Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with explorer.exe & need help! :)


  • This topic is locked This topic is locked
13 replies to this topic

#1 Inriser

Inriser

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:52 PM

Posted 07 March 2014 - 03:16 PM

Hello everyone, I thank you all for your time and help! You may call me Camilla! To be honest this is the first time I've had such a meanie-head virus; it won't move to chest in Avast!  :whistle:

 

Is it bad that I find this virus infestation experience exciting?

 

-----------------------------------------------------------------------------------

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by VETO at 15:12:54 on 2014-03-07
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.32740.29489 [GMT -5:00]
.
AV: avast! Internet Security *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Internet Security *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
E:\Spybot\SDFSSvc.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
E:\Spybot\SDWSCSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
E:\Photoshop\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com
uSearch Bar = hxxp://www.bing.com
uProxyOverride = <local>;*.local
uSearchAssistant = about:blank
mWinlogon: Userinit = userinit.exe
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Akamai NetSession Interface] "C:\Users\VETO\AppData\Local\Akamai\netsession_win.exe"
uRun: [HP Photosmart 7520 series (NET)] "C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN34U4915805YZ:NW" -scfn "HP Photosmart 7520 series (NET)" -AutoStart 1
uRun: [CAHeadless] E:\Photoshop\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
uRun: [Spybot-S&D Cleaning] "E:\Spybot\SDCleaner.exe" /autoclean
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [SDTray] "E:\Spybot\SDTray.exe"
mRun: [iTunesHelper] "E:\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\VETO\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
StartupFolder: C:\Users\VETO\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} - hxxp://labo.erinn.biz/cs/mabiweb.2012.04.25.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{473CEC9B-13C8-465F-B297-686F34C9C961} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C8B9E112-3D76-4C40-8E3A-342B6CBB1A83} : DHCPNameServer = 192.168.1.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [SaiVolume] C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe
x64-Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
x64-Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-20 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-20 207904]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-12-7 56336]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-1-16 28184]
R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswndisflt.sys [2013-3-20 440672]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-1-16 1038072]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-1-16 421704]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-8-15 45856]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\System32\drivers\HWiNFO64A.SYS [2013-7-15 31136]
R2 AdobeActiveFileMonitor12.0;Adobe Active File Monitor V12;E:\Photoshop\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [2013-9-25 181152]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-16 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-20 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-2-20 113704]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-6-5 190824]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-8 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-7-30 16939296]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-20 1907896]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;E:\Spybot\SDFSSvc.exe [2014-1-7 3921880]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;E:\Spybot\SDWSCSvc.exe [2014-1-7 171416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-2-19 411936]
R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [2013-8-18 1643184]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-7 80184]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2012-9-18 78648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2012-9-18 15160]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-24 39200]
R3 SaiK8014;SaiK8014;C:\Windows\System32\drivers\SaiK8014.sys [2010-7-27 174600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;E:\Spybot\SDUpdSvc.exe [2014-1-7 1042272]
S3 AE3000;Linksys AE3000 Driver;C:\Windows\System32\drivers\AE3000w764.sys [2012-3-2 1717824]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-15 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-16 1255736]
.
=============== Created Last 30 ================
.
2014-03-07 18:52:14 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E28B56C0-374D-4E74-9E82-6D8564145443}\mpengine.dll
2014-03-05 21:31:48 -------- d-----w- C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2014-03-05 21:31:43 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-03-01 19:52:37 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 19:52:37 -------- d-----w- C:\Program Files\iTunes
2014-03-01 19:52:37 -------- d-----w- C:\Program Files\iPod
2014-02-19 23:41:00 599840 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-02-15 20:20:52 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-12 21:06:59 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-05 22:08:18 -------- d-----w- C:\ProgramData\Logs
.
==================== Find3M  ====================
.
2014-02-21 13:21:37 440672 ----a-w- C:\Windows\System32\drivers\aswndisflt.sys
2014-02-21 01:20:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 01:20:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-20 19:12:01 80184 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-02-20 19:12:01 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-02-20 19:12:01 43152 ----a-w- C:\Windows\avastSS.scr
2014-02-20 19:12:01 1038072 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-02-08 17:42:36 6712608 ----a-w- C:\Windows\System32\nvcpl.dll
2014-02-08 17:42:36 3498272 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-02-08 17:42:33 923936 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-02-08 17:42:32 63776 ----a-w- C:\Windows\System32\nvshext.dll
2014-02-08 17:42:32 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-05 17:52:50 3573739 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-01-30 01:20:05 332288 ----a-w- C:\Windows\System32\uxtheme.dll
2014-01-30 01:20:03 2851840 ----a-w- C:\Windows\System32\themeui.dll
2014-01-30 01:20:01 44544 ----a-w- C:\Windows\System32\themeservice.dll
2014-01-21 02:53:40 1048152 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-01-21 02:53:29 1179576 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-01-16 20:00:07 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-01-16 19:59:16 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-08 02:28:41 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-12-27 18:42:26 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-27 18:42:16 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-12-27 18:42:16 33056 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-19 20:33:31 1884448 ----a-w- C:\Windows\System32\nvdispco6433221.dll
2013-12-19 20:33:31 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433221.dll
2013-12-18 11:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-08 03:17:42 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-12-08 03:17:42 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-12-08 03:17:40 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
.
============= FINISH: 15:13:01.63 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:52 AM

Posted 07 March 2014 - 03:32 PM

Hello Camilla and welcome!
 

it won't move to chest in Avast!

Can you please post up a log that shows what avast has found?
 

Is it bad that I find this virus infestation experience exciting?

No, as long as you are not intentionally trying to recreate this exciting experience over and over again.. :lol:

Please run the following scans:


Step 1

Please download TDSSKiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters.
  • Make sure that all available options (except "Loaded modules") are checked and click OK.
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.

 

 

 

Step 2

Please download Farbar Recovery Scan Tool and save it to your Desktop.

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 Inriser

Inriser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:52 PM

Posted 07 March 2014 - 04:10 PM

Weee~ Fast reply :o 

 

I love you!

 

Avast----------------------------------------------

 

I have attached a picture as logs is being a poopy head.

 

vfjp1t.jpg

=================================

 

