ---- | M] () -- C:\Windows\SysNative\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat

[2014/03/30 09:51:22 | 000,000,280 | ---- | M] () -- C:\Windows\SysNative\PDBootState

[2014/03/30 03:21:26 | 000,122,093 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

[2014/03/30 03:21:26 | 000,122,093 | ---- | M] () -- C:\Windows\SysNative\license.rtf

[2014/03/30 03:19:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2014/03/30 02:37:24 | 000,018,600 | ---- | M] () -- C:\Windows\SysNative\results.xml

[2014/03/30 01:49:21 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf

[2014/03/30 00:24:22 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll

[2014/03/30 00:24:22 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll

[2014/03/30 00:24:22 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll

[2014/03/30 00:24:21 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll

[2014/03/29 23:23:52 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat

[2014/03/29 23:22:53 | 000,002,033 | ---- | M] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk

[2014/03/29 23:22:53 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

[2014/03/29 21:39:44 | 000,775,352 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2014/03/29 20:11:59 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2014/03/29 19:28:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll

[2014/03/29 19:28:49 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll

[2014/03/29 19:28:49 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll

[2014/03/29 19:28:49 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll

[2014/03/29 19:28:49 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2014/03/29 19:28:49 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll

[2014/03/29 19:28:49 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2014/03/29 19:28:49 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2014/03/29 19:28:49 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2014/03/29 19:28:49 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2014/03/29 19:28:49 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2014/03/29 19:28:49 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2014/03/29 19:28:49 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2014/03/29 19:28:49 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll

[2014/03/29 19:28:49 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2014/03/29 19:28:49 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2014/03/29 19:28:49 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2014/03/29 19:28:49 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2014/03/29 19:28:49 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2014/03/29 19:28:49 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2014/03/29 19:28:49 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2014/03/29 19:28:49 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2014/03/29 19:28:49 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2014/03/29 19:28:49 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2014/03/29 19:28:49 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2014/03/29 19:28:49 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2014/03/29 19:28:49 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2014/03/29 19:28:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2014/03/29 19:28:49 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2014/03/29 19:28:49 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2014/03/29 19:28:49 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2014/03/29 19:28:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll

[2014/03/29 19:28:49 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2014/03/29 19:28:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2014/03/29 19:28:49 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2014/03/29 19:28:49 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2014/03/29 19:28:49 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2014/03/29 19:28:49 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2014/03/29 19:28:49 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2014/03/29 19:28:49 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2014/03/29 19:28:49 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2014/03/29 19:28:49 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll

[2014/03/29 19:28:49 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2014/03/29 19:28:49 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2014/03/29 19:28:49 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2014/03/29 19:28:49 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2014/03/29 19:28:49 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2014/03/29 19:28:49 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2014/03/29 19:28:49 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2014/03/29 19:28:49 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2014/03/29 19:28:49 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2014/03/29 19:28:49 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2014/03/29 19:28:49 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2014/03/29 16:19:03 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll

[2014/03/29 16:19:03 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll

[2014/03/29 16:19:03 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll

[2014/03/29 16:19:03 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll

[2014/03/29 16:19:03 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll

[2014/03/29 16:19:03 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll

[2014/03/29 16:19:03 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll

[2014/03/29 16:19:03 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll

[2014/03/29 16:19:03 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll

[2014/03/29 16:19:03 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll

[2014/03/29 16:19:03 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll

[2014/03/29 16:19:03 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll

[2014/03/29 16:19:03 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll

[2014/03/29 16:19:03 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll

[2014/03/29 16:19:03 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll

[2014/03/29 16:19:03 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

[2014/03/29 16:19:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll

[2014/03/29 16:19:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

[2014/03/29 16:19:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll

[2014/03/29 16:19:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

[2014/03/29 16:19:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll

[2014/03/29 16:19:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

[2014/03/29 16:19:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll

[2014/03/29 16:19:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll

[2014/03/29 16:19:03 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

[2014/03/29 16:19:03 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll

[2014/03/29 15:31:52 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2014/03/29 15:31:27 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2014/03/29 15:31:27 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2014/03/29 15:31:27 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2014/03/29 15:31:27 | 000,208,928 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys

[2014/03/29 15:31:27 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

[2014/03/29 15:31:27 | 000,084,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys

[2014/03/29 15:31:27 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2014/03/29 15:31:27 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys

[2014/03/29 15:31:27 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2014/03/29 15:04:41 | 000,002,283 | ---- | M] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2014/03/29 14:48:14 | 000,001,441 | ---- | M] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2014/04/26 19:29:03 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync

[2014/04/26 17:53:43 | 000,098,438 | ---- | C] () -- C:\Windows\hpwins27.dat

[2014/04/26 17:53:43 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat

[2014/04/26 17:46:36 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll

[2014/04/26 17:45:05 | 004,994,784 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2014/04/26 16:57:35 | 2056,863,743 | -HS- | C] () -- C:\hiberfil.sys

[2014/04/26 10:06:59 | 000,007,603 | ---- | C] () -- C:\Users\Behemoth\AppData\Local\Resmon.ResmonCfg

[2014/04/25 21:00:05 | 000,001,978 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk

[2014/04/25 21:00:05 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Pro 9.lnk

[2014/04/25 19:58:19 | 000,000,000 | ---- | C] () -- C:\ProgramData\193847656

[2014/04/24 18:37:37 | 000,002,789 | ---- | C] () -- C:\Users\Behemoth\Desktop\Excel 2013.lnk

[2014/04/24 18:37:33 | 000,002,837 | ---- | C] () -- C:\Users\Behemoth\Desktop\Word 2013.lnk

[2014/04/24 07:46:55 | 000,001,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk

[2014/04/24 07:46:31 | 000,001,215 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk

[2014/04/24 07:45:17 | 000,001,177 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk

[2014/04/24 07:45:05 | 000,001,270 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk

[2014/04/24 07:43:24 | 000,001,361 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk

[2014/04/24 07:43:18 | 000,001,527 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk

[2014/04/24 07:43:00 | 000,001,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

[2014/04/23 21:23:44 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk

[2014/04/12 10:06:35 | 000,000,003 | ---- | C] () -- C:\Users\Behemoth\AppData\Local\user_data.ini

[2014/04/03 09:50:31 | 000,000,908 | ---- | C] () -- C:\Users\Behemoth\Desktop\My Documents.lnk

[2014/03/30 20:23:49 | 000,000,244 | ---- | C] () -- C:\Windows\SysNative\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat

[2014/03/30 09:51:22 | 000,000,280 | ---- | C] () -- C:\Windows\SysNative\PDBootState

[2014/03/30 09:23:02 | 000,002,027 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerfectDisk 12.5.lnk

[2014/03/30 03:21:22 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2014/03/30 03:21:22 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2014/03/30 03:19:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2014/03/30 02:38:30 | 002,261,764 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat

[2014/03/30 02:38:30 | 000,223,608 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT

[2014/03/30 02:37:24 | 000,018,600 | ---- | C] () -- C:\Windows\SysNative\results.xml

[2014/03/30 01:49:21 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf

[2014/03/30 01:47:44 | 000,775,352 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2014/03/30 00:34:15 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

[2014/03/30 00:34:15 | 000,000,828 | ---- | C] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job

[2014/03/30 00:25:19 | 000,001,417 | ---- | C] () -- C:\Users\Behemoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2014/03/30 00:24:56 | 000,000,290 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2014/03/30 00:24:56 | 000,000,272 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2014/03/29 23:23:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2014/03/29 23:22:53 | 000,002,033 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk

[2014/03/29 23:22:53 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

[2014/03/29 21:48:28 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2014/03/29 20:11:59 | 000,002,697 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk

[2014/03/29 19:28:49 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2014/03/29 19:28:49 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2014/03/29 16:03:58 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

[2014/03/29 15:58:13 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

[2014/03/29 15:31:52 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2014/03/29 15:31:31 | 000,208,928 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys

[2014/03/29 15:31:31 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys

[2014/03/29 15:03:20 | 003,649,185 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin

[2014/03/29 15:02:46 | 000,024,544 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb

[2014/03/29 14:51:17 | 000,002,283 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2014/03/29 14:51:17 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014/03/29 14:50:45 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/03/29 14:50:45 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/03/29 14:48:14 | 000,001,441 | ---- | C] () -- C:\Users\Behemoth\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2014/03/29 14:42:52 | 000,034,752 | ---- | C] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys

[2014/03/07 09:21:58 | 000,342,944 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll

[2014/03/07 09:15:00 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2014/03/07 09:14:56 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll

[2014/03/07 09:14:56 | 000,068,608 | ---- | C] () -- C:\Windows\SysWow64\igfxexps32.dll

[2012/09/17 16:24:18 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin

[2012/09/17 16:23:50 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin

[2012/06/19 18:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

 

========== ZeroAccess Check ==========

 

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

========== LOP Check ==========

 

[2014/03/29 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\AVAST Software

[2014/04/25 20:59:36 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\Downloaded Installations

[2014/04/24 17:06:18 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\foobar2000

[2014/04/23 19:23:16 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\Nitro

[2014/04/24 07:32:46 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\Notepad++

[2014/03/29 20:24:56 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\qBittorrent

[2014/03/29 23:23:52 | 000,000,000 | ---D | M] -- C:\Users\Behemoth\AppData\Roaming\Thunderbird

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences

 

< End of report >

 

 


 

OTL Extras logfile created on: 4/26/2014 7:29:46 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Program Files (x86)\OTL

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17041)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

7.89 Gb Total Physical Memory | 5.11 Gb Available Physical Memory | 64.85% Memory free

15.87 Gb Paging File | 13.11 Gb Available in Paging File | 82.58% Paging File free

Paging file location(s): c:\pagefile.sys 100 100e:\pagefil [binary data over 200 bytes]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 931.41 Gb Total Space | 885.25 Gb Free Space | 95.04% Space Free | Partition Type: NTFS

Drive E: | 10.00 Gb Total Space | 2.02 Gb Free Space | 20.24% Space Free | Partition Type: NTFS

Drive F: | 139.05 Gb Total Space | 138.90 Gb Free Space | 99.89% Space Free | Partition Type: NTFS

 

Computer Name: BEHEMOTH-PC | User Name: Behemoth | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0A5C89AA-00A6-48FC-B929-49E34083E8DD}" = rport=445 | protocol=6 | dir=out | app=system | 

"{1DC9940C-4305-47D7-BA15-0F33530A021D}" = rport=139 | protocol=6 | dir=out | app=system | 

"{2503E55C-CCF0-465B-A4BF-398483A70D72}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{57190226-DEFD-4BA6-8A21-DA93F2EEA3C5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 