TDSSKILLER-------------------------------------

15:36:26.0607 0x0878  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
15:36:32.0771 0x0878  ============================================================
15:36:32.0771 0x0878  Current date / time: 2014/03/07 15:36:32.0771
15:36:32.0771 0x0878  SystemInfo:
15:36:32.0771 0x0878  
15:36:32.0771 0x0878  OS Version: 6.1.7601 ServicePack: 1.0
15:36:32.0771 0x0878  Product type: Workstation
15:36:32.0771 0x0878  ComputerName: PRIME
15:36:32.0771 0x0878  UserName: VETO
15:36:32.0771 0x0878  Windows directory: C:\Windows
15:36:32.0771 0x0878  System windows directory: C:\Windows
15:36:32.0771 0x0878  Running under WOW64
15:36:32.0771 0x0878  Processor architecture: Intel x64
15:36:32.0771 0x0878  Number of processors: 12
15:36:32.0772 0x0878  Page size: 0x1000
15:36:32.0772 0x0878  Boot type: Normal boot
15:36:32.0772 0x0878  ============================================================
15:36:32.0822 0x0878  KLMD registered as C:\Windows\system32\drivers\11106675.sys
15:36:32.0859 0x0878  System UUID: {CBBAEE1F-B3AF-DD11-FFDC-D64888F295A1}
15:36:33.0089 0x0878  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:36:33.0097 0x0878  Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:36:33.0120 0x0878  ============================================================
15:36:33.0120 0x0878  \Device\Harddisk0\DR0:
15:36:33.0121 0x0878  MBR partitions:
15:36:33.0121 0x0878  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:36:33.0121 0x0878  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
15:36:33.0121 0x0878  \Device\Harddisk1\DR1:
15:36:33.0121 0x0878  GPT partitions:
15:36:33.0121 0x0878  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D3EEB4A6-85BE-4D81-AED1-EC94C53B184A}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
15:36:33.0121 0x0878  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {58D70C18-954A-4EF3-A7FA-7EE61B64CA94}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
15:36:33.0121 0x0878  MBR partitions:
15:36:33.0121 0x0878  ============================================================
15:36:33.0123 0x0878  C: <-> \Device\Harddisk0\DR0\Partition2
15:36:33.0144 0x0878  E: <-> \Device\Harddisk1\DR1\Partition2
15:36:33.0144 0x0878  ============================================================
15:36:33.0144 0x0878  Initialize success
15:36:33.0144 0x0878  ============================================================
15:36:54.0352 0x0e44  ============================================================
15:36:54.0352 0x0e44  Scan started
15:36:54.0352 0x0e44  Mode: Manual; SigCheck; TDLFS; 
15:36:54.0352 0x0e44  ============================================================
15:36:54.0352 0x0e44  KSN ping started
15:36:56.0908 0x0e44  KSN ping finished: true
15:36:57.0105 0x0e44  ================ Scan system memory ========================
15:36:57.0105 0x0e44  System memory - ok
15:36:57.0106 0x0e44  ================ Scan services =============================
15:36:57.0144 0x0e44  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:36:57.0182 0x0e44  1394ohci - ok
15:36:57.0193 0x0e44  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:36:57.0206 0x0e44  ACPI - ok
15:36:57.0208 0x0e44  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:36:57.0219 0x0e44  AcpiPmi - ok
15:36:57.0253 0x0e44  [ 430C19CB511FD6E0DDCD44B42B1810DA, 2EE9FFB0B6DEC653327D8932EC731D81FF86C64A67CD37AABD2022CF04AA487C ] AdobeActiveFileMonitor12.0 E:\Photoshop\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
15:36:57.0263 0x0e44  AdobeActiveFileMonitor12.0 - ok
15:36:57.0268 0x0e44  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:36:57.0276 0x0e44  AdobeARMservice - ok
15:36:57.0304 0x0e44  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:36:57.0314 0x0e44  AdobeFlashPlayerUpdateSvc - ok
15:36:57.0326 0x0e44  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:36:57.0341 0x0e44  adp94xx - ok
15:36:57.0351 0x0e44  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:36:57.0363 0x0e44  adpahci - ok
15:36:57.0368 0x0e44  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:36:57.0378 0x0e44  adpu320 - ok
15:36:57.0412 0x0e44  [ BB6F577A7BB95B5CD3A7BBECB104C100, CF190904058175D9552355B5E07075D8E74FEEE0AB101AB53109805132FE73BC ] AE3000          C:\Windows\system32\DRIVERS\AE3000w764.sys
15:36:57.0446 0x0e44  AE3000 - ok
15:36:57.0450 0x0e44  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:36:57.0474 0x0e44  AeLookupSvc - ok
15:36:57.0485 0x0e44  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
15:36:57.0504 0x0e44  AFD - ok
15:36:57.0508 0x0e44  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:36:57.0515 0x0e44  agp440 - ok
15:36:57.0519 0x0e44  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:36:57.0529 0x0e44  ALG - ok
15:36:57.0531 0x0e44  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:36:57.0538 0x0e44  aliide - ok
15:36:57.0544 0x0e44  ALSysIO - ok
15:36:57.0546 0x0e44  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:36:57.0553 0x0e44  amdide - ok
15:36:57.0557 0x0e44  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:36:57.0567 0x0e44  AmdK8 - ok
15:36:57.0570 0x0e44  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:36:57.0579 0x0e44  AmdPPM - ok
15:36:57.0583 0x0e44  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:36:57.0591 0x0e44  amdsata - ok
15:36:57.0597 0x0e44  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:36:57.0607 0x0e44  amdsbs - ok
15:36:57.0609 0x0e44  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:36:57.0616 0x0e44  amdxata - ok
15:36:57.0619 0x0e44  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:36:57.0642 0x0e44  AppID - ok
15:36:57.0645 0x0e44  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:36:57.0668 0x0e44  AppIDSvc - ok
15:36:57.0671 0x0e44  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:36:57.0682 0x0e44  Appinfo - ok
15:36:57.0690 0x0e44  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:36:57.0697 0x0e44  Apple Mobile Device - ok
15:36:57.0706 0x0e44  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:36:57.0718 0x0e44  AppMgmt - ok
15:36:57.0723 0x0e44  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:36:57.0731 0x0e44  arc - ok
15:36:57.0734 0x0e44  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:36:57.0743 0x0e44  arcsas - ok
15:36:57.0747 0x0e44  [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
15:36:57.0763 0x0e44  asmthub3 - ok
15:36:57.0772 0x0e44  [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
15:36:57.0789 0x0e44  asmtxhci - ok
15:36:57.0801 0x0e44  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:36:57.0810 0x0e44  aspnet_state - ok
15:36:57.0813 0x0e44  [ 57483E691D635510533E081EC4CB81EC, 5A963D1A51EAE53271820824522DD0372789035FEC8EEDA7B03A5049E0F85AF8 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
15:36:57.0820 0x0e44  aswKbd - ok
15:36:57.0826 0x0e44  [ 0ACC3F49015E628590CA4372322EB46B, EB4E22EB4E840261168AF750E878E7A28CC080A89CEF77B5037C2897C40D1DE3 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:36:57.0833 0x0e44  aswMonFlt - ok
15:36:57.0843 0x0e44  [ 7F6904FC2E5EDD0F3B944EAB4AFE073C, F6305E6018230191B7AD17408E368AC1D3D1039D32D8BE298CC3078A7C845A2F ] aswNdisFlt      C:\Windows\system32\DRIVERS\aswNdisFlt.sys
15:36:57.0856 0x0e44  aswNdisFlt - ok
15:36:57.0861 0x0e44  [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
15:36:57.0868 0x0e44  aswRdr - ok
15:36:57.0875 0x0e44  [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:36:57.0882 0x0e44  aswRvrt - ok
15:36:57.0906 0x0e44  [ 43599E630DFC30AD4E6A2B4B269EB1C0, DA6C7FDC1F6A57117B17F697A94190CC0BB9E32B8CBB4F8C042AA461361CC74C ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:36:57.0931 0x0e44  aswSnx - ok
15:36:57.0941 0x0e44  [ F22DE5F5BA8ADA0A861441B624B51EB5, 58EF9FB3328B6B470F3652DBCE8ACEDAEE6839AC393889A02052298CA204689B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:36:57.0954 0x0e44  aswSP - ok
15:36:57.0958 0x0e44  [ FD3EA14ADF6216BDF4030DB2EFD43D96, 2D3009008AAE93285301B5844DC214D6B05ECB05D37AE08895D8E7187A0BB619 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
15:36:57.0966 0x0e44  aswStm - ok
15:36:57.0971 0x0e44  [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:36:57.0981 0x0e44  aswVmm - ok
15:36:57.0985 0x0e44  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:36:58.0009 0x0e44  AsyncMac - ok
15:36:58.0012 0x0e44  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:36:58.0019 0x0e44  atapi - ok
15:36:58.0032 0x0e44  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:36:58.0067 0x0e44  AudioEndpointBuilder - ok
15:36:58.0081 0x0e44  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:36:58.0117 0x0e44  AudioSrv - ok
15:36:58.0125 0x0e44  [ CC42F104172B4A62793083D380867317, 0B09823419B328E29EB9FFBD033B3295590E414F31E7B37F11F62BD4B7EBAF06 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:36:58.0132 0x0e44  avast! Antivirus - ok
15:36:58.0138 0x0e44  [ 3B5DA02DEA6910A709F19180746FF0CE, A97CD150692171663FE15B2BFAC8176C657C4D99232E17BD3ABA6ED1D65259E3 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
15:36:58.0146 0x0e44  avast! Firewall - ok
15:36:58.0153 0x0e44  [ 5E20DDCD957E55270C804BC00CD188E5, 417319DD7408205E8BA8CF46648C45AC99A17E12D56985D52850D5918DAD21F1 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
15:36:58.0160 0x0e44  avgtp - ok
15:36:58.0164 0x0e44  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:36:58.0179 0x0e44  AxInstSV - ok
15:36:58.0189 0x0e44  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:36:58.0206 0x0e44  b06bdrv - ok
15:36:58.0213 0x0e44  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:36:58.0227 0x0e44  b57nd60a - ok
15:36:58.0232 0x0e44  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:36:58.0242 0x0e44  BDESVC - ok
15:36:58.0244 0x0e44  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:36:58.0267 0x0e44  Beep - ok
15:36:58.0282 0x0e44  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:36:58.0304 0x0e44  BFE - ok
15:36:58.0322 0x0e44  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:36:58.0362 0x0e44  BITS - ok
15:36:58.0366 0x0e44  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:36:58.0375 0x0e44  blbdrive - ok
15:36:58.0385 0x0e44  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:36:58.0399 0x0e44  Bonjour Service - ok
15:36:58.0403 0x0e44  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:36:58.0413 0x0e44  bowser - ok
15:36:58.0416 0x0e44  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:36:58.0426 0x0e44  BrFiltLo - ok
15:36:58.0429 0x0e44  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:36:58.0438 0x0e44  BrFiltUp - ok
15:36:58.0442 0x0e44  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:36:58.0454 0x0e44  Browser - ok
15:36:58.0461 0x0e44  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:36:58.0475 0x0e44  Brserid - ok
15:36:58.0478 0x0e44  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:36:58.0489 0x0e44  BrSerWdm - ok
15:36:58.0492 0x0e44  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:36:58.0502 0x0e44  BrUsbMdm - ok
15:36:58.0504 0x0e44  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:36:58.0513 0x0e44  BrUsbSer - ok
15:36:58.0516 0x0e44  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:36:58.0527 0x0e44  BTHMODEM - ok
15:36:58.0532 0x0e44  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:36:58.0555 0x0e44  bthserv - ok
15:36:58.0559 0x0e44  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:36:58.0583 0x0e44  cdfs - ok
15:36:58.0588 0x0e44  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:36:58.0599 0x0e44  cdrom - ok
15:36:58.0602 0x0e44  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:36:58.0626 0x0e44  CertPropSvc - ok
15:36:58.0629 0x0e44  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:36:58.0641 0x0e44  circlass - ok
15:36:58.0649 0x0e44  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:36:58.0662 0x0e44  CLFS - ok
15:36:58.0667 0x0e44  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:36:58.0675 0x0e44  clr_optimization_v2.0.50727_32 - ok
15:36:58.0680 0x0e44  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:36:58.0688 0x0e44  clr_optimization_v2.0.50727_64 - ok
15:36:58.0697 0x0e44  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:36:58.0706 0x0e44  clr_optimization_v4.0.30319_32 - ok
15:36:58.0710 0x0e44  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:36:58.0720 0x0e44  clr_optimization_v4.0.30319_64 - ok
15:36:58.0722 0x0e44  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:36:58.0731 0x0e44  CmBatt - ok
15:36:58.0734 0x0e44  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:36:58.0741 0x0e44  cmdide - ok
15:36:58.0751 0x0e44  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:36:58.0770 0x0e44  CNG - ok
15:36:58.0773 0x0e44  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:36:58.0780 0x0e44  Compbatt - ok
15:36:58.0783 0x0e44  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:36:58.0793 0x0e44  CompositeBus - ok
15:36:58.0795 0x0e44  COMSysApp - ok
15:36:58.0798 0x0e44  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:36:58.0805 0x0e44  crcdisk - ok
15:36:58.0811 0x0e44  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:36:58.0823 0x0e44  CryptSvc - ok
15:36:58.0834 0x0e44  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:36:58.0854 0x0e44  CSC - ok
15:36:58.0868 0x0e44  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:36:58.0892 0x0e44  CscService - ok
15:36:58.0906 0x0e44  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:36:58.0939 0x0e44  DcomLaunch - ok
15:36:58.0951 0x0e44  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:36:58.0979 0x0e44  defragsvc - ok
15:36:58.0983 0x0e44  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:36:59.0007 0x0e44  DfsC - ok
15:36:59.0017 0x0e44  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:36:59.0032 0x0e44  Dhcp - ok
15:36:59.0034 0x0e44  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:36:59.0057 0x0e44  discache - ok
15:36:59.0060 0x0e44  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:36:59.0068 0x0e44  Disk - ok
15:36:59.0072 0x0e44  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
15:36:59.0083 0x0e44  dmvsc - ok
15:36:59.0088 0x0e44  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:36:59.0100 0x0e44  Dnscache - ok
15:36:59.0108 0x0e44  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:36:59.0134 0x0e44  dot3svc - ok
15:36:59.0139 0x0e44  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:36:59.0164 0x0e44  DPS - ok
15:36:59.0167 0x0e44  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:36:59.0175 0x0e44  drmkaud - ok
15:36:59.0194 0x0e44  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:36:59.0217 0x0e44  DXGKrnl - ok
15:36:59.0229 0x0e44  [ E53D32044F4A03D64D6C91CF0A22A77E, 091B8A765F53785B543A1D79124C9DEBAAAFE07FC4067BC942C445218FFD3322 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
15:36:59.0243 0x0e44  e1cexpress - ok
15:36:59.0245 0x0e44  EagleX64 - ok
15:36:59.0250 0x0e44  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:36:59.0275 0x0e44  EapHost - ok
15:36:59.0336 0x0e44  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:36:59.0407 0x0e44  ebdrv - ok
15:36:59.0411 0x0e44  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
15:36:59.0421 0x0e44  EFS - ok
15:36:59.0435 0x0e44  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:36:59.0460 0x0e44  ehRecvr - ok
15:36:59.0465 0x0e44  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:36:59.0476 0x0e44  ehSched - ok
15:36:59.0489 0x0e44  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:36:59.0504 0x0e44  elxstor - ok
15:36:59.0506 0x0e44  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:36:59.0515 0x0e44  ErrDev - ok
15:36:59.0528 0x0e44  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:36:59.0559 0x0e44  EventSystem - ok
15:36:59.0564 0x0e44  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:36:59.0590 0x0e44  exfat - ok
15:36:59.0596 0x0e44  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:36:59.0622 0x0e44  fastfat - ok
15:36:59.0639 0x0e44  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:36:59.0661 0x0e44  Fax - ok
15:36:59.0664 0x0e44  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:36:59.0673 0x0e44  fdc - ok
15:36:59.0675 0x0e44  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:36:59.0698 0x0e44  fdPHost - ok
15:36:59.0701 0x0e44  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:36:59.0725 0x0e44  FDResPub - ok
15:36:59.0728 0x0e44  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:36:59.0735 0x0e44  FileInfo - ok
15:36:59.0738 0x0e44  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:36:59.0760 0x0e44  Filetrace - ok
15:36:59.0763 0x0e44  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:36:59.0772 0x0e44  flpydisk - ok
15:36:59.0778 0x0e44  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:36:59.0790 0x0e44  FltMgr - ok
15:36:59.0813 0x0e44  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:36:59.0847 0x0e44  FontCache - ok
15:36:59.0851 0x0e44  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:36:59.0858 0x0e44  FontCache3.0.0.0 - ok
15:36:59.0861 0x0e44  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:36:59.0868 0x0e44  FsDepends - ok
15:36:59.0870 0x0e44  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:36:59.0877 0x0e44  Fs_Rec - ok
15:36:59.0883 0x0e44  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:36:59.0897 0x0e44  fvevol - ok
15:36:59.0900 0x0e44  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:36:59.0907 0x0e44  gagp30kx - ok
15:36:59.0911 0x0e44  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:36:59.0916 0x0e44  GEARAspiWDM - ok
15:36:59.0934 0x0e44  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:36:59.0971 0x0e44  gpsvc - ok
15:36:59.0976 0x0e44  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:36:59.0983 0x0e44  gupdate - ok
15:36:59.0987 0x0e44  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:36:59.0994 0x0e44  gupdatem - ok
15:36:59.0996 0x0e44  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:37:00.0005 0x0e44  hcw85cir - ok
15:37:00.0015 0x0e44  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:37:00.0032 0x0e44  HdAudAddService - ok
15:37:00.0037 0x0e44  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:37:00.0050 0x0e44  HDAudBus - ok
15:37:00.0052 0x0e44  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:37:00.0062 0x0e44  HidBatt - ok
15:37:00.0066 0x0e44  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:37:00.0078 0x0e44  HidBth - ok
15:37:00.0082 0x0e44  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:37:00.0092 0x0e44  HidIr - ok
15:37:00.0095 0x0e44  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:37:00.0119 0x0e44  hidserv - ok
15:37:00.0121 0x0e44  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:37:00.0129 0x0e44  HidUsb - ok
15:37:00.0133 0x0e44  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:37:00.0157 0x0e44  hkmsvc - ok
15:37:00.0163 0x0e44  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:37:00.0177 0x0e44  HomeGroupListener - ok
15:37:00.0182 0x0e44  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:37:00.0196 0x0e44  HomeGroupProvider - ok
15:37:00.0200 0x0e44  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:37:00.0208 0x0e44  HpSAMD - ok
15:37:00.0213 0x0e44  HPSLPSVC - ok
15:37:00.0228 0x0e44  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:37:00.0265 0x0e44  HTTP - ok
15:37:00.0270 0x0e44  [ C4C1F6BF857854AE08A7B4373AFF36B6, 727959B60D73CE5BC0DCB75F18AF6A246AD9D7504095F4CDBC6A512662BE1843 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
15:37:00.0276 0x0e44  HWiNFO32 - ok
15:37:00.0278 0x0e44  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:37:00.0285 0x0e44  hwpolicy - ok
15:37:00.0289 0x0e44  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:37:00.0299 0x0e44  i8042prt - ok
15:37:00.0308 0x0e44  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:37:00.0323 0x0e44  iaStorV - ok
15:37:00.0341 0x0e44  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:37:00.0361 0x0e44  idsvc - ok
15:37:00.0365 0x0e44  IEEtwCollectorService - ok
15:37:00.0368 0x0e44  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:37:00.0376 0x0e44  iirsp - ok
15:37:00.0392 0x0e44  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:37:00.0420 0x0e44  IKEEXT - ok
15:37:00.0495 0x0e44  [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:37:00.0568 0x0e44  IntcAzAudAddService - ok
15:37:00.0576 0x0e44  [ A53C54D81C726BEB508F0005F445C4A0, 81CA5BFB192D4F6C5807BDB4DD07BD726E48CFBB33F60BACD055AA23959DD33D ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
15:37:00.0587 0x0e44  Intel® PROSet Monitoring Service - ok
15:37:00.0589 0x0e44  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:37:00.0597 0x0e44  intelide - ok
15:37:00.0601 0x0e44  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:37:00.0611 0x0e44  intelppm - ok
15:37:00.0615 0x0e44  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:37:00.0641 0x0e44  IPBusEnum - ok
15:37:00.0644 0x0e44  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:37:00.0667 0x0e44  IpFilterDriver - ok
15:37:00.0679 0x0e44  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:37:00.0700 0x0e44  iphlpsvc - ok
15:37:00.0704 0x0e44  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:37:00.0714 0x0e44  IPMIDRV - ok
15:37:00.0718 0x0e44  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:37:00.0742 0x0e44  IPNAT - ok
15:37:00.0757 0x0e44  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:37:00.0775 0x0e44  iPod Service - ok
15:37:00.0778 0x0e44  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:37:00.0789 0x0e44  IRENUM - ok
15:37:00.0791 0x0e44  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:37:00.0799 0x0e44  isapnp - ok
15:37:00.0805 0x0e44  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:37:00.0816 0x0e44  iScsiPrt - ok
15:37:00.0819 0x0e44  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:37:00.0827 0x0e44  kbdclass - ok
15:37:00.0829 0x0e44  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:37:00.0839 0x0e44  kbdhid - ok
15:37:00.0841 0x0e44  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
15:37:00.0850 0x0e44  KeyIso - ok
15:37:00.0854 0x0e44  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:37:00.0863 0x0e44  KSecDD - ok
15:37:00.0867 0x0e44  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:37:00.0876 0x0e44  KSecPkg - ok
15:37:00.0879 0x0e44  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:37:00.0902 0x0e44  ksthunk - ok
15:37:00.0910 0x0e44  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:37:00.0941 0x0e44  KtmRm - ok
15:37:00.0947 0x0e44  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:37:00.0975 0x0e44  LanmanServer - ok
15:37:00.0980 0x0e44  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:37:01.0006 0x0e44  LanmanWorkstation - ok
15:37:01.0016 0x0e44  [ 95EC0CB52692894E050CFC3573ABC3B2, C592D9534BD7F197FE736E3909F4328801642B3E3B403EFE0F309C466AC11310 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:37:01.0029 0x0e44  LBTServ - ok
15:37:01.0033 0x0e44  [ 4838EA42D5BBE1CA6BEE9BBA35E8D2E5, C488363A9416E47FED103C052DDA8CF6B3A82564E6A986BD3B945B40813AC7AA ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
15:37:01.0040 0x0e44  LEqdUsb - ok
15:37:01.0043 0x0e44  [ 6F63F8A7FF6D4671973619BCF821B2F5, 70387D45A76623710A03442BDF73BCC584F74BD67A0B7E76C1C848B55136ED60 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
15:37:01.0049 0x0e44  LHidEqd - ok
15:37:01.0052 0x0e44  [ E536A1D8502D0CA79B928CAB9EAEB807, B23B461FB1488DC9557946A1C08D1F1B9731F44D80DBC8270A94E21B3742CB06 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:37:01.0059 0x0e44  LHidFilt - ok
15:37:01.0062 0x0e44  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:37:01.0085 0x0e44  lltdio - ok
15:37:01.0093 0x0e44  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:37:01.0122 0x0e44  lltdsvc - ok
15:37:01.0125 0x0e44  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:37:01.0149 0x0e44  lmhosts - ok
15:37:01.0152 0x0e44  [ 2E6D0110DACC769AE478ADE6C2572E37, 7135B25486EED41E17E25333E5CED03555F1D473640259E69570115B3BAF92C9 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:37:01.0161 0x0e44  LMouFilt - ok
15:37:01.0167 0x0e44  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:37:01.0179 0x0e44  LSI_FC - ok
15:37:01.0184 0x0e44  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:37:01.0196 0x0e44  LSI_SAS - ok
15:37:01.0200 0x0e44  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:37:01.0210 0x0e44  LSI_SAS2 - ok
15:37:01.0243 0x0e44  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:37:01.0252 0x0e44  LSI_SCSI - ok
15:37:01.0256 0x0e44  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:37:01.0280 0x0e44  luafv - ok
15:37:01.0284 0x0e44  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:37:01.0296 0x0e44  Mcx2Svc - ok
15:37:01.0299 0x0e44  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:37:01.0306 0x0e44  megasas - ok
15:37:01.0313 0x0e44  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:37:01.0324 0x0e44  MegaSR - ok
15:37:01.0327 0x0e44  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:37:01.0352 0x0e44  MMCSS - ok
15:37:01.0354 0x0e44  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:37:01.0378 0x0e44  Modem - ok
15:37:01.0380 0x0e44  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:37:01.0390 0x0e44  monitor - ok
15:37:01.0393 0x0e44  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:37:01.0400 0x0e44  mouclass - ok
15:37:01.0403 0x0e44  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:37:01.0412 0x0e44  mouhid - ok
15:37:01.0416 0x0e44  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:37:01.0424 0x0e44  mountmgr - ok
15:37:01.0428 0x0e44  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:37:01.0437 0x0e44  mpio - ok
15:37:01.0441 0x0e44  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:37:01.0464 0x0e44  mpsdrv - ok
15:37:01.0480 0x0e44  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:37:01.0518 0x0e44  MpsSvc - ok
15:37:01.0524 0x0e44  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:37:01.0534 0x0e44  MRxDAV - ok
15:37:01.0539 0x0e44  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:37:01.0550 0x0e44  mrxsmb - ok
15:37:01.0557 0x0e44  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:37:01.0571 0x0e44  mrxsmb10 - ok
15:37:01.0575 0x0e44  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:37:01.0585 0x0e44  mrxsmb20 - ok
15:37:01.0588 0x0e44  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:37:01.0595 0x0e44  msahci - ok
15:37:01.0599 0x0e44  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:37:01.0608 0x0e44  msdsm - ok
15:37:01.0612 0x0e44  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:37:01.0625 0x0e44  MSDTC - ok
15:37:01.0629 0x0e44  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:37:01.0651 0x0e44  Msfs - ok
15:37:01.0653 0x0e44  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:37:01.0676 0x0e44  mshidkmdf - ok
15:37:01.0678 0x0e44  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:37:01.0685 0x0e44  msisadrv - ok
15:37:01.0690 0x0e44  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:37:01.0715 0x0e44  MSiSCSI - ok
15:37:01.0717 0x0e44  msiserver - ok
15:37:01.0721 0x0e44  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:37:01.0744 0x0e44  MSKSSRV - ok
15:37:01.0746 0x0e44  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:37:01.0769 0x0e44  MSPCLOCK - ok
15:37:01.0771 0x0e44  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:37:01.0793 0x0e44  MSPQM - ok
15:37:01.0802 0x0e44  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:37:01.0814 0x0e44  MsRPC - ok
15:37:01.0818 0x0e44  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:37:01.0825 0x0e44  mssmbios - ok
15:37:01.0829 0x0e44  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:37:01.0836 0x0e44  MSSQLServerADHelper - ok
15:37:01.0838 0x0e44  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:37:01.0860 0x0e44  MSTEE - ok
15:37:01.0863 0x0e44  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:37:01.0871 0x0e44  MTConfig - ok
15:37:01.0874 0x0e44  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:37:01.0881 0x0e44  Mup - ok
15:37:01.0893 0x0e44  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:37:01.0925 0x0e44  napagent - ok
15:37:01.0933 0x0e44  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:37:01.0950 0x0e44  NativeWifiP - ok
15:37:01.0968 0x0e44  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:37:01.0994 0x0e44  NDIS - ok
15:37:01.0998 0x0e44  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:37:02.0021 0x0e44  NdisCap - ok
15:37:02.0023 0x0e44  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:37:02.0046 0x0e44  NdisTapi - ok
15:37:02.0049 0x0e44  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:37:02.0072 0x0e44  Ndisuio - ok
15:37:02.0077 0x0e44  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:37:02.0101 0x0e44  NdisWan - ok
15:37:02.0104 0x0e44  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:37:02.0126 0x0e44  NDProxy - ok
15:37:02.0129 0x0e44  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:37:02.0152 0x0e44  NetBIOS - ok
15:37:02.0158 0x0e44  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:37:02.0184 0x0e44  NetBT - ok
15:37:02.0187 0x0e44  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
15:37:02.0196 0x0e44  Netlogon - ok
15:37:02.0204 0x0e44  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:37:02.0234 0x0e44  Netman - ok
15:37:02.0239 0x0e44  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:37:02.0249 0x0e44  NetMsmqActivator - ok
15:37:02.0253 0x0e44  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:37:02.0263 0x0e44  NetPipeActivator - ok
15:37:02.0273 0x0e44  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:37:02.0304 0x0e44  netprofm - ok
15:37:02.0309 0x0e44  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:37:02.0318 0x0e44  NetTcpActivator - ok
15:37:02.0322 0x0e44  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:37:02.0332 0x0e44  NetTcpPortSharing - ok
15:37:02.0335 0x0e44  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:37:02.0343 0x0e44  nfrd960 - ok
15:37:02.0349 0x0e44  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:37:02.0365 0x0e44  NlaSvc - ok
15:37:02.0367 0x0e44  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:37:02.0390 0x0e44  Npfs - ok
15:37:02.0393 0x0e44  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:37:02.0417 0x0e44  nsi - ok
15:37:02.0420 0x0e44  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:37:02.0442 0x0e44  nsiproxy - ok
15:37:02.0474 0x0e44  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:37:02.0512 0x0e44  Ntfs - ok
15:37:02.0516 0x0e44  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:37:02.0538 0x0e44  Null - ok
15:37:02.0543 0x0e44  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:37:02.0553 0x0e44  NVHDA - ok
15:37:02.0766 0x0e44  [ 52B33E12FF8C9E219CAEC1BB4A5F5E4C, 5272178B39FEDB3F001249FE7C852787EFD715FC49BBAAE58158A189AFB8A337 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:37:02.0978 0x0e44  nvlddmkm - ok
15:37:03.0015 0x0e44  [ CD75EF8F5EC7EA52A5C3B30F9222726B, AADD461D727F4358E5F8A9694CBCBC53D2A55DCE661D80B7B0F790E05E2714E4 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:37:03.0051 0x0e44  NvNetworkService - ok
15:37:03.0057 0x0e44  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:37:03.0066 0x0e44  nvraid - ok
15:37:03.0070 0x0e44  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:37:03.0080 0x0e44  nvstor - ok
15:37:03.0374 0x0e44  [ 705A457356DCE04C6E071FB9D2B22408, D16CA73F7F6412FE29CB5DA1232A2BFAB430B1B794975559EE83D46F9D668836 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
15:37:03.0658 0x0e44  NvStreamSvc - ok
15:37:03.0688 0x0e44  [ 2B47EDD27365F9F5D8E87648BECF52C4, CADA4B19791441373580919FFF89623489C7A1737857760B96CC3F0A08DB8D59 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:37:03.0713 0x0e44  nvsvc - ok
15:37:03.0717 0x0e44  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:37:03.0724 0x0e44  nvvad_WaveExtensible - ok
15:37:03.0728 0x0e44  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:37:03.0737 0x0e44  nv_agp - ok
15:37:03.0777 0x0e44  [ E7D8C7748AAED52F1700D048A0087158, 3DD1652460C3AC9809A01DFC39326614C738CBF8196AC1DB73D88231EB860C90 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
15:37:03.0815 0x0e44  OfficeSvc - ok
15:37:03.0820 0x0e44  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:37:03.0830 0x0e44  ohci1394 - ok
15:37:03.0835 0x0e44  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:37:03.0845 0x0e44  ose - ok
15:37:03.0936 0x0e44  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:37:04.0040 0x0e44  osppsvc - ok
15:37:04.0056 0x0e44  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:37:04.0072 0x0e44  p2pimsvc - ok
15:37:04.0082 0x0e44  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:37:04.0099 0x0e44  p2psvc - ok
15:37:04.0103 0x0e44  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:37:04.0112 0x0e44  Parport - ok
15:37:04.0116 0x0e44  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:37:04.0124 0x0e44  partmgr - ok
15:37:04.0129 0x0e44  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:37:04.0145 0x0e44  PcaSvc - ok
15:37:04.0150 0x0e44  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:37:04.0160 0x0e44  pci - ok
15:37:04.0162 0x0e44  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:37:04.0170 0x0e44  pciide - ok
15:37:04.0176 0x0e44  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:37:04.0186 0x0e44  pcmcia - ok
15:37:04.0189 0x0e44  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:37:04.0196 0x0e44  pcw - ok
15:37:04.0209 0x0e44  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:37:04.0244 0x0e44  PEAUTH - ok
15:37:04.0269 0x0e44  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:37:04.0308 0x0e44  PeerDistSvc - ok
15:37:04.0334 0x0e44  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:37:04.0344 0x0e44  PerfHost - ok
15:37:04.0372 0x0e44  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:37:04.0422 0x0e44  pla - ok
15:37:04.0431 0x0e44  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:37:04.0450 0x0e44  PlugPlay - ok
15:37:04.0453 0x0e44  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:37:04.0463 0x0e44  PNRPAutoReg - ok
15:37:04.0470 0x0e44  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:37:04.0485 0x0e44  PNRPsvc - ok
15:37:04.0496 0x0e44  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:37:04.0528 0x0e44  PolicyAgent - ok
15:37:04.0534 0x0e44  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:37:04.0561 0x0e44  Power - ok
15:37:04.0565 0x0e44  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:37:04.0589 0x0e44  PptpMiniport - ok
15:37:04.0592 0x0e44  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:37:04.0601 0x0e44  Processor - ok
15:37:04.0608 0x0e44  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:37:04.0622 0x0e44  ProfSvc - ok
15:37:04.0625 0x0e44  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:37:04.0634 0x0e44  ProtectedStorage - ok
15:37:04.0638 0x0e44  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:37:04.0662 0x0e44  Psched - ok
15:37:04.0665 0x0e44  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\drivers\PxHlpa64.sys
15:37:04.0672 0x0e44  PxHlpa64 - ok
15:37:04.0700 0x0e44  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:37:04.0731 0x0e44  ql2300 - ok
15:37:04.0736 0x0e44  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:37:04.0745 0x0e44  ql40xx - ok
15:37:04.0752 0x0e44  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:37:04.0770 0x0e44  QWAVE - ok
15:37:04.0773 0x0e44  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:37:04.0785 0x0e44  QWAVEdrv - ok
15:37:04.0787 0x0e44  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:37:04.0810 0x0e44  RasAcd - ok
15:37:04.0813 0x0e44  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:37:04.0836 0x0e44  RasAgileVpn - ok
15:37:04.0840 0x0e44  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:37:04.0866 0x0e44  RasAuto - ok
15:37:04.0870 0x0e44  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:37:04.0893 0x0e44  Rasl2tp - ok
15:37:04.0901 0x0e44  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:37:04.0930 0x0e44  RasMan - ok
15:37:04.0934 0x0e44  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:37:04.0958 0x0e44  RasPppoe - ok
15:37:04.0962 0x0e44  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:37:04.0986 0x0e44  RasSstp - ok
15:37:04.0993 0x0e44  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:37:05.0020 0x0e44  rdbss - ok
15:37:05.0023 0x0e44  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:37:05.0033 0x0e44  rdpbus - ok
15:37:05.0035 0x0e44  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:37:05.0058 0x0e44  RDPCDD - ok
15:37:05.0064 0x0e44  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:37:05.0075 0x0e44  RDPDR - ok
15:37:05.0077 0x0e44  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:37:05.0100 0x0e44  RDPENCDD - ok
15:37:05.0103 0x0e44  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:37:05.0125 0x0e44  RDPREFMP - ok
15:37:05.0129 0x0e44  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:37:05.0138 0x0e44  RdpVideoMiniport - ok
15:37:05.0143 0x0e44  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:37:05.0155 0x0e44  RDPWD - ok
15:37:05.0161 0x0e44  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:37:05.0171 0x0e44  rdyboost - ok
15:37:05.0174 0x0e44  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:37:05.0200 0x0e44  RemoteAccess - ok
15:37:05.0205 0x0e44  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:37:05.0232 0x0e44  RemoteRegistry - ok
15:37:05.0235 0x0e44  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:37:05.0261 0x0e44  RpcEptMapper - ok
15:37:05.0264 0x0e44  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:37:05.0273 0x0e44  RpcLocator - ok
15:37:05.0285 0x0e44  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:37:05.0318 0x0e44  RpcSs - ok
15:37:05.0322 0x0e44  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:37:05.0346 0x0e44  rspndr - ok