"{5D5CA0FE-D0F3-47D6-8BD2-D50977ED3639}" = lport=445 | protocol=6 | dir=in | app=system | 

"{6E6556DE-C85B-40FF-B652-61F4FA15BB51}" = lport=138 | protocol=17 | dir=in | app=system | 

"{7982E5A9-14A9-4628-BF20-28D4A4516FE6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{851FD9DD-EB29-4B5A-9333-045382E66388}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{A5F7F7AD-70B4-4305-832B-286E17D0C2F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{AE5A5F55-08B2-4C3E-A65A-95E96F9537FD}" = rport=137 | protocol=17 | dir=out | app=system | 

"{EB01FC1F-D182-4A10-8C30-1BF52CECAA3B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{EC457B5E-D179-4454-A2D8-D304F20C80A6}" = lport=139 | protocol=6 | dir=in | app=system | 

"{F2D38B86-172B-46D8-AF9A-03F40F5D4103}" = rport=138 | protocol=17 | dir=out | app=system | 

"{FFA3153F-5187-47B8-85F5-B9D768566981}" = lport=137 | protocol=17 | dir=in | app=system | 

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1780452A-42EB-4512-A7B3-90441F38141B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 

"{2674C6AA-01DC-48D8-B60F-B7F4C01FA25D}" = protocol=58 | dir=in | [email protected],-28545 | 

"{2BED5E15-8C13-45E6-AF1F-B74FA3C7507E}" = protocol=1 | dir=in | [email protected],-28543 | 

"{2E5B629D-A9B9-46BF-AFF9-DC8A59023790}" = protocol=17 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe | 

"{4017A59C-706C-4734-B008-08D711CF316B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 

"{46DA970C-21A9-4185-AA42-17DE096E7557}" = protocol=58 | dir=out | [email protected],-28546 | 

"{49C7031E-3FF6-462A-B1C9-1F5FA5B3A521}" = protocol=1 | dir=out | [email protected],-28544 | 

"{4BA4CB02-8073-4E64-9A41-7B5D94AA8AF1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{528F2E07-3883-42AD-95C8-5F741653D451}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{55B35400-4A46-4982-84B9-8B0C36893911}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 

"{58256809-0264-435E-9751-08E4CA16852A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{67BD6E37-3BFD-40FF-98CF-AB56465FD96D}" = protocol=6 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe | 

"{68774137-C2AE-4D5C-B808-C0E081801BE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 

"{6BB38100-C9BC-4E65-91DE-2FAA3239D027}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{74EF1FE7-C58B-4BA4-AABB-E09039FED2E6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 

"{7C6AE36B-48A6-41D4-A033-A92241495999}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{8088B11F-FE0B-4548-BE0A-A4E0C013927D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 

"{8AD46FE7-EE14-4BB3-A606-85CE212ADABD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe | 

"{8B513AD9-3C9F-447A-B8AF-29DA9E4469DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{9A58AD1F-7F1A-497A-BCBB-3D9BFE801C30}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 

"{9AEFB80E-D8B7-480D-9313-A3F0DEFD6A18}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe | 

"{A1C8BCC4-0FDD-4CA5-BE70-A972FD1AA38F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 

"{BACA4981-759E-4A53-B9DE-641F419853B7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{C04484F7-4D41-4180-9869-83DFEA3330BB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe | 

"{C268CDA9-E312-4248-8DF1-7FB6C4A2C89A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 

"{C46B2801-DF14-42FE-8EBD-474E50016D49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe | 

"{D523716E-AD54-4FB3-96C5-039BD2006277}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{E7273C5F-8D9D-4B88-A9E9-AFF677F163FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 

"{F2A3C878-199B-4C23-99B5-F601FF81EB86}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer

"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam

"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.8

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{90150000-002A-0000-1000-0000000FF1CE}" = Microsoft Office 64-bit Components 2013

"{90150000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2013

"{90150000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client

"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation

"{9EB0073B-20D4-4C03-A931-C8A105B948D3}" = ExpressCache

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 335.23

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 335.23

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.30.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{BBB1823D-90A6-4ACB-B08B-38632F1E4F1D}" = HP Officejet 4500 G510a-f Corporate Edition 13.0

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{D1B033E8-A077-4B0D-9831-5798E19E861E}" = Intel® Smart Connect Technology 2.0 x64

"{F0C524DF-EAA7-49EA-A712-B55C5D5BDDCD}" = Nitro Pro 9

"{FD310764-B3E5-430F-980E-D6C0016B2660}" = PerfectDisk 12.5 Professional

"ASRock 3TB+ Unlocker_is1" = ASRock 3TB+ Unlocker v1.1

"ASRock App Charger_is1" = ASRock App Charger v1.0.6

"ASRock XFast RAM_is1" = ASRock XFast RAM v2.0.28

"CCleaner" = CCleaner

"VIRTU MVP_is1" = VIRTU MVP 2.1.227

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan

"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7

"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5

"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel

"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skypeâ„¢ 6.14

"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{90150000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2013

"{90150000-0015-0409-0000-0000000FF1CE}" = Microsoft Access MUI (English) 2013

"{90150000-0016-0409-0000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013

"{90150000-0018-0409-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013

"{90150000-0019-0409-0000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013

"{90150000-001A-0409-0000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013

"{90150000-001B-0409-0000-0000000FF1CE}" = Microsoft Word MUI (English) 2013

"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English

"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français

"{90150000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español

"{90150000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013

"{90150000-0044-0409-0000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013

"{90150000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013

"{90150000-0090-0409-0000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013

"{90150000-00A1-0409-0000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013

"{90150000-00BA-0409-0000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013

"{90150000-00E1-0409-0000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013

"{90150000-00E2-0409-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013

"{90150000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013

"{90150000-0117-0409-0000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013

"{90150000-012B-0409-0000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{95E0772F-0AFD-4388-B84C-43C2F51150F9}" = 4500G510af_Ent

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin

"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.338

"ASRock InstantBoot_is1" = ASRock InstantBoot v1.29

"Avast" = avast! Free Antivirus

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"CodeStuff Starter" = CodeStuff Starter

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"ExpressCacheApp" = ExpressCacheApp

"foobar2000" = foobar2000 v1.3.2

"Google Chrome" = Google Chrome

"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004

"Mozilla Thunderbird (3.1.20)" = Mozilla Thunderbird (3.1.20)

"Notepad++" = Notepad++

"Office15.PROPLUS" = Microsoft Office Professional Plus 2013

"qbittorrent" = qBittorrent 3.1.9

"SpywareBlaster_is1" = SpywareBlaster 5.0

"Topaz Adjust 5" = Topaz Adjust 5

"Topaz BW Effects 2" = Topaz B&W Effects

"Topaz Clarity" = Topaz Clarity

"Topaz Clean 3" = Topaz Clean 3

"Topaz DeJpeg 4" = Topaz DeJpeg 4

"Topaz DeNoise 5" = Topaz DeNoise 5

"Topaz Detail 3" = Topaz Detail 3

"Topaz Fusion Express 2" = Topaz Fusion Express 2

"Topaz InFocus" = Topaz InFocus

"Topaz Lens Effects" = Topaz Lens Effects

"Topaz ReMask 3" = Topaz ReMask 3

"Topaz Simplify 4" = Topaz Simplify 4

"Topaz Star Effects" = Topaz Star Effects

"VLC media player" = VLC media player 2.1.3

"XFastUSB" = XFastUSB

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-3913706258-2513946957-3325762992-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

< End of report >

 

 

Link to post
Share on other sites

Falcon, good to hear it may have cured your problem ! Some cleaning with a OTL fix i will write up later ! Lets run a scans looking for a root kit infection & see if we find anything !

 

Run RogueKiller

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

Download RogueKiller to your desktop. >>> http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

    close all running programs
    for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
    when the prescan is finished, click on Scan
    click on Report and copy/paste the content in your next post.[/list
    If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next reply.

 

 

 

==========================

 

 

 

Please read carefully and follow these steps. There is a difference between what you see in one of the images below and what I need you to do.

We are only creating a log - I do NOT want you to "cure" or try to fix anything in this step. It is very important that you don't choose Cure when presented with that option.

Download >>> http://support.kaspersky.com/downloads/utils/tdsskiller.zip <<< and save it to your Desktop.
* Extract its contents to your desktop.
* Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

    * Windows XP : Double click on the icon to run it.
    * Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

 Press Start Scan

    * Only if Malicious objects are found then ensure Cure is selected
    * Then click Continue > Reboot now

Copy and paste the log in your next reply !
A copy of the log will be saved automatically to the root of the drive (typically C:\)


 

Post that logs for me & i will write up a OTL fix tomorrow after i see the root kit logs !

 

 

Thanks

Chuck

Link to post
Share on other sites

Thanks, Flash!

 

1. RogueKiller

 

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Behemoth [Admin rights]

Mode : Scan -- Date : 04/27/2014 07:52:35

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 9 ¤¤¤

[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Browser Addons : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  Â¤Â¤Â¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ATA WDC WD10EZEX-22B SCSI Disk Device +++++

--- User ---

[MBR] 619acb0a5be3c34ee627fd21404eca3a

[bSP] 95171d8b45317bbbad54f4c4de950a75 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ATA SanDisk SDSSDRC0 SCSI Disk Device +++++

--- User ---

[MBR] a54123f79964a220c425de15d5be222d

[bSP] 0a9420da5d388cf72c9f5653515471d4 : Empty MBR Code

Partition table:

0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 2048 | Size: 30532 MB

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) ATA ST3160827AS SCSI Disk Device +++++

--- User ---

[MBR] 75b9762d07989f0aa8fbe37c5d4d281d

[bSP] 626761ca413d20263787e82035f22f70 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 10240 MB

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 142384 MB

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_04272014_075235.txt >>

 

2. TDSSKiller

 

07:56:04.0820 0x0714  TDSS rootkit removing tool 3.0.0.33 Apr 24 2014 14:02:50

07:56:08.0689 0x0714  ============================================================

07:56:08.0689 0x0714  Current date / time: 2014/04/27 07:56:08.0689

07:56:08.0689 0x0714  SystemInfo:

07:56:08.0689 0x0714  

07:56:08.0689 0x0714  OS Version: 6.1.7601 ServicePack: 1.0

07:56:08.0689 0x0714  Product type: Workstation

07:56:08.0689 0x0714  ComputerName: BEHEMOTH-PC

07:56:08.0689 0x0714  UserName: Behemoth

07:56:08.0689 0x0714  Windows directory: C:\Windows

07:56:08.0689 0x0714  System windows directory: C:\Windows

07:56:08.0689 0x0714  Running under WOW64

07:56:08.0689 0x0714  Processor architecture: Intel x64

07:56:08.0689 0x0714  Number of processors: 4

07:56:08.0689 0x0714  Page size: 0x1000

07:56:08.0689 0x0714  Boot type: Normal boot

07:56:08.0689 0x0714  ============================================================

07:56:10.0592 0x0714  KLMD registered as C:\Windows\system32\drivers\89341552.sys

07:56:10.0670 0x0714  System UUID: {6ED84571-DDDA-C2FD-EB32-D8F8059E9D54}

07:56:10.0936 0x0714  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

07:56:10.0936 0x0714  Drive \Device\Harddisk1\DR1 - Size: 0x7745D6000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

07:56:10.0936 0x0714  Drive \Device\Harddisk2\DR2 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

07:56:10.0951 0x0714  ============================================================

07:56:10.0951 0x0714  \Device\Harddisk0\DR0:

07:56:10.0951 0x0714  MBR partitions:

07:56:10.0951 0x0714  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

07:56:10.0951 0x0714  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800

07:56:10.0951 0x0714  \Device\Harddisk1\DR1:

07:56:10.0951 0x0714  MBR partitions:

07:56:10.0951 0x0714  \Device\Harddisk2\DR2:

07:56:10.0951 0x0714  MBR partitions:

07:56:10.0951 0x0714  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1400000

07:56:10.0951 0x0714  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x11618000

07:56:10.0951 0x0714  ============================================================

07:56:10.0967 0x0714  C: <-> \Device\Harddisk0\DR0\Partition2

07:56:10.0982 0x0714  E: <-> \Device\Harddisk2\DR2\Partition1

07:56:11.0014 0x0714  F: <-> \Device\Harddisk2\DR2\Partition2

07:56:11.0014 0x0714  ============================================================

07:56:11.0014 0x0714  Initialize success

07:56:11.0014 0x0714  ============================================================

07:56:24.0601 0x0aa8  ============================================================

07:56:24.0601 0x0aa8  Scan started

07:56:24.0601 0x0aa8  Mode: Manual; 

07:56:24.0601 0x0aa8  ============================================================

07:56:24.0601 0x0aa8  KSN ping started

07:56:27.0472 0x0aa8  KSN ping finished: true

07:56:27.0737 0x0aa8  ================ Scan system memory ========================

07:56:27.0737 0x0aa8  System memory - ok

07:56:27.0753 0x0aa8  ================ Scan services =============================

07:56:27.0909 0x0aa8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

07:56:27.0909 0x0aa8  1394ohci - ok

07:56:27.0940 0x0aa8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

07:56:27.0940 0x0aa8  ACPI - ok

07:56:27.0955 0x0aa8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

07:56:27.0955 0x0aa8  AcpiPmi - ok

07:56:27.0971 0x0aa8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

07:56:27.0971 0x0aa8  adp94xx - ok

07:56:27.0971 0x0aa8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys

07:56:27.0987 0x0aa8  adpahci - ok

07:56:28.0018 0x0aa8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

07:56:28.0018 0x0aa8  adpu320 - ok

07:56:28.0049 0x0aa8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

07:56:28.0049 0x0aa8  AeLookupSvc - ok

07:56:28.0080 0x0aa8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys

07:56:28.0096 0x0aa8  AFD - ok

07:56:28.0111 0x0aa8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys

07:56:28.0111 0x0aa8  agp440 - ok

07:56:28.0127 0x0aa8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

07:56:28.0127 0x0aa8  ALG - ok

07:56:28.0143 0x0aa8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys

07:56:28.0143 0x0aa8  aliide - ok

07:56:28.0158 0x0aa8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys

07:56:28.0158 0x0aa8  amdide - ok

07:56:28.0158 0x0aa8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

07:56:28.0158 0x0aa8  AmdK8 - ok

07:56:28.0158 0x0aa8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

07:56:28.0158 0x0aa8  AmdPPM - ok

07:56:28.0174 0x0aa8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

07:56:28.0174 0x0aa8  amdsata - ok

07:56:28.0189 0x0aa8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

07:56:28.0189 0x0aa8  amdsbs - ok

07:56:28.0189 0x0aa8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys

07:56:28.0189 0x0aa8  amdxata - ok

07:56:28.0189 0x0aa8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys

07:56:28.0205 0x0aa8  AppID - ok

07:56:28.0205 0x0aa8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

07:56:28.0205 0x0aa8  AppIDSvc - ok

07:56:28.0236 0x0aa8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll

07:56:28.0236 0x0aa8  Appinfo - ok

07:56:28.0267 0x0aa8  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll

07:56:28.0267 0x0aa8  AppMgmt - ok

07:56:28.0283 0x0aa8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys

07:56:28.0283 0x0aa8  arc - ok

07:56:28.0299 0x0aa8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys

07:56:28.0299 0x0aa8  arcsas - ok

07:56:28.0361 0x0aa8  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

07:56:28.0361 0x0aa8  aspnet_state - ok

07:56:28.0392 0x0aa8  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys

07:56:28.0392 0x0aa8  AsrAppCharger - ok

07:56:28.0392 0x0aa8  [ 67C03C21F319647834DAA61704D8A248, A0845AE5B13E1208CDDEB77863AB2D40CA5D1C709AD5B1976C3AC595F7A516D5 ] AsrRamDisk      C:\Windows\system32\DRIVERS\AsrRamDisk.sys

07:56:28.0408 0x0aa8  AsrRamDisk - ok

07:56:28.0408 0x0aa8  [ 30F92A4B666E1E53C418B2D3024FDF6E, 164639CD210201FFEE76E7F63A9484419BF396EA416AAACDECFC501349A790AB ] AsrVDrive       C:\Windows\system32\DRIVERS\AsrVDrive.sys

07:56:28.0408 0x0aa8  AsrVDrive - ok

07:56:28.0423 0x0aa8  [ 8BE618EB795A87DBFD1E09DA63F009C7, 87443A8DB2B4CA4CCA280E0BBB3EAFBD218F7B0B6485C304CAA6B0BFDCBEB3EC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys

07:56:28.0423 0x0aa8  aswMonFlt - ok

07:56:28.0439 0x0aa8  [ D4259F75734EBCC8D815753B09EB2F0A, 93E06432F3E74B4CE606F4BECB80D11580FB72832630164427F36BD62C467103 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys

07:56:28.0455 0x0aa8  aswRdr - ok

07:56:28.0455 0x0aa8  [ 8D4B8BF93C65BDBC133B20706A3B5208, BBCC103F722434DE38FD4D3DF8D543478405E139C5923B0EDFBA80A6C2762AB2 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys

07:56:28.0455 0x0aa8  aswRvrt - ok

07:56:28.0486 0x0aa8  [ AA0D1B47BE967E1E17301DDFB66C432C, 0283A503D9875C7D51288FAD28BC3F44E4637EDBBBFD968E51D4D505E3AE97B1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys

07:56:28.0501 0x0aa8  aswSnx - ok

07:56:28.0517 0x0aa8  [ 15C6B7D20EE0E44A4DF82183A89CCFC2, 8CCE561CF25A6ED686DDD15C6041B29A82EF52247AFAD937EA5ADBA61C6A18AF ] aswSP           C:\Windows\system32\drivers\aswSP.sys

07:56:28.0517 0x0aa8  aswSP - ok

07:56:28.0533 0x0aa8  [ 81FA56F29440406A7264CBD7B1C7CB29, 704FAC64596D949C2F83AEE9E3B235CB3E9240EEF310361691CB213A30341141 ] aswStm          C:\Windows\system32\drivers\aswStm.sys

07:56:28.0533 0x0aa8  aswStm - ok

07:56:28.0533 0x0aa8  [ 0606875650850B0697D662934529F6FC, BC0D7B83888F88966F2DFC0BC26D038290FFBA83079DC7C3B67272557DA3E25D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys

07:56:28.0533 0x0aa8  aswVmm - ok

07:56:28.0548 0x0aa8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

07:56:28.0548 0x0aa8  AsyncMac - ok

07:56:28.0548 0x0aa8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys

07:56:28.0548 0x0aa8  atapi - ok

07:56:28.0564 0x0aa8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

07:56:28.0579 0x0aa8  AudioEndpointBuilder - ok

07:56:28.0595 0x0aa8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

07:56:28.0611 0x0aa8  AudioSrv - ok

07:56:28.0642 0x0aa8  [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

07:56:28.0657 0x0aa8  avast! Antivirus - ok

07:56:28.0657 0x0aa8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll

07:56:28.0673 0x0aa8  AxInstSV - ok

07:56:28.0689 0x0aa8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

07:56:28.0704 0x0aa8  b06bdrv - ok

07:56:28.0720 0x0aa8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

07:56:28.0720 0x0aa8  b57nd60a - ok

07:56:28.0735 0x0aa8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

07:56:28.0735 0x0aa8  BDESVC - ok

07:56:28.0751 0x0aa8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

07:56:28.0751 0x0aa8  Beep - ok

07:56:28.0767 0x0aa8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll

07:56:28.0767 0x0aa8  BFE - ok

07:56:28.0813 0x0aa8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll

07:56:28.0813 0x0aa8  BITS - ok

07:56:28.0829 0x0aa8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

07:56:28.0829 0x0aa8  blbdrive - ok

07:56:28.0845 0x0aa8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

07:56:28.0845 0x0aa8  bowser - ok

07:56:28.0845 0x0aa8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

07:56:28.0860 0x0aa8  BrFiltLo - ok

07:56:28.0860 0x0aa8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

07:56:28.0860 0x0aa8  BrFiltUp - ok

07:56:28.0876 0x0aa8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll

07:56:28.0876 0x0aa8  Browser - ok

07:56:28.0876 0x0aa8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

07:56:28.0876 0x0aa8  Brserid - ok

07:56:28.0891 0x0aa8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

07:56:28.0891 0x0aa8  BrSerWdm - ok

07:56:28.0891 0x0aa8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

07:56:28.0891 0x0aa8  BrUsbMdm - ok

07:56:28.0891 0x0aa8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

07:56:28.0891 0x0aa8  BrUsbSer - ok

07:56:28.0891 0x0aa8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

07:56:28.0891 0x0aa8  BTHMODEM - ok

07:56:28.0907 0x0aa8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

07:56:28.0907 0x0aa8  bthserv - ok

07:56:28.0907 0x0aa8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

07:56:28.0907 0x0aa8  cdfs - ok

07:56:28.0923 0x0aa8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

07:56:28.0923 0x0aa8  cdrom - ok

07:56:28.0938 0x0aa8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll

07:56:28.0938 0x0aa8  CertPropSvc - ok

07:56:28.0938 0x0aa8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys

07:56:28.0938 0x0aa8  circlass - ok

07:56:28.0954 0x0aa8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys

07:56:28.0954 0x0aa8  CLFS - ok

07:56:29.0001 0x0aa8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

07:56:29.0001 0x0aa8  clr_optimization_v2.0.50727_32 - ok

07:56:29.0032 0x0aa8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

07:56:29.0032 0x0aa8  clr_optimization_v2.0.50727_64 - ok

07:56:29.0063 0x0aa8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

07:56:29.0063 0x0aa8  clr_optimization_v4.0.30319_32 - ok

07:56:29.0079 0x0aa8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

07:56:29.0079 0x0aa8  clr_optimization_v4.0.30319_64 - ok

07:56:29.0079 0x0aa8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys

07:56:29.0079 0x0aa8  CmBatt - ok

07:56:29.0110 0x0aa8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

07:56:29.0110 0x0aa8  cmdide - ok

07:56:29.0125 0x0aa8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys

07:56:29.0141 0x0aa8  CNG - ok

07:56:29.0172 0x0aa8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

07:56:29.0172 0x0aa8  Compbatt - ok

07:56:29.0188 0x0aa8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

07:56:29.0188 0x0aa8  CompositeBus - ok

07:56:29.0188 0x0aa8  COMSysApp - ok

07:56:29.0250 0x0aa8  [ 6CB6EBB6B85594D5E4E8941363A6C9C2, FFE10DBE42FD507D677AF1A2FF0EADE1C1F21E13F5F2F39B0C5DB7FF3C5431DB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe

07:56:29.0266 0x0aa8  cphs - ok

07:56:29.0297 0x0aa8  [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys

07:56:29.0297 0x0aa8  cpudrv64 - ok

07:56:29.0313 0x0aa8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

07:56:29.0313 0x0aa8  crcdisk - ok

07:56:29.0328 0x0aa8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll

07:56:29.0344 0x0aa8  CryptSvc - ok

07:56:29.0375 0x0aa8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys

07:56:29.0391 0x0aa8  CSC - ok

07:56:29.0406 0x0aa8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll

07:56:29.0422 0x0aa8  CscService - ok

07:56:29.0453 0x0aa8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll

07:56:29.0453 0x0aa8  DcomLaunch - ok

07:56:29.0484 0x0aa8  [ 7194353A9303E80BA0B22187E559EB13, 80AB8FAD012A712E3658541ACEB66BBBF3518E839E3C32173F6FB0FFA7B699E3 ] DefragFS        C:\Windows\system32\drivers\DefragFS.sys

07:56:29.0484 0x0aa8  DefragFS - ok

07:56:29.0500 0x0aa8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

07:56:29.0515 0x0aa8  defragsvc - ok

07:56:29.0515 0x0aa8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

07:56:29.0515 0x0aa8  DfsC - ok

07:56:29.0531 0x0aa8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

07:56:29.0531 0x0aa8  Dhcp - ok

07:56:29.0547 0x0aa8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

07:56:29.0547 0x0aa8  discache - ok

07:56:29.0547 0x0aa8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys

07:56:29.0547 0x0aa8  Disk - ok

07:56:29.0562 0x0aa8  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys

07:56:29.0562 0x0aa8  dmvsc - ok

07:56:29.0578 0x0aa8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

07:56:29.0578 0x0aa8  Dnscache - ok

07:56:29.0593 0x0aa8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll

07:56:29.0593 0x0aa8  dot3svc - ok

07:56:29.0609 0x0aa8  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys

07:56:29.0609 0x0aa8  Dot4 - ok

07:56:29.0625 0x0aa8  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys

07:56:29.0625 0x0aa8  Dot4Print - ok

07:56:29.0625 0x0aa8  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys

07:56:29.0625 0x0aa8  dot4usb - ok

07:56:29.0640 0x0aa8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll

07:56:29.0640 0x0aa8  DPS - ok

07:56:29.0656 0x0aa8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

07:56:29.0656 0x0aa8  drmkaud - ok

07:56:29.0671 0x0aa8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

07:56:29.0687 0x0aa8  DXGKrnl - ok

07:56:29.0703 0x0aa8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

07:56:29.0703 0x0aa8  EapHost - ok

07:56:29.0781 0x0aa8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys

07:56:29.0812 0x0aa8  ebdrv - ok

07:56:29.0827 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe

07:56:29.0827 0x0aa8  EFS - ok

07:56:29.0890 0x0aa8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

07:56:29.0890 0x0aa8  ehRecvr - ok

07:56:29.0905 0x0aa8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

07:56:29.0905 0x0aa8  ehSched - ok

07:56:29.0921 0x0aa8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

07:56:29.0937 0x0aa8  elxstor - ok

07:56:29.0937 0x0aa8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

07:56:29.0937 0x0aa8  ErrDev - ok

07:56:29.0968 0x0aa8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

07:56:29.0968 0x0aa8  EventSystem - ok

07:56:29.0968 0x0aa8  [ 27CE917868B08E8BC04A3CB0A80A43AE, 9DCFD4FC76412DA85FED64295369501DB7A9DBC50C6FD739336C8772BF57845C ] excfs           C:\Windows\system32\DRIVERS\excfs.sys

07:56:29.0983 0x0aa8  excfs - ok

07:56:29.0983 0x0aa8  [ 535A8B1821071019E074FDA912322225, AC798F7DB8E017E3079C0CABDB9D16D79CB5D7191D2A11E598E0FDCD4A5CDFBF ] excsd           C:\Windows\system32\DRIVERS\excsd.sys

07:56:29.0983 0x0aa8  excsd - ok

07:56:29.0983 0x0aa8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

07:56:29.0983 0x0aa8  exfat - ok

07:56:30.0015 0x0aa8  [ A02DACE3AFB4AFC5A5A71BB6ED2ABB7B, 67BDF9AF4DCC59F4B423277D6B9B3FDC87A435F5C0D7FE51CFDDAE9A34583D79 ] ExpressCache    C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe

07:56:30.0030 0x0aa8  ExpressCache - ok

07:56:30.0046 0x0aa8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

07:56:30.0046 0x0aa8  fastfat - ok

07:56:30.0061 0x0aa8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe

07:56:30.0077 0x0aa8  Fax - ok

07:56:30.0077 0x0aa8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys

07:56:30.0093 0x0aa8  fdc - ok

07:56:30.0093 0x0aa8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

07:56:30.0093 0x0aa8  fdPHost - ok

07:56:30.0093 0x0aa8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

07:56:30.0093 0x0aa8  FDResPub - ok

07:56:30.0108 0x0aa8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

07:56:30.0108 0x0aa8  FileInfo - ok

07:56:30.0108 0x0aa8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

07:56:30.0108 0x0aa8  Filetrace - ok

07:56:30.0108 0x0aa8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

07:56:30.0108 0x0aa8  flpydisk - ok

07:56:30.0124 0x0aa8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

07:56:30.0124 0x0aa8  FltMgr - ok

07:56:30.0139 0x0aa8  [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS

07:56:30.0139 0x0aa8  FNETTBOH_305 - ok

07:56:30.0155 0x0aa8  [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS

07:56:30.0155 0x0aa8  FNETURPX - ok

07:56:30.0186 0x0aa8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll

07:56:30.0217 0x0aa8  FontCache - ok

07:56:30.0233 0x0aa8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

07:56:30.0233 0x0aa8  FontCache3.0.0.0 - ok

07:56:30.0233 0x0aa8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

07:56:30.0233 0x0aa8  FsDepends - ok

07:56:30.0249 0x0aa8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

07:56:30.0249 0x0aa8  Fs_Rec - ok

07:56:30.0264 0x0aa8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

07:56:30.0264 0x0aa8  fvevol - ok

07:56:30.0280 0x0aa8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

07:56:30.0280 0x0aa8  gagp30kx - ok

07:56:30.0311 0x0aa8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll

07:56:30.0327 0x0aa8  gpsvc - ok

07:56:30.0358 0x0aa8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

07:56:30.0358 0x0aa8  gupdate - ok

07:56:30.0358 0x0aa8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

07:56:30.0358 0x0aa8  gupdatem - ok

07:56:30.0358 0x0aa8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

07:56:30.0358 0x0aa8  hcw85cir - ok

07:56:30.0405 0x0aa8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

07:56:30.0405 0x0aa8  HdAudAddService - ok

07:56:30.0405 0x0aa8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

07:56:30.0420 0x0aa8  HDAudBus - ok

07:56:30.0420 0x0aa8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

07:56:30.0420 0x0aa8  HidBatt - ok

07:56:30.0420 0x0aa8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

07:56:30.0420 0x0aa8  HidBth - ok

07:56:30.0420 0x0aa8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys

07:56:30.0420 0x0aa8  HidIr - ok

07:56:30.0436 0x0aa8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll

07:56:30.0436 0x0aa8  hidserv - ok

07:56:30.0451 0x0aa8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys

07:56:30.0451 0x0aa8  HidUsb - ok

07:56:30.0467 0x0aa8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll

07:56:30.0483 0x0aa8  hkmsvc - ok

07:56:30.0483 0x0aa8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

07:56:30.0483 0x0aa8  HomeGroupListener - ok

07:56:30.0498 0x0aa8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

07:56:30.0498 0x0aa8  HomeGroupProvider - ok

07:56:30.0514 0x0aa8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

07:56:30.0514 0x0aa8  HpSAMD - ok

07:56:30.0529 0x0aa8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

07:56:30.0545 0x0aa8  HTTP - ok

07:56:30.0545 0x0aa8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

07:56:30.0545 0x0aa8  hwpolicy - ok

07:56:30.0561 0x0aa8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

07:56:30.0561 0x0aa8  i8042prt - ok

07:56:30.0576 0x0aa8  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys

07:56:30.0592 0x0aa8  iaStorA - ok

07:56:30.0607 0x0aa8  [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

07:56:30.0607 0x0aa8  IAStorDataMgrSvc - ok

07:56:30.0623 0x0aa8  [ 2B38F13E18E272459CD2CE83E6722C12, 58FB127C05FF7399F88F3B53CE4B460A7D3EA739AFCD273C0E687053BBA074D6 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys

07:56:30.0623 0x0aa8  iaStorF - ok

07:56:30.0639 0x0aa8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

07:56:30.0654 0x0aa8  iaStorV - ok

07:56:30.0701 0x0aa8  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

07:56:30.0701 0x0aa8  ICCS - ok

07:56:30.0748 0x0aa8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

07:56:30.0779 0x0aa8  idsvc - ok

07:56:30.0779 0x0aa8  IEEtwCollectorService - ok

07:56:30.0857 0x0aa8  [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys

07:56:30.0904 0x0aa8  igfx - ok

07:56:30.0935 0x0aa8  [ B54E51AF05F883B2282693B4214ED228, 1083DA63D8DF1149644A3BDA0BD8B69C35D98C745E23F5FD9FDD2D9FF5682ABA ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe

07:56:30.0935 0x0aa8  igfxCUIService1.0.0.0 - ok

07:56:30.0951 0x0aa8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

07:56:30.0951 0x0aa8  iirsp - ok

07:56:30.0951 0x0aa8  [ 67999A9D34A0B2479381E7A61AFC37AB, 7A1F72B2AD859345E1F092CE80C269767E4EF9931146B7F01E891EC12CCA684F ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys

07:56:30.0951 0x0aa8  ikbevent - ok

07:56:30.0982 0x0aa8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll

07:56:30.0997 0x0aa8  IKEEXT - ok

07:56:30.0997 0x0aa8  [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4, A7019D2335CB46DCD9ABDB896622254E58AB265EC3D72A92B1C4890D45DEE85F ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys

07:56:30.0997 0x0aa8  imsevent - ok

07:56:31.0107 0x0aa8  [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

07:56:31.0153 0x0aa8  IntcAzAudAddService - ok

07:56:31.0216 0x0aa8  [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys

07:56:31.0216 0x0aa8  IntcDAud - ok

07:56:31.0247 0x0aa8  [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

07:56:31.0263 0x0aa8  Intel® Capability Licensing Service Interface - ok

07:56:31.0278 0x0aa8  [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

07:56:31.0278 0x0aa8  Intel® ME Service - ok

07:56:31.0294 0x0aa8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys

07:56:31.0294 0x0aa8  intelide - ok

07:56:31.0309 0x0aa8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

07:56:31.0309 0x0aa8  intelppm - ok

07:56:31.0309 0x0aa8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

07:56:31.0325 0x0aa8  IPBusEnum - ok

07:56:31.0325 0x0aa8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

07:56:31.0325 0x0aa8  IpFilterDriver - ok

07:56:31.0341 0x0aa8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

07:56:31.0356 0x0aa8  iphlpsvc - ok

07:56:31.0356 0x0aa8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

07:56:31.0356 0x0aa8  IPMIDRV - ok

07:56:31.0356 0x0aa8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

07:56:31.0356 0x0aa8  IPNAT - ok

07:56:31.0356 0x0aa8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

07:56:31.0356 0x0aa8  IRENUM - ok

07:56:31.0372 0x0aa8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

07:56:31.0372 0x0aa8  isapnp - ok

07:56:31.0387 0x0aa8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

07:56:31.0387 0x0aa8  iScsiPrt - ok

07:56:31.0403 0x0aa8  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys

07:56:31.0403 0x0aa8  ISCT - ok

07:56:31.0419 0x0aa8  [ 6F60B7AD044924B8C1E32D692C593612, 93EFBC2EC24E7B4B908010955F1B9A6DC231C7A4B55BE0D2DC6103E2A5457EC6 ] ISCTAgent       C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe

07:56:31.0434 0x0aa8  ISCTAgent - ok

07:56:31.0434 0x0aa8  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys

07:56:31.0434 0x0aa8  iusb3hcs - ok

07:56:31.0450 0x0aa8  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys

07:56:31.0450 0x0aa8  iusb3hub - ok

07:56:31.0481 0x0aa8  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys

07:56:31.0481 0x0aa8  iusb3xhc - ok

07:56:31.0497 0x0aa8  [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

07:56:31.0497 0x0aa8  jhi_service - ok

07:56:31.0512 0x0aa8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

07:56:31.0512 0x0aa8  kbdclass - ok

07:56:31.0512 0x0aa8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

07:56:31.0512 0x0aa8  kbdhid - ok

07:56:31.0528 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe

07:56:31.0528 0x0aa8  KeyIso - ok

07:56:31.0543 0x0aa8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

07:56:31.0543 0x0aa8  KSecDD - ok

07:56:31.0559 0x0aa8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

07:56:31.0559 0x0aa8  KSecPkg - ok

07:56:31.0575 0x0aa8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

07:56:31.0575 0x0aa8  ksthunk - ok

07:56:31.0590 0x0aa8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

07:56:31.0590 0x0aa8  KtmRm - ok

07:56:31.0606 0x0aa8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll

07:56:31.0621 0x0aa8  LanmanServer - ok

07:56:31.0621 0x0aa8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

07:56:31.0637 0x0aa8  LanmanWorkstation - ok

07:56:31.0637 0x0aa8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

07:56:31.0637 0x0aa8  lltdio - ok

07:56:31.0653 0x0aa8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

07:56:31.0668 0x0aa8  lltdsvc - ok

07:56:31.0668 0x0aa8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

07:56:31.0668 0x0aa8  lmhosts - ok

07:56:31.0684 0x0aa8  [ 3974B7CE015A6EEF30DA4ADD5F1203D0, ED776F1C1B1834550F3D45591EB1F0829BBA07F9F7CB73F7FBB0AFDEF8F4411B ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

07:56:31.0684 0x0aa8  LMS - ok

07:56:31.0699 0x0aa8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

07:56:31.0699 0x0aa8  LSI_FC - ok

07:56:31.0715 0x0aa8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

07:56:31.0715 0x0aa8  LSI_SAS - ok

07:56:31.0715 0x0aa8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

07:56:31.0715 0x0aa8  LSI_SAS2 - ok

07:56:31.0715 0x0aa8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

07:56:31.0715 0x0aa8  LSI_SCSI - ok

07:56:31.0715 0x0aa8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

07:56:31.0731 0x0aa8  luafv - ok

07:56:31.0746 0x0aa8  [ 8E4B11C56298C4F01479C2D53222BB24, 5522A6F575BF001D08BA6494F309E50989F1234A3BB41F2EA3399E07C5C4D29C ] LucidSvc        C:\Program Files\Lucidlogix Technologies\VIRTU MVP\LucidSvc.exe