15:37:05.0349 0x0e44  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:37:05.0357 0x0e44  s3cap - ok
15:37:05.0362 0x0e44  [ A995C8C7681942E4F7F7F5BB2621AB2E, 9803AFF84061A4A92BB5DF3B6D34348A7FC2D5315A57FA1CDFDF2B4DE583AEC1 ] SaiK8014        C:\Windows\system32\DRIVERS\SaiK8014.sys
15:37:05.0371 0x0e44  SaiK8014 - ok
15:37:05.0373 0x0e44  [ 64BC6CC8FD3408DF37EA488D88D54A4A, 9B3E6B85410CE1CD7B267E8CC6555E58CE20516B5DB06B3DE82D140C8141A2EC ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys
15:37:05.0379 0x0e44  SaiMini - ok
15:37:05.0382 0x0e44  [ 6A78C024625926CC4B67B3E6AD14910A, 25B0636E576161E4D1F7EF22699D9BA78AA6E4E6E26B396900778A473F23C175 ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
15:37:05.0388 0x0e44  SaiNtBus - ok
15:37:05.0391 0x0e44  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
15:37:05.0400 0x0e44  SamSs - ok
15:37:05.0403 0x0e44  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:37:05.0412 0x0e44  sbp2port - ok
15:37:05.0418 0x0e44  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:37:05.0445 0x0e44  SCardSvr - ok
15:37:05.0448 0x0e44  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:37:05.0470 0x0e44  scfilter - ok
15:37:05.0493 0x0e44  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:37:05.0537 0x0e44  Schedule - ok
15:37:05.0541 0x0e44  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:37:05.0564 0x0e44  SCPolicySvc - ok
15:37:05.0569 0x0e44  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:37:05.0582 0x0e44  SDRSVC - ok
15:37:05.0676 0x0e44  [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService E:\Spybot\SDFSSvc.exe
15:37:05.0746 0x0e44  SDScannerService - ok
15:37:05.0779 0x0e44  [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService E:\Spybot\SDUpdSvc.exe
15:37:05.0805 0x0e44  SDUpdateService - ok
15:37:05.0818 0x0e44  [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService    E:\Spybot\SDWSCSvc.exe
15:37:05.0827 0x0e44  SDWSCService - ok
15:37:05.0830 0x0e44  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:37:05.0853 0x0e44  secdrv - ok
15:37:05.0856 0x0e44  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:37:05.0880 0x0e44  seclogon - ok
15:37:05.0883 0x0e44  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:37:05.0909 0x0e44  SENS - ok
15:37:05.0912 0x0e44  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:37:05.0921 0x0e44  SensrSvc - ok
15:37:05.0924 0x0e44  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:37:05.0933 0x0e44  Serenum - ok
15:37:05.0936 0x0e44  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
15:37:05.0946 0x0e44  Serial - ok
15:37:05.0949 0x0e44  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:37:05.0958 0x0e44  sermouse - ok
15:37:05.0965 0x0e44  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:37:05.0990 0x0e44  SessionEnv - ok
15:37:05.0993 0x0e44  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:37:06.0003 0x0e44  sffdisk - ok
15:37:06.0005 0x0e44  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:37:06.0015 0x0e44  sffp_mmc - ok
15:37:06.0017 0x0e44  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:37:06.0027 0x0e44  sffp_sd - ok
15:37:06.0029 0x0e44  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:37:06.0038 0x0e44  sfloppy - ok
15:37:06.0046 0x0e44  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:37:06.0075 0x0e44  SharedAccess - ok
15:37:06.0086 0x0e44  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:37:06.0116 0x0e44  ShellHWDetection - ok
15:37:06.0119 0x0e44  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:37:06.0126 0x0e44  SiSRaid2 - ok
15:37:06.0129 0x0e44  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:37:06.0137 0x0e44  SiSRaid4 - ok
15:37:06.0141 0x0e44  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:37:06.0165 0x0e44  Smb - ok
15:37:06.0169 0x0e44  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:37:06.0180 0x0e44  SNMPTRAP - ok
15:37:06.0182 0x0e44  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:37:06.0189 0x0e44  spldr - ok
15:37:06.0201 0x0e44  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:37:06.0222 0x0e44  Spooler - ok
15:37:06.0292 0x0e44  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:37:06.0382 0x0e44  sppsvc - ok
15:37:06.0387 0x0e44  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:37:06.0412 0x0e44  sppuinotify - ok
15:37:06.0419 0x0e44  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:37:06.0429 0x0e44  SQLBrowser - ok
15:37:06.0435 0x0e44  [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:37:06.0443 0x0e44  SQLWriter - ok
15:37:06.0453 0x0e44  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:37:06.0471 0x0e44  srv - ok
15:37:06.0480 0x0e44  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:37:06.0496 0x0e44  srv2 - ok
15:37:06.0501 0x0e44  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:37:06.0513 0x0e44  srvnet - ok
15:37:06.0519 0x0e44  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:37:06.0547 0x0e44  SSDPSRV - ok
15:37:06.0550 0x0e44  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:37:06.0575 0x0e44  SstpSvc - ok
15:37:06.0587 0x0e44  [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:37:07.0151 0x0e44  Steam Client Service - ok
15:37:07.0161 0x0e44  [ B5D2F4BF587FD60AF75B09EFC1AD0E0A, 2033D6DFCA7A48E338D94427AEC82DA761618D5D3AEB22E5A64427D2C2DB0350 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:37:07.0174 0x0e44  Stereo Service - ok
15:37:07.0177 0x0e44  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:37:07.0185 0x0e44  stexstor - ok
15:37:07.0188 0x0e44  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:37:07.0198 0x0e44  StillCam - ok
15:37:07.0212 0x0e44  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:37:07.0236 0x0e44  stisvc - ok
15:37:07.0240 0x0e44  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:37:07.0247 0x0e44  storflt - ok
15:37:07.0250 0x0e44  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:37:07.0257 0x0e44  storvsc - ok
15:37:07.0260 0x0e44  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:37:07.0266 0x0e44  swenum - ok
15:37:07.0277 0x0e44  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:37:07.0311 0x0e44  swprv - ok
15:37:07.0315 0x0e44  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
15:37:07.0324 0x0e44  Synth3dVsc - ok
15:37:07.0362 0x0e44  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:37:07.0408 0x0e44  SysMain - ok
15:37:07.0413 0x0e44  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:37:07.0427 0x0e44  TabletInputService - ok
15:37:07.0436 0x0e44  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:37:07.0465 0x0e44  TapiSrv - ok
15:37:07.0468 0x0e44  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:37:07.0493 0x0e44  TBS - ok
15:37:07.0528 0x0e44  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:37:07.0570 0x0e44  Tcpip - ok
15:37:07.0606 0x0e44  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:37:07.0643 0x0e44  TCPIP6 - ok
15:37:07.0648 0x0e44  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:37:07.0658 0x0e44  tcpipreg - ok
15:37:07.0661 0x0e44  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:37:07.0670 0x0e44  TDPIPE - ok
15:37:07.0672 0x0e44  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:37:07.0681 0x0e44  TDTCP - ok
15:37:07.0685 0x0e44  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:37:07.0708 0x0e44  tdx - ok
15:37:07.0711 0x0e44  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:37:07.0719 0x0e44  TermDD - ok
15:37:07.0722 0x0e44  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
15:37:07.0731 0x0e44  terminpt - ok
15:37:07.0747 0x0e44  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
15:37:07.0784 0x0e44  TermService - ok
15:37:07.0787 0x0e44  [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes          C:\Windows\system32\themeservice.dll
15:37:07.0793 0x0e44  Themes - detected UnsignedFile.Multi.Generic ( 1 )
15:37:10.0351 0x0e44  Detect skipped due to KSN trusted
15:37:10.0351 0x0e44  Themes - ok
15:37:10.0355 0x0e44  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:37:10.0380 0x0e44  THREADORDER - ok
15:37:10.0384 0x0e44  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:37:10.0412 0x0e44  TrkWks - ok
15:37:10.0417 0x0e44  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:37:10.0442 0x0e44  TrustedInstaller - ok
15:37:10.0446 0x0e44  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:37:10.0456 0x0e44  tssecsrv - ok
15:37:10.0459 0x0e44  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:37:10.0468 0x0e44  TsUsbFlt - ok
15:37:10.0470 0x0e44  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:37:10.0479 0x0e44  TsUsbGD - ok
15:37:10.0483 0x0e44  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
15:37:10.0494 0x0e44  tsusbhub - ok
15:37:10.0498 0x0e44  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:37:10.0522 0x0e44  tunnel - ok
15:37:10.0525 0x0e44  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:37:10.0533 0x0e44  uagp35 - ok
15:37:10.0541 0x0e44  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:37:10.0568 0x0e44  udfs - ok
15:37:10.0574 0x0e44  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:37:10.0584 0x0e44  UI0Detect - ok
15:37:10.0587 0x0e44  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:37:10.0595 0x0e44  uliagpkx - ok
15:37:10.0598 0x0e44  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:37:10.0607 0x0e44  umbus - ok
15:37:10.0609 0x0e44  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:37:10.0618 0x0e44  UmPass - ok
15:37:10.0623 0x0e44  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:37:10.0637 0x0e44  UmRdpService - ok
15:37:10.0646 0x0e44  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:37:10.0677 0x0e44  upnphost - ok
15:37:10.0680 0x0e44  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:37:10.0689 0x0e44  USBAAPL64 - ok
15:37:10.0693 0x0e44  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:37:10.0704 0x0e44  usbaudio - ok
15:37:10.0707 0x0e44  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:37:10.0718 0x0e44  usbccgp - ok
15:37:10.0722 0x0e44  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:37:10.0732 0x0e44  usbcir - ok
15:37:10.0735 0x0e44  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:37:10.0744 0x0e44  usbehci - ok
15:37:10.0752 0x0e44  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:37:10.0767 0x0e44  usbhub - ok
15:37:10.0771 0x0e44  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:37:10.0779 0x0e44  usbohci - ok
15:37:10.0782 0x0e44  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:37:10.0792 0x0e44  usbprint - ok
15:37:10.0796 0x0e44  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:37:10.0806 0x0e44  USBSTOR - ok
15:37:10.0809 0x0e44  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:37:10.0817 0x0e44  usbuhci - ok
15:37:10.0819 0x0e44  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:37:10.0844 0x0e44  UxSms - ok
15:37:10.0846 0x0e44  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
15:37:10.0856 0x0e44  VaultSvc - ok
15:37:10.0859 0x0e44  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:37:10.0866 0x0e44  vdrvroot - ok
15:37:10.0878 0x0e44  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:37:10.0911 0x0e44  vds - ok
15:37:10.0914 0x0e44  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:37:10.0924 0x0e44  vga - ok
15:37:10.0927 0x0e44  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:37:10.0949 0x0e44  VgaSave - ok
15:37:10.0951 0x0e44  VGPU - ok
15:37:10.0957 0x0e44  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:37:10.0967 0x0e44  vhdmp - ok
15:37:10.0970 0x0e44  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:37:10.0977 0x0e44  viaide - ok
15:37:10.0984 0x0e44  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:37:10.0996 0x0e44  vmbus - ok
15:37:10.0999 0x0e44  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:37:11.0008 0x0e44  VMBusHID - ok
15:37:11.0011 0x0e44  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:37:11.0019 0x0e44  volmgr - ok
15:37:11.0027 0x0e44  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:37:11.0040 0x0e44  volmgrx - ok
15:37:11.0049 0x0e44  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:37:11.0061 0x0e44  volsnap - ok
15:37:11.0067 0x0e44  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:37:11.0076 0x0e44  vsmraid - ok
15:37:11.0111 0x0e44  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:37:11.0165 0x0e44  VSS - ok
15:37:11.0204 0x0e44  [ DCE9CC4129E1DAC6AAE25C6050E20A16, 17A0F8F583756D8CF00513195D3E9A9FF726AC68EE0A817134EB56690A96F6D7 ] vToolbarUpdater15.5.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
15:37:11.0238 0x0e44  vToolbarUpdater15.5.0 - ok
15:37:11.0241 0x0e44  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:37:11.0253 0x0e44  vwifibus - ok
15:37:11.0256 0x0e44  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:37:11.0268 0x0e44  vwififlt - ok
15:37:11.0277 0x0e44  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:37:11.0308 0x0e44  W32Time - ok
15:37:11.0312 0x0e44  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:37:11.0321 0x0e44  WacomPen - ok
15:37:11.0326 0x0e44  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:37:11.0349 0x0e44  WANARP - ok
15:37:11.0352 0x0e44  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:37:11.0375 0x0e44  Wanarpv6 - ok
15:37:11.0403 0x0e44  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:37:11.0434 0x0e44  WatAdminSvc - ok
15:37:11.0467 0x0e44  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:37:11.0505 0x0e44  wbengine - ok
15:37:11.0512 0x0e44  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:37:11.0528 0x0e44  WbioSrvc - ok
15:37:11.0537 0x0e44  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:37:11.0557 0x0e44  wcncsvc - ok
15:37:11.0560 0x0e44  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:37:11.0570 0x0e44  WcsPlugInService - ok
15:37:11.0572 0x0e44  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:37:11.0579 0x0e44  Wd - ok
15:37:11.0594 0x0e44  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:37:11.0617 0x0e44  Wdf01000 - ok
15:37:11.0622 0x0e44  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:37:11.0637 0x0e44  WdiServiceHost - ok
15:37:11.0641 0x0e44  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:37:11.0655 0x0e44  WdiSystemHost - ok
15:37:11.0662 0x0e44  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:37:11.0677 0x0e44  WebClient - ok
15:37:11.0683 0x0e44  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:37:11.0712 0x0e44  Wecsvc - ok
15:37:11.0716 0x0e44  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:37:11.0741 0x0e44  wercplsupport - ok
15:37:11.0745 0x0e44  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:37:11.0770 0x0e44  WerSvc - ok
15:37:11.0772 0x0e44  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:37:11.0795 0x0e44  WfpLwf - ok
15:37:11.0797 0x0e44  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:37:11.0805 0x0e44  WIMMount - ok
15:37:11.0807 0x0e44  WinDefend - ok
15:37:11.0810 0x0e44  WinHttpAutoProxySvc - ok
15:37:11.0820 0x0e44  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:37:11.0847 0x0e44  Winmgmt - ok
15:37:11.0884 0x0e44  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:37:11.0946 0x0e44  WinRM - ok
15:37:11.0953 0x0e44  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:37:11.0964 0x0e44  WinUsb - ok
15:37:11.0981 0x0e44  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:37:12.0012 0x0e44  Wlansvc - ok
15:37:12.0015 0x0e44  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:37:12.0024 0x0e44  WmiAcpi - ok
15:37:12.0030 0x0e44  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:37:12.0044 0x0e44  wmiApSrv - ok
15:37:12.0046 0x0e44  WMPNetworkSvc - ok
15:37:12.0048 0x0e44  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:37:12.0058 0x0e44  WPCSvc - ok
15:37:12.0062 0x0e44  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:37:12.0075 0x0e44  WPDBusEnum - ok
15:37:12.0077 0x0e44  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:37:12.0100 0x0e44  ws2ifsl - ok
15:37:12.0104 0x0e44  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:37:12.0119 0x0e44  wscsvc - ok
15:37:12.0121 0x0e44  WSearch - ok
15:37:12.0172 0x0e44  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:37:12.0221 0x0e44  wuauserv - ok
15:37:12.0227 0x0e44  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:37:12.0236 0x0e44  WudfPf - ok
15:37:12.0244 0x0e44  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:37:12.0256 0x0e44  WUDFRd - ok
15:37:12.0260 0x0e44  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:37:12.0272 0x0e44  wudfsvc - ok
15:37:12.0278 0x0e44  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:37:12.0293 0x0e44  WwanSvc - ok
15:37:12.0298 0x0e44  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
15:37:12.0306 0x0e44  xusb21 - ok
15:37:12.0308 0x0e44  ================ Scan global ===============================
15:37:12.0311 0x0e44  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:37:12.0318 0x0e44  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:37:12.0328 0x0e44  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:37:12.0335 0x0e44  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:37:12.0345 0x0e44  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:37:12.0351 0x0e44  [ Global ] - ok
15:37:12.0351 0x0e44  ================ Scan MBR ==================================
15:37:12.0353 0x0e44  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:37:12.0479 0x0e44  \Device\Harddisk0\DR0 - ok
15:37:12.0480 0x0e44  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:37:12.0547 0x0e44  \Device\Harddisk1\DR1 - ok
15:37:12.0547 0x0e44  ================ Scan VBR ==================================
15:37:12.0549 0x0e44  [ F683461ED79065ACD3618A050BF9AD6A ] \Device\Harddisk0\DR0\Partition1
15:37:12.0549 0x0e44  \Device\Harddisk0\DR0\Partition1 - ok
15:37:12.0551 0x0e44  [ 36887DA8893819679219ECFF0EE1405A ] \Device\Harddisk0\DR0\Partition2
15:37:12.0551 0x0e44  \Device\Harddisk0\DR0\Partition2 - ok
15:37:12.0553 0x0e44  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
15:37:12.0553 0x0e44  \Device\Harddisk1\DR1\Partition1 - ok
15:37:12.0555 0x0e44  [ 78B7227C9FD9B2C2BA0BE6620EE66675 ] \Device\Harddisk1\DR1\Partition2
15:37:12.0607 0x0e44  \Device\Harddisk1\DR1\Partition2 - ok
15:37:12.0607 0x0e44  Waiting for KSN requests completion. In queue: 328
15:37:13.0607 0x0e44  Waiting for KSN requests completion. In queue: 328
15:37:14.0607 0x0e44  Waiting for KSN requests completion. In queue: 21
15:37:15.0614 0x0e44  AV detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x41000 ( enabled : updated )
15:37:15.0615 0x0e44  FW detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x41010 ( enabled )
15:37:18.0042 0x0e44  ============================================================
15:37:18.0042 0x0e44  Scan finished
15:37:18.0042 0x0e44  ============================================================
15:37:18.0046 0x1544  Detected object count: 0
15:37:18.0046 0x1544  Actual detected object count: 0
===============================================
 