07:56:31.0746 0x0aa8  LucidSvc - ok

07:56:31.0777 0x0aa8  [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

07:56:31.0777 0x0aa8  MBAMProtector - ok

07:56:31.0840 0x0aa8  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

07:56:31.0855 0x0aa8  MBAMScheduler - ok

07:56:31.0887 0x0aa8  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

07:56:31.0902 0x0aa8  MBAMService - ok

07:56:31.0902 0x0aa8  [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

07:56:31.0902 0x0aa8  MBAMWebAccessControl - ok

07:56:31.0902 0x0aa8  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys

07:56:31.0902 0x0aa8  MBfilt - ok

07:56:31.0933 0x0aa8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

07:56:31.0933 0x0aa8  Mcx2Svc - ok

07:56:31.0949 0x0aa8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys

07:56:31.0949 0x0aa8  megasas - ok

07:56:31.0965 0x0aa8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

07:56:31.0965 0x0aa8  MegaSR - ok

07:56:31.0980 0x0aa8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys

07:56:31.0980 0x0aa8  MEIx64 - ok

07:56:31.0980 0x0aa8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

07:56:31.0980 0x0aa8  MMCSS - ok

07:56:31.0996 0x0aa8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

07:56:31.0996 0x0aa8  Modem - ok

07:56:31.0996 0x0aa8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

07:56:31.0996 0x0aa8  monitor - ok

07:56:32.0011 0x0aa8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

07:56:32.0011 0x0aa8  mouclass - ok

07:56:32.0011 0x0aa8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

07:56:32.0011 0x0aa8  mouhid - ok

07:56:32.0011 0x0aa8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

07:56:32.0011 0x0aa8  mountmgr - ok

07:56:32.0027 0x0aa8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys

07:56:32.0027 0x0aa8  mpio - ok

07:56:32.0027 0x0aa8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

07:56:32.0027 0x0aa8  mpsdrv - ok

07:56:32.0043 0x0aa8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll

07:56:32.0058 0x0aa8  MpsSvc - ok

07:56:32.0074 0x0aa8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

07:56:32.0089 0x0aa8  MRxDAV - ok

07:56:32.0089 0x0aa8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

07:56:32.0089 0x0aa8  mrxsmb - ok

07:56:32.0121 0x0aa8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

07:56:32.0121 0x0aa8  mrxsmb10 - ok

07:56:32.0121 0x0aa8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

07:56:32.0121 0x0aa8  mrxsmb20 - ok

07:56:32.0136 0x0aa8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys

07:56:32.0136 0x0aa8  msahci - ok

07:56:32.0152 0x0aa8  [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe

07:56:32.0167 0x0aa8  MSCamSvc - ok

07:56:32.0167 0x0aa8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

07:56:32.0183 0x0aa8  msdsm - ok

07:56:32.0183 0x0aa8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

07:56:32.0199 0x0aa8  MSDTC - ok

07:56:32.0199 0x0aa8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

07:56:32.0199 0x0aa8  Msfs - ok

07:56:32.0214 0x0aa8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

07:56:32.0214 0x0aa8  mshidkmdf - ok

07:56:32.0214 0x0aa8  [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys

07:56:32.0230 0x0aa8  MSHUSBVideo - ok

07:56:32.0230 0x0aa8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

07:56:32.0230 0x0aa8  msisadrv - ok

07:56:32.0230 0x0aa8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

07:56:32.0245 0x0aa8  MSiSCSI - ok

07:56:32.0245 0x0aa8  msiserver - ok

07:56:32.0261 0x0aa8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

07:56:32.0261 0x0aa8  MSKSSRV - ok

07:56:32.0277 0x0aa8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

07:56:32.0277 0x0aa8  MSPCLOCK - ok

07:56:32.0277 0x0aa8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

07:56:32.0277 0x0aa8  MSPQM - ok

07:56:32.0292 0x0aa8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

07:56:32.0308 0x0aa8  MsRPC - ok

07:56:32.0308 0x0aa8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

07:56:32.0308 0x0aa8  mssmbios - ok

07:56:32.0308 0x0aa8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

07:56:32.0308 0x0aa8  MSTEE - ok

07:56:32.0323 0x0aa8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

07:56:32.0323 0x0aa8  MTConfig - ok

07:56:32.0323 0x0aa8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

07:56:32.0323 0x0aa8  Mup - ok

07:56:32.0355 0x0aa8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll

07:56:32.0355 0x0aa8  napagent - ok

07:56:32.0370 0x0aa8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

07:56:32.0370 0x0aa8  NativeWifiP - ok

07:56:32.0401 0x0aa8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys

07:56:32.0417 0x0aa8  NDIS - ok

07:56:32.0417 0x0aa8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

07:56:32.0417 0x0aa8  NdisCap - ok

07:56:32.0433 0x0aa8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

07:56:32.0433 0x0aa8  NdisTapi - ok

07:56:32.0433 0x0aa8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

07:56:32.0433 0x0aa8  Ndisuio - ok

07:56:32.0433 0x0aa8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

07:56:32.0448 0x0aa8  NdisWan - ok

07:56:32.0448 0x0aa8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

07:56:32.0448 0x0aa8  NDProxy - ok

07:56:32.0464 0x0aa8  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

07:56:32.0464 0x0aa8  Net Driver HPZ12 - ok

07:56:32.0464 0x0aa8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

07:56:32.0464 0x0aa8  NetBIOS - ok

07:56:32.0479 0x0aa8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

07:56:32.0479 0x0aa8  NetBT - ok

07:56:32.0495 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe

07:56:32.0495 0x0aa8  Netlogon - ok

07:56:32.0511 0x0aa8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

07:56:32.0511 0x0aa8  Netman - ok

07:56:32.0542 0x0aa8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

07:56:32.0557 0x0aa8  NetMsmqActivator - ok

07:56:32.0557 0x0aa8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

07:56:32.0557 0x0aa8  NetPipeActivator - ok

07:56:32.0589 0x0aa8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

07:56:32.0589 0x0aa8  netprofm - ok

07:56:32.0604 0x0aa8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

07:56:32.0604 0x0aa8  NetTcpActivator - ok

07:56:32.0604 0x0aa8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

07:56:32.0620 0x0aa8  NetTcpPortSharing - ok

07:56:32.0620 0x0aa8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

07:56:32.0620 0x0aa8  nfrd960 - ok

07:56:32.0667 0x0aa8  [ 12844E91585A372CD1C143DBF6C69190, D2397A896551D0DA080B3171901468EF6A1E52F11AC7C18727ABBC97C72B1C0E ] NitroDriverReadSpool9 C:\Program Files (x86)\Nitro\Pro 9\NitroPDFDriverService9x64.exe

07:56:32.0667 0x0aa8  NitroDriverReadSpool9 - ok

07:56:32.0698 0x0aa8  [ AD2F1140F079C467A7F76D0B7C0F8677, 981AF7EDF207DAE928DF6D8A5594BE58445C432A793031CC04856E31E07717C2 ] NitroUpdateService C:\Program Files (x86)\Nitro\Pro 9\Nitro_UpdateService.exe

07:56:32.0713 0x0aa8  NitroUpdateService - ok

07:56:32.0729 0x0aa8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll

07:56:32.0745 0x0aa8  NlaSvc - ok

07:56:32.0791 0x0aa8  [ BC61DCD295A60FACAB575CEBEA03DC17, 8802ABC25FC06789AE856C63C5A3B0F9D4408695CCD6C84E80C29BFDBE710291 ] nlsX86cc        C:\Windows\SysWOW64\NLSSRV32.EXE

07:56:32.0791 0x0aa8  nlsX86cc - ok

07:56:32.0807 0x0aa8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

07:56:32.0807 0x0aa8  Npfs - ok

07:56:32.0823 0x0aa8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

07:56:32.0823 0x0aa8  nsi - ok

07:56:32.0823 0x0aa8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

07:56:32.0823 0x0aa8  nsiproxy - ok

07:56:32.0885 0x0aa8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

07:56:32.0901 0x0aa8  Ntfs - ok

07:56:32.0916 0x0aa8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

07:56:32.0916 0x0aa8  Null - ok

07:56:32.0932 0x0aa8  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys

07:56:32.0932 0x0aa8  NVHDA - ok

07:56:33.0181 0x0aa8  [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

07:56:33.0322 0x0aa8  nvlddmkm - ok

07:56:33.0353 0x0aa8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

07:56:33.0353 0x0aa8  nvraid - ok

07:56:33.0384 0x0aa8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

07:56:33.0384 0x0aa8  nvstor - ok

07:56:33.0415 0x0aa8  [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc           C:\Windows\system32\nvvsvc.exe

07:56:33.0447 0x0aa8  nvsvc - ok

07:56:33.0447 0x0aa8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

07:56:33.0447 0x0aa8  nv_agp - ok

07:56:33.0447 0x0aa8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

07:56:33.0462 0x0aa8  ohci1394 - ok

07:56:33.0478 0x0aa8  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

07:56:33.0478 0x0aa8  ose - ok

07:56:33.0571 0x0aa8  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

07:56:33.0634 0x0aa8  osppsvc - ok

07:56:33.0649 0x0aa8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

07:56:33.0665 0x0aa8  p2pimsvc - ok

07:56:33.0681 0x0aa8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

07:56:33.0681 0x0aa8  p2psvc - ok

07:56:33.0696 0x0aa8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys

07:56:33.0696 0x0aa8  Parport - ok

07:56:33.0712 0x0aa8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

07:56:33.0712 0x0aa8  partmgr - ok

07:56:33.0712 0x0aa8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

07:56:33.0727 0x0aa8  PcaSvc - ok

07:56:33.0727 0x0aa8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

07:56:33.0727 0x0aa8  pci - ok

07:56:33.0759 0x0aa8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

07:56:33.0759 0x0aa8  pciide - ok

07:56:33.0774 0x0aa8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

07:56:33.0774 0x0aa8  pcmcia - ok

07:56:33.0774 0x0aa8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

07:56:33.0774 0x0aa8  pcw - ok

07:56:33.0868 0x0aa8  [ C77DD8658E5DFA4CAD3E8BC624D57DD6, 629E4BF8EB8F48611BB3A7F3D51B1A3F26502649BD71AEA5F86DA4A076FBD67D ] PDAgent         C:\Program Files\Raxco\PerfectDisk\PDAgent.exe

07:56:33.0883 0x0aa8  PDAgent - ok

07:56:33.0977 0x0aa8  [ A5807A41FC0B0BBC4F67F0E5389B21A8, B79B2935B6C993FD7172622CDF076FF8653F8954F2140CE925590F3837122FFE ] PDEngine        C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe

07:56:34.0024 0x0aa8  PDEngine - ok

07:56:34.0024 0x0aa8  [ 9F5E27C8B88A8DA1DC93E93A5C27BB9B, 296516C813F0AFE1BC6B837B213141C0B07F06448F706988990B802FA89D45DC ] PDFSFilter      C:\Windows\system32\DRIVERS\PDFsFilter.sys