FRST.txt-----------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014 01
Ran by VETO (administrator) on PRIME on 07-03-2014 15:39:32
Running from C:\Users\VETO\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Safer-Networking Ltd.) E:\Spybot\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
(Safer-Networking Ltd.) E:\Spybot\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) E:\Photoshop\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Kaspersky Lab ZAO) C:\Users\VETO\Desktop\tdsskiller.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2013-01-16] (Realtek Semiconductor)
HKLM\...\Run: [SaiVolume] - C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe [186880 2010-04-21] (Saitek)
HKLM\...\Run: [ProfilerU] - C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [378880 2010-04-21] (Saitek)
HKLM\...\Run: [SaiMfd] - C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [195072 2010-04-21] (Saitek)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-20] (AVAST Software)
HKLM-x32\...\Run: [SDTray] - E:\Spybot\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] - E:\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-734638345-3446768046-2017789806-1000\...\Run: [Akamai NetSession Interface] - C:\Users\VETO\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-734638345-3446768046-2017789806-1000\...\Run: [HP Photosmart 7520 series (NET)] - C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-734638345-3446768046-2017789806-1000\...\Run: [CAHeadless] - E:\Photoshop\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1400224 2013-09-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-734638345-3446768046-2017789806-1000\...\Run: [Spybot-S&D Cleaning] - E:\Spybot\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
Startup: C:\Users\VETO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\VETO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x020D04CBB6F4CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKCU - DefaultScope {681ED8F2-AFB9-46AE-9847-E29E3BCA5F02} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2612669&CUI=UN19586799541413612&UM=2
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {7623BE59-D4CF-4379-ABC4-B39E11854D66} http://labo.erinn.biz/cs/mabiweb.2012.04.25.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Logitech SetPoint) - C:\Users\VETO\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-12-02]
CHR Extension: (AdBlock) - C:\Users\VETO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-26]
CHR Extension: (avast! Online Security) - C:\Users\VETO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-26]
CHR Extension: (Google Wallet) - C:\Users\VETO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR HKCU\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\VETO\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-12-02]
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\VETO\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-12-02]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [oopdmcnionefjjnmchkiimificckpkif] - C:\Users\VETO\AppData\Local\CRE\oopdmcnionefjjnmchkiimificckpkif.crx [2013-12-28]
 
==================== Services (Whitelisted) =================
 
R2 AdobeActiveFileMonitor12.0; E:\Photoshop\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-20] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-02-20] (AVAST Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 SDScannerService; E:\Spybot\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; E:\Spybot\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; E:\Spybot\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-18] (AVG Secure Search)
S2 HPSLPSVC; C:\Users\VETO\AppData\Local\Temp\7zS0673\hpslpsvc64.dll [X]
 
==================== Drivers (Whitelisted) ====================
 
S3 AE3000; C:\Windows\System32\DRIVERS\AE3000w764.sys [1717824 2012-03-02] (Ralink Technology Corp.)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-20] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-02-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-20] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-07] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-18] (AVG Technologies)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-07-15] (REALiX™)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 SaiK8014; C:\Windows\System32\DRIVERS\SaiK8014.sys [174600 2010-07-27] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [22664 2010-04-22] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [49928 2010-04-22] (Saitek)
S3 ALSysIO; \??\C:\Users\VETO\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-07 15:39 - 2014-03-07 15:39 - 00014599 _____ () C:\Users\VETO\Desktop\FRST.txt
2014-03-07 15:39 - 2014-03-07 15:39 - 00000000 ____D () C:\FRST
2014-03-07 15:35 - 2014-03-07 15:35 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\VETO\Desktop\tdsskiller (1).exe
2014-03-07 15:33 - 2014-03-07 15:34 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\VETO\Desktop\tdsskiller.exe
2014-03-07 15:33 - 2014-03-07 15:33 - 02156544 _____ (Farbar) C:\Users\VETO\Desktop\FRST64.exe
2014-03-07 15:12 - 2014-03-07 15:12 - 00688992 ____R (Swearware) C:\Users\VETO\Desktop\dds.com
2014-03-07 15:12 - 2014-03-07 15:12 - 00688992 _____ (Swearware) C:\Users\VETO\Downloads\dds (1).com
2014-03-07 15:06 - 2014-03-07 15:06 - 01244192 _____ () C:\Users\VETO\Downloads\AdwCleaner.exe
2014-03-07 15:04 - 2014-03-07 15:13 - 00019640 _____ () C:\Users\VETO\Desktop\dds.txt
2014-03-07 15:04 - 2014-03-07 15:13 - 00010087 _____ () C:\Users\VETO\Desktop\attach.txt
2014-03-07 15:03 - 2014-03-07 15:03 - 00688992 ____R (Swearware) C:\Users\VETO\Downloads\dds.com
2014-03-06 16:19 - 2014-03-06 16:19 - 00338405 _____ () C:\Users\VETO\Downloads\Windows Resource Pack-40676-1-0.zip
2014-03-06 16:19 - 2014-03-06 16:19 - 00315106 _____ () C:\Users\VETO\Downloads\Crates Of Stuff-36756-.7z
2014-03-06 16:18 - 2014-03-06 16:18 - 64288585 _____ () C:\Users\VETO\Downloads\Architectural Mesh Expansion-38550-1-0.rar
2014-03-06 16:18 - 2014-03-06 16:18 - 39351405 _____ () C:\Users\VETO\Downloads\FPI Experiment Pack 1-43143-1-0.zip
2014-03-06 16:16 - 2014-03-06 16:16 - 07580325 _____ () C:\Users\VETO\Downloads\Open Books Library-42362-1-3.zip
2014-03-06 16:16 - 2014-03-06 16:16 - 03370362 _____ () C:\Users\VETO\Downloads\3 Shelf Scrolls-16430-1-0.rar
2014-03-06 16:16 - 2014-03-06 16:16 - 02788435 _____ () C:\Users\VETO\Downloads\3 Shelf Scrolls - other shelf-16430-v1-0.rar
2014-03-06 16:16 - 2014-03-06 16:16 - 02443741 _____ () C:\Users\VETO\Downloads\Strotis Kitchen Tools -42690-1-1.7z
2014-03-06 16:15 - 2014-03-06 16:15 - 34633164 _____ () C:\Users\VETO\Downloads\Rug Resource-17303-1-0.rar
2014-03-06 16:15 - 2014-03-06 16:15 - 26866293 _____ () C:\Users\VETO\Downloads\Water plants 2048-29486-1-0.zip
2014-03-06 16:15 - 2014-03-06 16:15 - 10883756 _____ () C:\Users\VETO\Downloads\New Plants V 1_2-22018-1-2.7z
2014-03-06 16:14 - 2014-03-06 16:14 - 02853260 _____ () C:\Users\VETO\Downloads\yurufuwa rabbit-38138-1.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 01624181 _____ () C:\Users\VETO\Downloads\foodcontainer-14133-1-0.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 01056055 _____ () C:\Users\VETO\Downloads\mesh-14135-1-0.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 00927776 _____ () C:\Users\VETO\Downloads\mesh-14136-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 01421724 _____ () C:\Users\VETO\Downloads\Ingredients Wall Art Resource-30602-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 00491303 _____ () C:\Users\VETO\Downloads\AlchemyClutterResource-30599-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 00416525 _____ () C:\Users\VETO\Downloads\Ingredients Drawer Resource-30600-1-0.7z
2014-03-06 16:11 - 2014-03-06 16:12 - 18664000 _____ () C:\Users\VETO\Downloads\PaintingsFrames-17423-1-0.zip
2014-03-06 16:11 - 2014-03-06 16:12 - 104283904 _____ () C:\Users\VETO\Downloads\Pack5_0-26132-5-0.zip
2014-03-06 16:11 - 2014-03-06 16:11 - 12696207 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 CORE-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 06420260 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 FORGE-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 02219655 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 JARS-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 01208398 _____ () C:\Users\VETO\Downloads\mesh_textures-14134-1-0.7z
2014-03-06 16:06 - 2014-03-07 14:57 - 00000672 _____ () C:\Windows\setupact.log
2014-03-06 16:06 - 2014-03-06 16:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 22:02 - 2014-03-05 22:02 - 00005138 _____ () C:\Users\VETO\Downloads\SKSE INI should be NMM installable now-34858-.rar
2014-03-05 21:37 - 2014-03-05 21:37 - 79128665 _____ () C:\Users\VETO\Downloads\Vindictus Pack.rar
2014-03-05 21:37 - 2014-03-05 21:37 - 19593568 _____ () C:\Users\VETO\Downloads\Tieve Clothing.rar
2014-03-05 16:31 - 2014-03-05 16:31 - 00000000 ____D () C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2014-03-03 21:39 - 2014-03-03 21:39 - 02434109 _____ () C:\Users\VETO\Downloads\enbseries_skyrim_v0251 (1).zip
2014-03-03 21:38 - 2014-03-03 21:38 - 03910231 _____ () C:\Users\VETO\Downloads\Somber Antique 2-37716-2-13-250.zip
2014-03-03 21:38 - 2014-03-03 21:38 - 00000491 _____ () C:\Users\VETO\Downloads\Lanterns of Skyrim preset-37716-.zip
2014-03-03 21:25 - 2014-03-03 21:25 - 00003898 _____ () C:\Users\VETO\Downloads\EWIs High SkyrimPrefs and inis v01e-51033-v01e.rar
2014-03-03 21:24 - 2014-03-03 21:24 - 00014171 _____ () C:\Users\VETO\Downloads\ENBoost 5_0-38649-5-0.zip
2014-03-03 21:21 - 2014-03-03 21:21 - 02434109 _____ () C:\Users\VETO\Downloads\enbseries_skyrim_v0251.zip
2014-03-02 16:49 - 2014-03-02 16:49 - 00048529 _____ () C:\Users\VETO\Downloads\occupy_wallstreet.jpeg.size.xxlarge.letterbox.jpeg
2014-03-02 16:48 - 2014-03-02 16:48 - 00072749 _____ () C:\Users\VETO\Downloads\Occupy Toronto protesters are primed to take over Bay Street   iPolitics.htm
2014-03-02 16:48 - 2014-03-02 16:48 - 00000000 ____D () C:\Users\VETO\Downloads\Occupy Toronto protesters are primed to take over Bay Street   iPolitics_files
2014-03-01 22:56 - 2014-03-01 22:56 - 00020958 _____ () C:\Users\VETO\Downloads\polls_corpnews_5659_155503_poll_xlarge.jpeg
2014-03-01 14:52 - 2014-03-01 14:52 - 00139866 _____ () C:\Users\VETO\Downloads\iqbaltopp_I001635_-1.jpeg
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 19:26 - 2014-02-28 19:26 - 00278528 _____ () C:\Users\VETO\Downloads\image.jpeg
2014-02-27 16:10 - 2014-02-27 16:10 - 03418771 _____ (BOSS Development Team) C:\Users\VETO\Downloads\BOSS v2.1.1 Installer.exe
2014-02-27 15:48 - 2014-02-27 16:00 - 426895712 _____ () C:\Users\VETO\Downloads\Aether Suite.7z
2014-02-26 21:16 - 2014-02-26 21:16 - 00266051 _____ () C:\Users\VETO\Downloads\skse_1_06_16_installer.exe
2014-02-26 21:09 - 2014-02-26 21:09 - 00560881 _____ () C:\Users\VETO\Downloads\Isaac Auto Level Version-24298-1-2.rar
2014-02-26 21:06 - 2014-02-26 21:06 - 21963119 _____ () C:\Users\VETO\Downloads\Thanatos as Durnehviir Copper-35576-1-0.7z
2014-02-26 21:05 - 2014-02-26 21:07 - 225770923 _____ () C:\Users\VETO\Downloads\FAR - Forgotten Argonian Roots - 4k-42043-.zip
2014-02-26 21:05 - 2014-02-26 21:05 - 07722613 _____ () C:\Users\VETO\Downloads\Female head MAIN version fix-42043-.rar
2014-02-26 20:53 - 2014-02-26 20:54 - 74146532 _____ () C:\Users\VETO\Downloads\Kankaraya-49292-2-04.7z
2014-02-26 20:18 - 2014-02-26 20:19 - 85125791 _____ () C:\Users\VETO\Downloads\REPLACER_ETERNAL_SHINE_WEAPONS-17582.rar
2014-02-26 20:18 - 2014-02-26 20:18 - 62960818 _____ () C:\Users\VETO\Downloads\REPLACER_ETERNAL_SHINE_SET-17582.rar
2014-02-26 19:53 - 2014-02-26 19:53 - 02461206 _____ () C:\Users\VETO\Downloads\Yakkuru-50320-1-5.7z
2014-02-26 19:49 - 2014-02-26 19:49 - 00000605 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-02-25 17:32 - 2014-03-05 21:42 - 00000000 ____D () C:\Users\VETO\Documents\Nexus Mod Manager
2014-02-23 23:02 - 2014-02-23 23:02 - 00928395 _____ () C:\Users\VETO\Downloads\AajKiRaat-AlishaChinaiMahalaxmiSonuNigam.m4r
2014-02-23 18:10 - 2014-02-23 18:10 - 00130583 _____ () C:\Users\VETO\Downloads\First Person 1_6-49036-1-6.zip
2014-02-23 18:08 - 2014-02-23 18:12 - 04745425 _____ () C:\Users\VETO\Downloads\Hoth-24666-3.7z
2014-02-22 22:56 - 2014-02-22 22:56 - 04149856 _____ (Black Tree Gaming ) C:\Users\VETO\Downloads\Nexus Mod Manager-0.47.3.exe
2014-02-20 14:12 - 2014-02-20 14:12 - 00002032 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-02-20 14:12 - 2014-02-20 14:12 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-02-19 20:35 - 2014-02-26 21:16 - 00000965 _____ () C:\Users\VETO\Desktop\Skyrim (SKSE).lnk
2014-02-19 18:41 - 2014-02-08 11:18 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-02-19 18:11 - 2014-02-19 18:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-19 18:09 - 2014-02-08 13:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-19 18:09 - 2014-02-08 13:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00483104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00408352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00378656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-17 13:40 - 2014-03-07 15:00 - 00489734 _____ () C:\Windows\WindowsUpdate.log
2014-02-15 15:20 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-15 15:20 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-15 15:20 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-15 15:20 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-15 15:20 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-15 15:20 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-15 15:20 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-15 15:20 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-15 15:20 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-15 15:20 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-15 15:20 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-15 15:20 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-15 15:20 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-15 15:20 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-15 15:20 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-15 15:20 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-15 15:20 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-15 15:20 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-15 15:20 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-15 15:20 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-15 15:20 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-15 15:20 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 15:20 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-15 15:20 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-15 15:20 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-15 15:20 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-15 15:20 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-15 15:20 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-15 15:20 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-15 15:20 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-15 15:20 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-15 15:20 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-15 15:20 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-15 15:20 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-15 15:20 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-15 15:20 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-15 15:20 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-15 15:20 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-15 15:20 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-15 15:20 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 15:20 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 16:07 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 16:07 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 16:06 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 16:06 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 16:06 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 16:06 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 16:06 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 16:06 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 16:06 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 16:06 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 16:06 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 16:06 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 16:06 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 16:06 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 16:06 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 16:06 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 16:06 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 16:06 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 16:06 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 16:06 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 16:06 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 16:06 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 16:06 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 16:06 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 16:06 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 16:06 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 16:06 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 16:06 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-09 22:54 - 2014-02-11 20:22 - 00000000 ____D () C:\Users\VETO\Desktop\76561198081560718
2014-02-08 13:37 - 2014-02-08 13:44 - 00000000 ____D () C:\Users\VETO\Documents\My Cheat Tables
2014-02-08 13:37 - 2014-02-08 13:37 - 00000605 _____ () C:\Users\VETO\Desktop\Cheat Engine.lnk
2014-02-06 22:50 - 2014-02-09 22:51 - 00000495 _____ () C:\Users\VETO\Desktop\profile.bin
 