07:56:34.0024 0x0aa8  PDFSFilter - ok

07:56:34.0039 0x0aa8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

07:56:34.0055 0x0aa8  PEAUTH - ok

07:56:34.0086 0x0aa8  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

07:56:34.0102 0x0aa8  PeerDistSvc - ok

07:56:34.0133 0x0aa8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

07:56:34.0133 0x0aa8  PerfHost - ok

07:56:34.0164 0x0aa8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

07:56:34.0180 0x0aa8  pla - ok

07:56:34.0227 0x0aa8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

07:56:34.0242 0x0aa8  PlugPlay - ok

07:56:34.0242 0x0aa8  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

07:56:34.0242 0x0aa8  Pml Driver HPZ12 - ok

07:56:34.0258 0x0aa8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

07:56:34.0258 0x0aa8  PNRPAutoReg - ok

07:56:34.0273 0x0aa8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

07:56:34.0289 0x0aa8  PNRPsvc - ok

07:56:34.0305 0x0aa8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

07:56:34.0305 0x0aa8  PolicyAgent - ok

07:56:34.0367 0x0aa8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

07:56:34.0383 0x0aa8  Power - ok

07:56:34.0383 0x0aa8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

07:56:34.0383 0x0aa8  PptpMiniport - ok

07:56:34.0398 0x0aa8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys

07:56:34.0398 0x0aa8  Processor - ok

07:56:34.0414 0x0aa8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll

07:56:34.0414 0x0aa8  ProfSvc - ok

07:56:34.0429 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe

07:56:34.0429 0x0aa8  ProtectedStorage - ok

07:56:34.0445 0x0aa8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

07:56:34.0445 0x0aa8  Psched - ok

07:56:34.0476 0x0aa8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

07:56:34.0492 0x0aa8  ql2300 - ok

07:56:34.0507 0x0aa8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

07:56:34.0507 0x0aa8  ql40xx - ok

07:56:34.0523 0x0aa8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

07:56:34.0539 0x0aa8  QWAVE - ok

07:56:34.0539 0x0aa8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

07:56:34.0554 0x0aa8  QWAVEdrv - ok

07:56:34.0554 0x0aa8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

07:56:34.0554 0x0aa8  RasAcd - ok

07:56:34.0570 0x0aa8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

07:56:34.0570 0x0aa8  RasAgileVpn - ok

07:56:34.0585 0x0aa8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

07:56:34.0585 0x0aa8  RasAuto - ok

07:56:34.0601 0x0aa8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

07:56:34.0601 0x0aa8  Rasl2tp - ok

07:56:34.0632 0x0aa8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

07:56:34.0648 0x0aa8  RasMan - ok

07:56:34.0663 0x0aa8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

07:56:34.0663 0x0aa8  RasPppoe - ok

07:56:34.0663 0x0aa8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

07:56:34.0663 0x0aa8  RasSstp - ok

07:56:34.0695 0x0aa8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

07:56:34.0695 0x0aa8  rdbss - ok

07:56:34.0710 0x0aa8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

07:56:34.0710 0x0aa8  rdpbus - ok

07:56:34.0726 0x0aa8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

07:56:34.0726 0x0aa8  RDPCDD - ok

07:56:34.0726 0x0aa8  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

07:56:34.0741 0x0aa8  RDPDR - ok

07:56:34.0741 0x0aa8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

07:56:34.0741 0x0aa8  RDPENCDD - ok

07:56:34.0741 0x0aa8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

07:56:34.0741 0x0aa8  RDPREFMP - ok

07:56:34.0757 0x0aa8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

07:56:34.0757 0x0aa8  RdpVideoMiniport - ok

07:56:34.0788 0x0aa8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

07:56:34.0788 0x0aa8  RDPWD - ok

07:56:34.0804 0x0aa8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

07:56:34.0804 0x0aa8  rdyboost - ok

07:56:34.0819 0x0aa8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

07:56:34.0819 0x0aa8  RemoteAccess - ok

07:56:34.0835 0x0aa8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

07:56:34.0835 0x0aa8  RemoteRegistry - ok

07:56:34.0851 0x0aa8  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys

07:56:34.0851 0x0aa8  Revoflt - ok

07:56:34.0866 0x0aa8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

07:56:34.0866 0x0aa8  RpcEptMapper - ok

07:56:34.0882 0x0aa8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

07:56:34.0882 0x0aa8  RpcLocator - ok

07:56:34.0897 0x0aa8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

07:56:34.0913 0x0aa8  RpcSs - ok

07:56:34.0913 0x0aa8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

07:56:34.0913 0x0aa8  rspndr - ok

07:56:34.0944 0x0aa8  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

07:56:34.0944 0x0aa8  RTL8167 - ok

07:56:34.0960 0x0aa8  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

07:56:34.0960 0x0aa8  s3cap - ok

07:56:34.0960 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe

07:56:34.0960 0x0aa8  SamSs - ok

07:56:34.0960 0x0aa8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

07:56:34.0975 0x0aa8  sbp2port - ok

07:56:34.0975 0x0aa8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

07:56:34.0991 0x0aa8  SCardSvr - ok

07:56:34.0991 0x0aa8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

07:56:34.0991 0x0aa8  scfilter - ok

07:56:35.0022 0x0aa8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll

07:56:35.0038 0x0aa8  Schedule - ok

07:56:35.0053 0x0aa8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

07:56:35.0053 0x0aa8  SCPolicySvc - ok

07:56:35.0069 0x0aa8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

07:56:35.0069 0x0aa8  SDRSVC - ok

07:56:35.0085 0x0aa8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

07:56:35.0085 0x0aa8  secdrv - ok

07:56:35.0100 0x0aa8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

07:56:35.0100 0x0aa8  seclogon - ok

07:56:35.0116 0x0aa8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

07:56:35.0116 0x0aa8  SENS - ok

07:56:35.0116 0x0aa8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

07:56:35.0116 0x0aa8  SensrSvc - ok

07:56:35.0131 0x0aa8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

07:56:35.0131 0x0aa8  Serenum - ok

07:56:35.0147 0x0aa8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

07:56:35.0147 0x0aa8  Serial - ok

07:56:35.0163 0x0aa8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys

07:56:35.0163 0x0aa8  sermouse - ok

07:56:35.0178 0x0aa8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

07:56:35.0178 0x0aa8  SessionEnv - ok

07:56:35.0178 0x0aa8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

07:56:35.0178 0x0aa8  sffdisk - ok

07:56:35.0194 0x0aa8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

07:56:35.0194 0x0aa8  sffp_mmc - ok

07:56:35.0194 0x0aa8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

07:56:35.0194 0x0aa8  sffp_sd - ok

07:56:35.0194 0x0aa8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

07:56:35.0194 0x0aa8  sfloppy - ok

07:56:35.0225 0x0aa8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

07:56:35.0241 0x0aa8  SharedAccess - ok

07:56:35.0256 0x0aa8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

07:56:35.0272 0x0aa8  ShellHWDetection - ok

07:56:35.0272 0x0aa8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

07:56:35.0272 0x0aa8  SiSRaid2 - ok

07:56:35.0272 0x0aa8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

07:56:35.0272 0x0aa8  SiSRaid4 - ok

07:56:35.0303 0x0aa8  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

07:56:35.0303 0x0aa8  SkypeUpdate - ok

07:56:35.0303 0x0aa8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

07:56:35.0303 0x0aa8  Smb - ok

07:56:35.0319 0x0aa8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

07:56:35.0319 0x0aa8  SNMPTRAP - ok

07:56:35.0334 0x0aa8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

07:56:35.0334 0x0aa8  spldr - ok

07:56:35.0365 0x0aa8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

07:56:35.0381 0x0aa8  Spooler - ok

07:56:35.0443 0x0aa8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

07:56:35.0490 0x0aa8  sppsvc - ok

07:56:35.0506 0x0aa8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

07:56:35.0506 0x0aa8  sppuinotify - ok

07:56:35.0521 0x0aa8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

07:56:35.0537 0x0aa8  srv - ok

07:56:35.0553 0x0aa8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

07:56:35.0553 0x0aa8  srv2 - ok

07:56:35.0568 0x0aa8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

07:56:35.0568 0x0aa8  srvnet - ok

07:56:35.0584 0x0aa8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

07:56:35.0584 0x0aa8  SSDPSRV - ok

07:56:35.0599 0x0aa8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

07:56:35.0599 0x0aa8  SstpSvc - ok

07:56:35.0599 0x0aa8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys

07:56:35.0615 0x0aa8  stexstor - ok

07:56:35.0631 0x0aa8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll

07:56:35.0631 0x0aa8  stisvc - ok

07:56:35.0677 0x0aa8  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

07:56:35.0677 0x0aa8  storflt - ok

07:56:35.0677 0x0aa8  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll

07:56:35.0677 0x0aa8  StorSvc - ok

07:56:35.0693 0x0aa8  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys

07:56:35.0693 0x0aa8  storvsc - ok

07:56:35.0693 0x0aa8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

07:56:35.0693 0x0aa8  swenum - ok

07:56:35.0755 0x0aa8  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

07:56:35.0771 0x0aa8  SwitchBoard - ok

07:56:35.0802 0x0aa8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

07:56:35.0818 0x0aa8  swprv - ok

07:56:35.0849 0x0aa8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll

07:56:35.0880 0x0aa8  SysMain - ok

07:56:35.0896 0x0aa8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

07:56:35.0896 0x0aa8  TabletInputService - ok

07:56:35.0911 0x0aa8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

07:56:35.0927 0x0aa8  TapiSrv - ok

07:56:35.0927 0x0aa8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

07:56:35.0927 0x0aa8  TBS - ok

07:56:35.0974 0x0aa8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

07:56:35.0989 0x0aa8  Tcpip - ok

07:56:36.0021 0x0aa8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

07:56:36.0036 0x0aa8  TCPIP6 - ok

07:56:36.0052 0x0aa8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

07:56:36.0052 0x0aa8  tcpipreg - ok

07:56:36.0067 0x0aa8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

07:56:36.0067 0x0aa8  TDPIPE - ok

07:56:36.0083 0x0aa8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

07:56:36.0083 0x0aa8  TDTCP - ok

07:56:36.0099 0x0aa8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

07:56:36.0114 0x0aa8  tdx - ok

07:56:36.0114 0x0aa8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

07:56:36.0114 0x0aa8  TermDD - ok

07:56:36.0145 0x0aa8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll

07:56:36.0161 0x0aa8  TermService - ok

07:56:36.0177 0x0aa8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

07:56:36.0177 0x0aa8  Themes - ok

07:56:36.0177 0x0aa8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

07:56:36.0192 0x0aa8  THREADORDER - ok

07:56:36.0192 0x0aa8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

07:56:36.0208 0x0aa8  TrkWks - ok

07:56:36.0239 0x0aa8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

07:56:36.0239 0x0aa8  TrustedInstaller - ok

07:56:36.0270 0x0aa8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

07:56:36.0270 0x0aa8  tssecsrv - ok

07:56:36.0301 0x0aa8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

07:56:36.0301 0x0aa8  TsUsbFlt - ok

07:56:36.0317 0x0aa8  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

07:56:36.0333 0x0aa8  TsUsbGD - ok

07:56:36.0348 0x0aa8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

07:56:36.0348 0x0aa8  tunnel - ok

07:56:36.0348 0x0aa8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

07:56:36.0364 0x0aa8  uagp35 - ok

07:56:36.0379 0x0aa8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

07:56:36.0395 0x0aa8  udfs - ok

07:56:36.0411 0x0aa8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

07:56:36.0411 0x0aa8  UI0Detect - ok

07:56:36.0411 0x0aa8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

07:56:36.0426 0x0aa8  uliagpkx - ok

07:56:36.0442 0x0aa8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

07:56:36.0442 0x0aa8  umbus - ok

07:56:36.0442 0x0aa8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys

07:56:36.0442 0x0aa8  UmPass - ok

07:56:36.0473 0x0aa8  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll

07:56:36.0473 0x0aa8  UmRdpService - ok

07:56:36.0535 0x0aa8  [ 1E9A5658E0EBDBC381F52123363F74CB, 62CB592F32BCC10FC9C3AF44941CC473F2F62EEBF829CA383F118650451F8F7E ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

07:56:36.0551 0x0aa8  UNS - ok

07:56:36.0567 0x0aa8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

07:56:36.0582 0x0aa8  upnphost - ok

07:56:36.0598 0x0aa8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

07:56:36.0598 0x0aa8  usbaudio - ok

07:56:36.0613 0x0aa8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

07:56:36.0613 0x0aa8  usbccgp - ok

07:56:36.0629 0x0aa8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys

07:56:36.0629 0x0aa8  usbcir - ok

07:56:36.0645 0x0aa8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys

07:56:36.0645 0x0aa8  usbehci - ok

07:56:36.0645 0x0aa8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

07:56:36.0660 0x0aa8  usbhub - ok

07:56:36.0660 0x0aa8  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

07:56:36.0660 0x0aa8  usbohci - ok

07:56:36.0676 0x0aa8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

07:56:36.0676 0x0aa8  usbprint - ok

07:56:36.0691 0x0aa8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

07:56:36.0691 0x0aa8  usbscan - ok

07:56:36.0707 0x0aa8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

07:56:36.0723 0x0aa8  USBSTOR - ok

07:56:36.0738 0x0aa8  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

07:56:36.0738 0x0aa8  usbuhci - ok

07:56:36.0738 0x0aa8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

07:56:36.0754 0x0aa8  usbvideo - ok

07:56:36.0769 0x0aa8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

07:56:36.0769 0x0aa8  UxSms - ok

07:56:36.0785 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe

07:56:36.0785 0x0aa8  VaultSvc - ok

07:56:36.0801 0x0aa8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

07:56:36.0801 0x0aa8  vdrvroot - ok

07:56:36.0816 0x0aa8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

07:56:36.0832 0x0aa8  vds - ok

07:56:36.0847 0x0aa8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

07:56:36.0847 0x0aa8  vga - ok

07:56:36.0847 0x0aa8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

07:56:36.0847 0x0aa8  VgaSave - ok

07:56:36.0863 0x0aa8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

07:56:36.0863 0x0aa8  vhdmp - ok

07:56:36.0863 0x0aa8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

07:56:36.0863 0x0aa8  viaide - ok

07:56:36.0894 0x0aa8  [ 079F8C7A0EAE7E28933629145F698885, 9DC95450356E97C6DA1772A7154844729FD765D92B2898FEBA3B0C38EF432A10 ] VirtuWDDM       C:\Windows\system32\DRIVERS\VirtuWDDM.sys