==================== One Month Modified Files and Folders =======
 
2014-03-07 15:39 - 2014-03-07 15:39 - 00014599 _____ () C:\Users\VETO\Desktop\FRST.txt
2014-03-07 15:39 - 2014-03-07 15:39 - 00000000 ____D () C:\FRST
2014-03-07 15:35 - 2014-03-07 15:35 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\VETO\Desktop\tdsskiller (1).exe
2014-03-07 15:34 - 2014-03-07 15:33 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\VETO\Desktop\tdsskiller.exe
2014-03-07 15:33 - 2014-03-07 15:33 - 02156544 _____ (Farbar) C:\Users\VETO\Desktop\FRST64.exe
2014-03-07 15:20 - 2013-01-17 08:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 15:18 - 2013-11-20 18:37 - 00004956 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PRIME-VETO PRIME
2014-03-07 15:13 - 2014-03-07 15:04 - 00019640 _____ () C:\Users\VETO\Desktop\dds.txt
2014-03-07 15:13 - 2014-03-07 15:04 - 00010087 _____ () C:\Users\VETO\Desktop\attach.txt
2014-03-07 15:12 - 2014-03-07 15:12 - 00688992 ____R (Swearware) C:\Users\VETO\Desktop\dds.com
2014-03-07 15:12 - 2014-03-07 15:12 - 00688992 _____ (Swearware) C:\Users\VETO\Downloads\dds (1).com
2014-03-07 15:07 - 2013-01-19 17:00 - 00000000 ____D () C:\Users\VETO\AppData\Local\Adobe
2014-03-07 15:06 - 2014-03-07 15:06 - 01244192 _____ () C:\Users\VETO\Downloads\AdwCleaner.exe
2014-03-07 15:04 - 2009-07-13 23:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 15:04 - 2009-07-13 23:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 15:03 - 2014-03-07 15:03 - 00688992 ____R (Swearware) C:\Users\VETO\Downloads\dds.com
2014-03-07 15:02 - 2009-07-14 00:13 - 00849400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-07 15:00 - 2014-02-17 13:40 - 00489734 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 14:57 - 2014-03-06 16:06 - 00000672 _____ () C:\Windows\setupact.log
2014-03-07 14:57 - 2013-10-26 21:23 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 14:57 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 14:56 - 2013-01-17 08:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-06 16:45 - 2013-10-26 21:23 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-06 16:19 - 2014-03-06 16:19 - 00338405 _____ () C:\Users\VETO\Downloads\Windows Resource Pack-40676-1-0.zip
2014-03-06 16:19 - 2014-03-06 16:19 - 00315106 _____ () C:\Users\VETO\Downloads\Crates Of Stuff-36756-.7z
2014-03-06 16:18 - 2014-03-06 16:18 - 64288585 _____ () C:\Users\VETO\Downloads\Architectural Mesh Expansion-38550-1-0.rar
2014-03-06 16:18 - 2014-03-06 16:18 - 39351405 _____ () C:\Users\VETO\Downloads\FPI Experiment Pack 1-43143-1-0.zip
2014-03-06 16:16 - 2014-03-06 16:16 - 07580325 _____ () C:\Users\VETO\Downloads\Open Books Library-42362-1-3.zip
2014-03-06 16:16 - 2014-03-06 16:16 - 03370362 _____ () C:\Users\VETO\Downloads\3 Shelf Scrolls-16430-1-0.rar
2014-03-06 16:16 - 2014-03-06 16:16 - 02788435 _____ () C:\Users\VETO\Downloads\3 Shelf Scrolls - other shelf-16430-v1-0.rar
2014-03-06 16:16 - 2014-03-06 16:16 - 02443741 _____ () C:\Users\VETO\Downloads\Strotis Kitchen Tools -42690-1-1.7z
2014-03-06 16:15 - 2014-03-06 16:15 - 34633164 _____ () C:\Users\VETO\Downloads\Rug Resource-17303-1-0.rar
2014-03-06 16:15 - 2014-03-06 16:15 - 26866293 _____ () C:\Users\VETO\Downloads\Water plants 2048-29486-1-0.zip
2014-03-06 16:15 - 2014-03-06 16:15 - 10883756 _____ () C:\Users\VETO\Downloads\New Plants V 1_2-22018-1-2.7z
2014-03-06 16:14 - 2014-03-06 16:14 - 02853260 _____ () C:\Users\VETO\Downloads\yurufuwa rabbit-38138-1.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 01624181 _____ () C:\Users\VETO\Downloads\foodcontainer-14133-1-0.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 01056055 _____ () C:\Users\VETO\Downloads\mesh-14135-1-0.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 00927776 _____ () C:\Users\VETO\Downloads\mesh-14136-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 01421724 _____ () C:\Users\VETO\Downloads\Ingredients Wall Art Resource-30602-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 00491303 _____ () C:\Users\VETO\Downloads\AlchemyClutterResource-30599-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 00416525 _____ () C:\Users\VETO\Downloads\Ingredients Drawer Resource-30600-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:11 - 18664000 _____ () C:\Users\VETO\Downloads\PaintingsFrames-17423-1-0.zip
2014-03-06 16:12 - 2014-03-06 16:11 - 104283904 _____ () C:\Users\VETO\Downloads\Pack5_0-26132-5-0.zip
2014-03-06 16:11 - 2014-03-06 16:11 - 12696207 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 CORE-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 06420260 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 FORGE-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 02219655 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 JARS-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 01208398 _____ () C:\Users\VETO\Downloads\mesh_textures-14134-1-0.7z
2014-03-06 16:06 - 2014-03-06 16:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 22:10 - 2013-01-17 18:54 - 00000000 ____D () C:\Users\VETO\AppData\Local\Skyrim
2014-03-05 22:02 - 2014-03-05 22:02 - 00005138 _____ () C:\Users\VETO\Downloads\SKSE INI should be NMM installable now-34858-.rar
2014-03-05 21:42 - 2014-02-25 17:32 - 00000000 ____D () C:\Users\VETO\Documents\Nexus Mod Manager
2014-03-05 21:37 - 2014-03-05 21:37 - 79128665 _____ () C:\Users\VETO\Downloads\Vindictus Pack.rar
2014-03-05 21:37 - 2014-03-05 21:37 - 19593568 _____ () C:\Users\VETO\Downloads\Tieve Clothing.rar
2014-03-05 16:31 - 2014-03-05 16:31 - 00000000 ____D () C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2014-03-03 21:39 - 2014-03-03 21:39 - 02434109 _____ () C:\Users\VETO\Downloads\enbseries_skyrim_v0251 (1).zip
2014-03-03 21:38 - 2014-03-03 21:38 - 03910231 _____ () C:\Users\VETO\Downloads\Somber Antique 2-37716-2-13-250.zip
2014-03-03 21:38 - 2014-03-03 21:38 - 00000491 _____ () C:\Users\VETO\Downloads\Lanterns of Skyrim preset-37716-.zip
2014-03-03 21:25 - 2014-03-03 21:25 - 00003898 _____ () C:\Users\VETO\Downloads\EWIs High SkyrimPrefs and inis v01e-51033-v01e.rar
2014-03-03 21:24 - 2014-03-03 21:24 - 00014171 _____ () C:\Users\VETO\Downloads\ENBoost 5_0-38649-5-0.zip
2014-03-03 21:21 - 2014-03-03 21:21 - 02434109 _____ () C:\Users\VETO\Downloads\enbseries_skyrim_v0251.zip
2014-03-03 21:11 - 2013-04-02 19:14 - 00000000 ____D () C:\Users\VETO\Documents\Word
2014-03-03 17:46 - 2014-01-05 16:49 - 00000000 ____D () C:\Users\VETO\AppData\Roaming\.minecraft
2014-03-02 16:49 - 2014-03-02 16:49 - 00048529 _____ () C:\Users\VETO\Downloads\occupy_wallstreet.jpeg.size.xxlarge.letterbox.jpeg
2014-03-02 16:48 - 2014-03-02 16:48 - 00072749 _____ () C:\Users\VETO\Downloads\Occupy Toronto protesters are primed to take over Bay Street   iPolitics.htm
2014-03-02 16:48 - 2014-03-02 16:48 - 00000000 ____D () C:\Users\VETO\Downloads\Occupy Toronto protesters are primed to take over Bay Street   iPolitics_files
2014-03-01 22:56 - 2014-03-01 22:56 - 00020958 _____ () C:\Users\VETO\Downloads\polls_corpnews_5659_155503_poll_xlarge.jpeg
2014-03-01 14:52 - 2014-03-01 14:52 - 00139866 _____ () C:\Users\VETO\Downloads\iqbaltopp_I001635_-1.jpeg
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 14:52 - 2014-01-29 19:58 - 00001447 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 14:15 - 2013-01-16 21:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-01 14:13 - 2013-01-16 12:15 - 00000000 ____D () C:\Users\VETO
2014-02-28 19:26 - 2014-02-28 19:26 - 00278528 _____ () C:\Users\VETO\Downloads\image.jpeg
2014-02-27 16:10 - 2014-02-27 16:10 - 03418771 _____ (BOSS Development Team) C:\Users\VETO\Downloads\BOSS v2.1.1 Installer.exe
2014-02-27 16:00 - 2014-02-27 15:48 - 426895712 _____ () C:\Users\VETO\Downloads\Aether Suite.7z
2014-02-26 21:16 - 2014-02-26 21:16 - 00266051 _____ () C:\Users\VETO\Downloads\skse_1_06_16_installer.exe
2014-02-26 21:16 - 2014-02-19 20:35 - 00000965 _____ () C:\Users\VETO\Desktop\Skyrim (SKSE).lnk
2014-02-26 21:09 - 2014-02-26 21:09 - 00560881 _____ () C:\Users\VETO\Downloads\Isaac Auto Level Version-24298-1-2.rar
2014-02-26 21:07 - 2014-02-26 21:05 - 225770923 _____ () C:\Users\VETO\Downloads\FAR - Forgotten Argonian Roots - 4k-42043-.zip
2014-02-26 21:06 - 2014-02-26 21:06 - 21963119 _____ () C:\Users\VETO\Downloads\Thanatos as Durnehviir Copper-35576-1-0.7z
2014-02-26 21:05 - 2014-02-26 21:05 - 07722613 _____ () C:\Users\VETO\Downloads\Female head MAIN version fix-42043-.rar
2014-02-26 20:54 - 2014-02-26 20:53 - 74146532 _____ () C:\Users\VETO\Downloads\Kankaraya-49292-2-04.7z
2014-02-26 20:19 - 2014-02-26 20:18 - 85125791 _____ () C:\Users\VETO\Downloads\REPLACER_ETERNAL_SHINE_WEAPONS-17582.rar
2014-02-26 20:18 - 2014-02-26 20:18 - 62960818 _____ () C:\Users\VETO\Downloads\REPLACER_ETERNAL_SHINE_SET-17582.rar
2014-02-26 19:53 - 2014-02-26 19:53 - 02461206 _____ () C:\Users\VETO\Downloads\Yakkuru-50320-1-5.7z
2014-02-26 19:49 - 2014-02-26 19:49 - 00000605 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-02-26 19:49 - 2013-01-17 18:54 - 00000000 ____D () C:\Users\VETO\AppData\Local\Black_Tree_Gaming
2014-02-23 23:02 - 2014-02-23 23:02 - 00928395 _____ () C:\Users\VETO\Downloads\AajKiRaat-AlishaChinaiMahalaxmiSonuNigam.m4r
2014-02-23 18:12 - 2014-02-23 18:08 - 04745425 _____ () C:\Users\VETO\Downloads\Hoth-24666-3.7z
2014-02-23 18:10 - 2014-02-23 18:10 - 00130583 _____ () C:\Users\VETO\Downloads\First Person 1_6-49036-1-6.zip
2014-02-22 22:56 - 2014-02-22 22:56 - 04149856 _____ (Black Tree Gaming ) C:\Users\VETO\Downloads\Nexus Mod Manager-0.47.3.exe
2014-02-22 19:50 - 2014-01-01 21:46 - 00000000 ____D () C:\Users\VETO\AppData\Roaming\Apple Computer
2014-02-21 08:21 - 2013-03-20 20:00 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys
2014-02-20 20:20 - 2013-01-17 08:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 20:20 - 2013-01-17 08:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 20:20 - 2013-01-17 08:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 17:47 - 2009-07-13 23:45 - 03465352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-20 14:26 - 2013-01-17 07:57 - 00119272 _____ () C:\Users\VETO\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 14:12 - 2014-02-20 14:12 - 00002032 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-02-20 14:12 - 2014-02-20 14:12 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-02-20 14:12 - 2014-01-07 21:28 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-20 14:12 - 2013-01-16 21:27 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-20 14:12 - 2013-01-16 21:27 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-20 14:12 - 2013-01-16 21:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-20 14:12 - 2013-01-16 21:27 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-20 14:12 - 2013-01-16 21:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-19 20:31 - 2013-11-17 18:16 - 00000000 ____D () C:\Steam
2014-02-19 18:41 - 2013-01-17 08:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-19 18:11 - 2014-02-19 18:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:35 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 16:38 - 2013-08-14 16:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 16:38 - 2013-01-17 08:19 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 15:40 - 2013-10-26 21:23 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 15:40 - 2013-10-26 21:23 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 15:21 - 2013-06-22 11:49 - 00833266 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-11 20:22 - 2014-02-09 22:54 - 00000000 ____D () C:\Users\VETO\Desktop\76561198081560718
2014-02-09 22:51 - 2014-02-06 22:50 - 00000495 _____ () C:\Users\VETO\Desktop\profile.bin
2014-02-09 14:51 - 2009-07-14 00:08 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-08 13:44 - 2014-02-08 13:37 - 00000000 ____D () C:\Users\VETO\Documents\My Cheat Tables
2014-02-08 13:37 - 2014-02-08 13:37 - 00000605 _____ () C:\Users\VETO\Desktop\Cheat Engine.lnk
2014-02-08 13:34 - 2014-02-19 18:09 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-08 13:34 - 2014-02-19 18:09 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00483104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00408352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00378656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-08 13:34 - 2013-07-05 16:37 - 14669032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-08 13:34 - 2013-01-17 08:33 - 18257576 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-08 13:34 - 2013-01-17 08:33 - 17715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-08 13:34 - 2013-01-17 08:33 - 02713728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-08 13:34 - 2013-01-17 08:16 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-02-08 13:34 - 2013-01-17 08:16 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-02-08 13:34 - 2012-10-10 21:23 - 03090184 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-02-08 13:34 - 2012-10-10 21:23 - 00947296 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-02-08 13:34 - 2012-10-10 21:22 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-02-08 12:42 - 2013-01-17 08:16 - 06712608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-02-08 12:42 - 2013-01-17 08:16 - 03498272 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-02-08 12:42 - 2013-01-17 08:16 - 00923936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-02-08 12:42 - 2013-01-17 08:16 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-02-08 12:42 - 2013-01-17 08:16 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-02-08 11:18 - 2014-02-19 18:41 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-02-06 22:48 - 2013-11-17 18:51 - 00000000 ____D () C:\Users\VETO\Documents\my games
2014-02-06 22:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-02-06 21:29 - 2013-02-11 22:47 - 00000000 ____D () C:\Users\VETO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-06 07:16 - 2014-02-15 15:20 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-15 15:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-15 15:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-15 15:20 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-15 15:20 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-15 15:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-15 15:20 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-15 15:20 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-15 15:20 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-15 15:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-15 15:20 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-15 15:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-15 15:20 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-15 15:20 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-15 15:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-15 15:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-15 15:20 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-15 15:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-15 15:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-15 15:20 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-15 15:20 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-15 15:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-15 15:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-15 15:20 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-15 15:20 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-15 15:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-15 15:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-15 15:20 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-02-15 15:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-02-15 15:20 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-15 15:20 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-15 15:20 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-15 15:20 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-15 15:20 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-15 15:20 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-15 15:20 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-15 15:20 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-15 15:20 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-15 15:20 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 16:26 - 2013-01-17 08:32 - 00000000 ____D () C:\Users\VETO\AppData\Roaming\Adobe
2014-02-05 12:52 - 2013-01-17 08:16 - 03573739 _____ () C:\Windows\system32\nvcoproc.bin
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2014-01-29 22:46] - [2011-02-25 01:19] - 2388992 ____A (Microsoft Corporation) A35C883FFA8746CCEAC8605318C6788A
 
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-28 19:53
 
==================== End Of Log ============================
 

 
Addition.txt--------------------------------------------------------------------------------
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2014 01
Ran by VETO at 2014-03-07 15:39:46
Running from C:\Users\VETO\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version:  - Rockstar New England)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
EA Installer (HKLM-x32\...\EA Installer.2065989927) (Version: 2.2.0.62 - Electronic Arts, Inc.)
Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
IMVU Avatar Chat Software (HKCU\...\IMVU Avatar chat client software BETA) (Version:  - )
Intel® Network Connections 17.2.154.0 (HKLM\...\PROSetDX) (Version: 17.2.154.0 - Intel)
Intel® Network Connections 17.2.154.0 (Version: 17.2.154.0 - Intel) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (BWDATOOLSET) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-8fa90885-ade5-4b94-bace-edd5ae3f89d1) (Version:  - Epic Games, Inc.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.47.3 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Control Panel 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0.2 r2161 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Smart Technology Programming Software 7.0.0.26 (HKLM\...\{B16730D8-C156-46DF-860F-C5489C5ADEC5}) (Version: 7.0.0.26 - Mad Catz)
Smart Technology Volume Tracker 7.0.0.26 (HKLM\...\{946DC23F-55CE-4D36-91FF-84588B94049A}) (Version: 7.0.0.26 - Mad Catz)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
 
==================== Restore Points  =========================
 
05-03-2014 21:31:37 Installed DirectX
05-03-2014 21:31:43 Installed NVIDIA PhysX
 
==================== Hosts content: ==========================
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {1A391A68-5D0D-4313-B1AB-731B041E4BB3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-26] (Google Inc.)
Task: {3505563E-8926-49D5-B188-C622BD3B5059} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {38D6DBDE-9278-41C9-94A4-41A2892004AC} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PRIME-VETO PRIME => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-01-14] (Microsoft Corporation)
Task: {3EA612F6-ED92-4FE1-9786-C946D57C2459} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => E:\Spybot\SDImmunize.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {4C7D32F8-F090-4097-84EC-DAC98D25528C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {6C2D3A80-9CD0-46FB-B2E5-50CCCF64317B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-26] (Google Inc.)
Task: {70609A25-6C5C-4A45-A7B2-3DFF6C11D42A} - System32\Tasks\{A810C807-0997-4FF9-A604-F01261C9E704} => Chrome.exe http://ui.skype.com/ui/0/6.10.60.104/en/abandoninstall?page=tsBing
Task: {850D5212-B857-4C8D-9567-6EADE51DBD32} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => E:\Spybot\SDScan.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {85972CA5-49BB-4BF5-93B5-A11238A666A5} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8EEEE90E-6AF9-4B14-97BD-05FD905FA005} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => E:\Spybot\SDUpdate.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {9EF775AC-CD9A-401F-ADA2-D3A4EAA19FAE} - System32\Tasks\AdobeAAMUpdater-1.0-PRIME-VETO => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {9FBAA3BB-3F1A-4B1B-A5E4-7B446830C3CF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-20] (AVAST Software)
Task: {BBFE7953-C1BE-4582-91B3-92F5F1AB2457} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CF833983-6AA6-464F-BBBC-08E1842D7856} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-01-17 08:16 - 2014-02-08 12:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-20 18:12 - 2013-10-31 09:07 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-11-20 18:12 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-11-20 18:12 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2011-05-31 01:38 - 2011-05-31 01:38 - 00062976 _____ () C:\Windows\system32\bdmpega64.acm
2014-03-07 13:49 - 2014-03-07 04:38 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030700\algo.dll
2014-03-07 14:57 - 2014-03-07 13:45 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030701\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-07 22:54 - 2012-08-23 10:38 - 00574840 _____ () E:\Spybot\sqlite3.dll
2014-01-07 22:54 - 2013-05-16 10:55 - 00113496 _____ () E:\Spybot\snlThirdParty150.bpl
2014-01-07 22:54 - 2013-05-16 10:55 - 00416600 _____ () E:\Spybot\DEC150.bpl
2014-01-07 22:54 - 2013-05-16 10:55 - 00161112 _____ () E:\Spybot\snlFileFormats150.bpl
2014-01-07 22:54 - 2012-04-03 17:06 - 00565640 _____ () E:\Spybot\av\BDSmartDB.dll
2014-03-05 16:46 - 2014-03-01 21:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-05 16:46 - 2014-03-01 21:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-05 16:46 - 2014-03-01 21:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-05 16:46 - 2014-03-01 21:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-05 16:46 - 2014-03-01 21:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-05 16:46 - 2014-03-01 21:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2013-12-07 22:17 - 2013-12-07 22:17 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: CscService => 2
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
 