07:56:36.0894 0x0aa8  VirtuWDDM - ok

07:56:36.0910 0x0aa8  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys

07:56:36.0910 0x0aa8  vmbus - ok

07:56:36.0925 0x0aa8  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

07:56:36.0925 0x0aa8  VMBusHID - ok

07:56:36.0925 0x0aa8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

07:56:36.0925 0x0aa8  volmgr - ok

07:56:36.0941 0x0aa8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

07:56:36.0941 0x0aa8  volmgrx - ok

07:56:36.0957 0x0aa8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

07:56:36.0957 0x0aa8  volsnap - ok

07:56:36.0972 0x0aa8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

07:56:36.0972 0x0aa8  vsmraid - ok

07:56:37.0003 0x0aa8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

07:56:37.0035 0x0aa8  VSS - ok

07:56:37.0050 0x0aa8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

07:56:37.0050 0x0aa8  vwifibus - ok

07:56:37.0050 0x0aa8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

07:56:37.0066 0x0aa8  W32Time - ok

07:56:37.0066 0x0aa8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

07:56:37.0066 0x0aa8  WacomPen - ok

07:56:37.0081 0x0aa8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

07:56:37.0081 0x0aa8  WANARP - ok

07:56:37.0081 0x0aa8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

07:56:37.0081 0x0aa8  Wanarpv6 - ok

07:56:37.0128 0x0aa8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

07:56:37.0144 0x0aa8  WatAdminSvc - ok

07:56:37.0191 0x0aa8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe

07:56:37.0222 0x0aa8  wbengine - ok

07:56:37.0237 0x0aa8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

07:56:37.0237 0x0aa8  WbioSrvc - ok

07:56:37.0253 0x0aa8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

07:56:37.0269 0x0aa8  wcncsvc - ok

07:56:37.0269 0x0aa8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

07:56:37.0269 0x0aa8  WcsPlugInService - ok

07:56:37.0284 0x0aa8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys

07:56:37.0284 0x0aa8  Wd - ok

07:56:37.0315 0x0aa8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

07:56:37.0315 0x0aa8  Wdf01000 - ok

07:56:37.0331 0x0aa8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

07:56:37.0331 0x0aa8  WdiServiceHost - ok

07:56:37.0331 0x0aa8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

07:56:37.0331 0x0aa8  WdiSystemHost - ok

07:56:37.0362 0x0aa8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll

07:56:37.0362 0x0aa8  WebClient - ok

07:56:37.0378 0x0aa8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

07:56:37.0393 0x0aa8  Wecsvc - ok

07:56:37.0393 0x0aa8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

07:56:37.0393 0x0aa8  wercplsupport - ok

07:56:37.0409 0x0aa8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

07:56:37.0409 0x0aa8  WerSvc - ok

07:56:37.0409 0x0aa8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

07:56:37.0409 0x0aa8  WfpLwf - ok

07:56:37.0425 0x0aa8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

07:56:37.0425 0x0aa8  WIMMount - ok

07:56:37.0425 0x0aa8  WinDefend - ok

07:56:37.0440 0x0aa8  WinHttpAutoProxySvc - ok

07:56:37.0487 0x0aa8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

07:56:37.0487 0x0aa8  Winmgmt - ok

07:56:37.0565 0x0aa8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll

07:56:37.0596 0x0aa8  WinRM - ok

07:56:37.0612 0x0aa8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

07:56:37.0627 0x0aa8  Wlansvc - ok

07:56:37.0643 0x0aa8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

07:56:37.0643 0x0aa8  WmiAcpi - ok

07:56:37.0643 0x0aa8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

07:56:37.0659 0x0aa8  wmiApSrv - ok

07:56:37.0659 0x0aa8  WMPNetworkSvc - ok

07:56:37.0659 0x0aa8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

07:56:37.0674 0x0aa8  WPCSvc - ok

07:56:37.0674 0x0aa8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

07:56:37.0690 0x0aa8  WPDBusEnum - ok

07:56:37.0705 0x0aa8  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys

07:56:37.0705 0x0aa8  WPRO_41_2001 - ok

07:56:37.0705 0x0aa8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

07:56:37.0705 0x0aa8  ws2ifsl - ok

07:56:37.0721 0x0aa8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll

07:56:37.0737 0x0aa8  wscsvc - ok

07:56:37.0737 0x0aa8  WSearch - ok

07:56:37.0799 0x0aa8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll

07:56:37.0830 0x0aa8  wuauserv - ok

07:56:37.0861 0x0aa8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

07:56:37.0861 0x0aa8  WudfPf - ok

07:56:37.0877 0x0aa8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

07:56:37.0877 0x0aa8  WUDFRd - ok

07:56:37.0877 0x0aa8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

07:56:37.0893 0x0aa8  wudfsvc - ok

07:56:37.0908 0x0aa8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll

07:56:37.0924 0x0aa8  WwanSvc - ok

07:56:37.0924 0x0aa8  ================ Scan global ===============================

07:56:37.0939 0x0aa8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

07:56:37.0955 0x0aa8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

07:56:37.0971 0x0aa8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

07:56:37.0986 0x0aa8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

07:56:38.0002 0x0aa8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

07:56:38.0017 0x0aa8  [ Global ] - ok

07:56:38.0017 0x0aa8  ================ Scan MBR ==================================

07:56:38.0033 0x0aa8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

07:56:38.0189 0x0aa8  \Device\Harddisk0\DR0 - ok

07:56:38.0205 0x0aa8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1

07:56:38.0220 0x0aa8  \Device\Harddisk1\DR1 - ok

07:56:38.0236 0x0aa8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2

07:56:38.0251 0x0aa8  \Device\Harddisk2\DR2 - ok

07:56:38.0251 0x0aa8  ================ Scan VBR ==================================

07:56:38.0251 0x0aa8  [ 37593E46109EFD64AC4558BBD7356D38 ] \Device\Harddisk0\DR0\Partition1

07:56:38.0314 0x0aa8  \Device\Harddisk0\DR0\Partition1 - ok

07:56:38.0314 0x0aa8  [ 30BA46CDC20EF2B29CD0A83F0AC88620 ] \Device\Harddisk0\DR0\Partition2

07:56:38.0361 0x0aa8  \Device\Harddisk0\DR0\Partition2 - ok

07:56:38.0361 0x0aa8  [ F76D72248304CFE6927D859FBCA02D4B ] \Device\Harddisk2\DR2\Partition1

07:56:38.0361 0x0aa8  \Device\Harddisk2\DR2\Partition1 - ok

07:56:38.0376 0x0aa8  [ 1857A2B3F51FB5FCDAF6406908769A53 ] \Device\Harddisk2\DR2\Partition2

07:56:38.0376 0x0aa8  \Device\Harddisk2\DR2\Partition2 - ok

07:56:38.0376 0x0aa8  Waiting for KSN requests completion. In queue: 259

07:56:39.0390 0x0aa8  Waiting for KSN requests completion. In queue: 259

07:56:40.0404 0x0aa8  Waiting for KSN requests completion. In queue: 259

07:56:41.0418 0x0aa8  Waiting for KSN requests completion. In queue: 259

07:56:42.0432 0x0aa8  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2016.330 ), 0x41000 ( enabled : updated )

07:56:42.0448 0x0aa8  Win FW state via NFP2: enabled

07:56:45.0287 0x0aa8  ============================================================

07:56:45.0287 0x0aa8  Scan finished

07:56:45.0287 0x0aa8  ============================================================

07:56:45.0287 0x12c0  Detected object count: 0

07:56:45.0287 0x12c0  Actual detected object count: 0

08:02:22.0138 0x13d0  Deinitialize success

 

Link to post
Share on other sites

Hey Falcon, morning ! Both of the root kits are clean ! Some things as you know just can't be explained & this is 1 i wish i had an answer for you ! I do not see anything that would have corrupted the winsock files  ! Ok lets do some clean-up with an OTL fix I wrote !

 

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the customFix.png.  text box of the OTL tool/program ! Start with and include the colon plus  :OTL

:OTLIE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-3913706258-2513946957-3325762992-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SRFF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found[2014/03/29 23:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions[2014/03/29 23:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO1364bit: - gopher Prefix: missingO13 - gopher Prefix: missingO18:64bit: - Protocol\Handler\ms-help - No CLSID value foundO18:64bit: - Protocol\Handler\osf - No CLSID value foundO18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. :Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

# Then click the Run Fix button at the top.
# Click btnOK.png
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

 

 

===================

C:\Users\Behemoth\AppData\Roaming\qBittorrent  <<< I know i don't have to inform you about the use of these P2P programs, so i won't ! ... lol

 

Thank ya !

Chuck

Link to post
Share on other sites

Here is the result of the OTL fix...

 

OTL fix log

 

All processes killed

========== OTL ==========

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-21-3913706258-2513946957-3325762992-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-3913706258-2513946957-3325762992-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} folder moved successfully.

C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions folder moved successfully.

Folder C:\Users\Behemoth\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}\ not found.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.

File Protocol\Handler\ms-help - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\osf\ deleted successfully.

File Protocol\Handler\osf - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.

File Protocol\Handler\skype4com - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

========== COMMANDS ==========

 

[EMPTYJAVA]

 

User: All Users

 

User: Behemoth

 

User: Default

 

User: Default User

 

User: Public

 

Total Java Files Cleaned = 0.00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Behemoth

->Flash cache emptied: 1911 bytes

 

User: Default

->Flash cache emptied: 41620 bytes

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: Public

 

Total Flash Files Cleaned = 0.00 mb

 

 

[EMPTYTEMP]

 

User: All Users

 

User: Behemoth

->Temp folder emptied: 205088326 bytes

->Temporary Internet Files folder emptied: 58928875 bytes

->Google Chrome cache emptied: 351117255 bytes

->Flash cache emptied: 0 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 94656 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 539634 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 587.00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

Restore point Set: OTL Restore Point

 

OTL by OldTimer - Version 3.2.69.0 log created on 04272014_095215

 

Files\Folders moved on Reboot...

C:\Users\Behemoth\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

C:\Users\Behemoth\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully.

File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

File move failed. C:\Windows\temp\NitroUpdateService.slog scheduled to be moved on reboot.

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

 

As for qtBittorrent, it's the only P2P application I have installed. Had intentions for a private file synchronization/backup setup apart from cloud storage, but will work that out when I have more free time on my hands.

Link to post
Share on other sites

Falcon, that did the clean-up in OTL so lets the tools & their data !

 

Clean up with OTL


    Right-click OTL.exe and select " Run as administrator " to run it.
    This will remove all the tools we used to clean your pc.
    Close all other programs apart from OTL as this step will require a reboot
    On the OTL main screen, press the CleanUp! button
    Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools we used if they remain on your Desktop.
 

That about does it for any infections & the clean-up !!

 

Happy Surfing and lets hope the problems are gone !!

 

Later my friend !

Chuck

Link to post
Share on other sites
Guest
This topic is now closed to further replies.