==================== Faulty Device Manager Devices =============
 
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/07/2014 02:57:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/07/2014 02:30:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/07/2014 02:26:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/07/2014 02:01:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/07/2014 01:48:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/06/2014 04:25:48 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
Error: (03/06/2014 04:06:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/05/2014 09:57:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: CreationKit.exe, version: 1.9.32.0, time stamp: 0x51437c1c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x206819b9
Faulting process id: 0x18bc
Faulting application start time: 0xCreationKit.exe0
Faulting application path: CreationKit.exe1
Faulting module path: CreationKit.exe2
Report Id: CreationKit.exe3
 
Error: (03/05/2014 09:54:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: CreationKit.exe, version: 1.9.32.0, time stamp: 0x51437c1c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7463656a
Faulting process id: 0x17c8
Faulting application start time: 0xCreationKit.exe0
Faulting application path: CreationKit.exe1
Faulting module path: CreationKit.exe2
Report Id: CreationKit.exe3
 
Error: (03/05/2014 08:42:49 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
 
System errors:
=============
Error: (03/07/2014 02:59:09 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error: 
%%126
 
Error: (03/07/2014 02:57:05 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service depends on the Secondary Logon service which failed to start because of the following error: 
%%1058
 
Error: (03/07/2014 02:29:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (03/07/2014 02:28:32 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (03/07/2014 02:28:32 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (03/07/2014 02:28:32 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (03/07/2014 02:28:32 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (03/07/2014 02:28:32 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (03/07/2014 02:28:32 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (03/07/2014 02:28:31 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (03/07/2014 02:57:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/07/2014 02:30:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/07/2014 02:26:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/07/2014 02:01:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/07/2014 01:48:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/06/2014 04:25:48 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
Error: (03/06/2014 04:06:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/05/2014 09:57:55 PM) (Source: Application Error)(User: )
Description: CreationKit.exe1.9.32.051437c1cunknown0.0.0.000000000c0000005206819b918bc01cf38e75dc4c72dE:\Steam\steamapps\common\skyrim\CreationKit.exeunknown1d14af3c-a4db-11e3-abb7-3085a9955961
 
Error: (03/05/2014 09:54:10 PM) (Source: Application Error)(User: )
Description: CreationKit.exe1.9.32.051437c1cunknown0.0.0.000000000c00000057463656a17c801cf38e6da683175E:\Steam\steamapps\common\skyrim\CreationKit.exeunknown972b4fc0-a4da-11e3-abb7-3085a9955961
 
Error: (03/05/2014 08:42:49 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 11%
Total physical RAM: 32739.61 MB
Available physical RAM: 28971.49 MB
Total Pagefile: 65477.4 MB
Available Pagefile: 61544.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.69 GB) (Free:46.19 GB) NTFS
Drive e: (Storage) (Fixed) (Total:2794.39 GB) (Free:2424.76 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: B1639890)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2795 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:52 AM

Posted 07 March 2014 - 04:17 PM

All right.


Step 1

Please visit VirusTotal and scan a file as follows:

  • Click on Choose File.
  • Copy and paste the following into the file name textbox:
    c:\windows\explorer.exe
    and click Open.
  • Now hit the Scan it! button on the website to scan the selected file.
  • If you get the message

    File already analysed - This file was last analyse by VirusTotal on ....

    then click on Reanalyse!
  • Wait until the scan has finished.
  • Copy the URL from your browsers address bar and paste it in your next reply.

 

 

 

Step 2

  • Start FRST with Administrator privileges.
  • Write the following text into the Search: textbox:
    explorer.exe
  • Click on the Search File(s) button.
  • When finished, a log file (Search.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


#5 Inriser

Inriser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:52 PM

Posted 07 March 2014 - 04:44 PM

https://www.virustotal.com/en/file/a5ca1245dc8f4893e87d0d342f86b2c43d08dec3f4f3e18a0caed0a0dbc54afd/analysis/1394228451/

 

Farbar Recovery Scan Tool (x64) Version: 07-03-2014 01
Ran by VETO at 2014-03-07 16:43:53
Running from C:\Users\VETO\Desktop
Boot Mode: Normal
 
================== Search: "explorer.exe" ===================
 
C:\Windows\explorer.exe
[2014-01-29 22:46] - [2011-02-25 01:19] - 2388992 ____A (Microsoft Corporation) A35C883FFA8746CCEAC8605318C6788A
 
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2013-01-17 08:11] - [2011-02-26 00:19] - 2616320 ____A (Microsoft Corporation) 0FB9C74046656D1579A64660AD67B746
 
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2013-01-17 08:11] - [2011-02-25 00:30] - 2616320 ____A (Microsoft Corporation) 8B88EBBB05A0E56B7DCC708498C02B3E
 
C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010-11-20 22:24] - [2010-11-20 22:24] - 2616320 ____A (Microsoft Corporation) 40D777B7A95E00593EB1568C68514493
 
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2013-01-17 08:11] - [2011-02-26 01:14] - 2871808 ____A (Microsoft Corporation) 3B69712041F3D63605529BD66DC00C48
 
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2013-01-17 08:11] - [2011-02-25 01:19] - 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3
 
C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010-11-20 22:24] - [2010-11-20 22:24] - 2872320 ____A (Microsoft Corporation) AC4C51EB24AA95B77F705AB159189E24
 
C:\Windows\SysWOW64\explorer.exe
[2013-01-17 08:11] - [2011-02-25 00:30] - 2616320 ____A (Microsoft Corporation) 8B88EBBB05A0E56B7DCC708498C02B3E
 
====== End Of Search ======


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:52 AM

Posted 07 March 2014 - 05:15 PM

I'm not so sure yet what to make of it.. It looks like a false-positive by avast. But an apparently unique system file should raise an eyebrow too..
So let's try this:


Step 1

Let's check the integrity of Windows system files:

  • Please open Start -> All Programs -> Accessories, right-click on Command prompt and choose "Run as administrator".
  • Enter the following command into the prompt:

    sfc /scannow

    and hit Enter.
  • The program searches for missing or corrupted system files and tries to replace them.
  • When it is done reboot you computer.
  • Then open Start -> All Programs -> Windows Update, click on the left side on Check for updates and click on Install updates if there are any.

 

 

 

Step 2

Reboot your computer first.
Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#7 Inriser

Inriser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:52 PM

Posted 07 March 2014 - 06:29 PM

Oh by the way (I should of said this earlier). I am unable to use windows explorer, when I try to run it from the task manager I get this:

 

334j900.jpg



#8 Inriser

Inriser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:52 PM

Posted 07 March 2014 - 06:36 PM

After replacing some corrupted files I can now use windows explorer again!
 
----------------------------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014 01
Ran by VETO (administrator) on PRIME on 07-03-2014 18:35:22
Running from C:\Users\VETO\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Safer-Networking Ltd.) E:\Spybot\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
(Safer-Networking Ltd.) E:\Spybot\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Saitek) C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe
(Saitek) C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
(Saitek) C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Akamai Technologies, Inc.) C:\Users\VETO\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\VETO\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
(Adobe Systems Incorporated) E:\Photoshop\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
() C:\Program Files\Rainmeter\Rainmeter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) E:\Spybot\SDTray.exe
(Apple Inc.) E:\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2013-01-16] (Realtek Semiconductor)
HKLM\...\Run: [SaiVolume] - C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe [186880 2010-04-21] (Saitek)
HKLM\...\Run: [ProfilerU] - C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [378880 2010-04-21] (Saitek)
HKLM\...\Run: [SaiMfd] - C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [195072 2010-04-21] (Saitek)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-20] (AVAST Software)
HKLM-x32\...\Run: [SDTray] - E:\Spybot\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] - E:\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-734638345-3446768046-2017789806-1000\...\Run: [Akamai NetSession Interface] - C:\Users\VETO\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-734638345-3446768046-2017789806-1000\...\Run: [HP Photosmart 7520 series (NET)] - C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-734638345-3446768046-2017789806-1000\...\Run: [CAHeadless] - E:\Photoshop\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1400224 2013-09-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-734638345-3446768046-2017789806-1000\...\Run: [Spybot-S&D Cleaning] - E:\Spybot\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
Startup: C:\Users\VETO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\VETO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x020D04CBB6F4CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKCU - DefaultScope {681ED8F2-AFB9-46AE-9847-E29E3BCA5F02} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2612669&CUI=UN19586799541413612&UM=2
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {7623BE59-D4CF-4379-ABC4-B39E11854D66} http://labo.erinn.biz/cs/mabiweb.2012.04.25.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Logitech SetPoint) - C:\Users\VETO\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-12-02]
CHR Extension: (AdBlock) - C:\Users\VETO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-26]
CHR Extension: (avast! Online Security) - C:\Users\VETO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-26]
CHR Extension: (Google Wallet) - C:\Users\VETO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR HKCU\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\VETO\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-12-02]
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\VETO\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-12-02]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [oopdmcnionefjjnmchkiimificckpkif] - C:\Users\VETO\AppData\Local\CRE\oopdmcnionefjjnmchkiimificckpkif.crx [2013-12-28]
 
==================== Services (Whitelisted) =================
 
S2 AdobeActiveFileMonitor12.0; E:\Photoshop\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-20] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-02-20] (AVAST Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 SDScannerService; E:\Spybot\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; E:\Spybot\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; E:\Spybot\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-18] (AVG Secure Search)
S2 HPSLPSVC; C:\Users\VETO\AppData\Local\Temp\7zS0673\hpslpsvc64.dll [X]
 
==================== Drivers (Whitelisted) ====================
 
S3 AE3000; C:\Windows\System32\DRIVERS\AE3000w764.sys [1717824 2012-03-02] (Ralink Technology Corp.)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-20] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-02-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-20] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-07] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-18] (AVG Technologies)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-07-15] (REALiX™)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 SaiK8014; C:\Windows\System32\DRIVERS\SaiK8014.sys [174600 2010-07-27] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [22664 2010-04-22] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [49928 2010-04-22] (Saitek)
S3 ALSysIO; \??\C:\Users\VETO\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-07 16:43 - 2014-03-07 16:44 - 00001942 _____ () C:\Users\VETO\Desktop\Search.txt
2014-03-07 15:39 - 2014-03-07 18:35 - 00015561 _____ () C:\Users\VETO\Desktop\FRST.txt
2014-03-07 15:39 - 2014-03-07 18:35 - 00000000 ____D () C:\FRST
2014-03-07 15:39 - 2014-03-07 15:39 - 00028645 _____ () C:\Users\VETO\Desktop\Addition.txt
2014-03-07 15:35 - 2014-03-07 15:35 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\VETO\Desktop\tdsskiller (1).exe
2014-03-07 15:33 - 2014-03-07 15:34 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\VETO\Desktop\tdsskiller.exe
2014-03-07 15:33 - 2014-03-07 15:33 - 02156544 _____ (Farbar) C:\Users\VETO\Desktop\FRST64.exe
2014-03-07 15:12 - 2014-03-07 15:12 - 00688992 ____R (Swearware) C:\Users\VETO\Desktop\dds.com
2014-03-07 15:12 - 2014-03-07 15:12 - 00688992 _____ (Swearware) C:\Users\VETO\Downloads\dds (1).com
2014-03-07 15:06 - 2014-03-07 15:06 - 01244192 _____ () C:\Users\VETO\Downloads\AdwCleaner.exe
2014-03-07 15:04 - 2014-03-07 15:13 - 00019640 _____ () C:\Users\VETO\Desktop\dds.txt
2014-03-07 15:04 - 2014-03-07 15:13 - 00010087 _____ () C:\Users\VETO\Desktop\attach.txt
2014-03-07 15:03 - 2014-03-07 15:03 - 00688992 ____R (Swearware) C:\Users\VETO\Downloads\dds.com
2014-03-06 16:19 - 2014-03-06 16:19 - 00338405 _____ () C:\Users\VETO\Downloads\Windows Resource Pack-40676-1-0.zip
2014-03-06 16:19 - 2014-03-06 16:19 - 00315106 _____ () C:\Users\VETO\Downloads\Crates Of Stuff-36756-.7z
2014-03-06 16:18 - 2014-03-06 16:18 - 64288585 _____ () C:\Users\VETO\Downloads\Architectural Mesh Expansion-38550-1-0.rar
2014-03-06 16:18 - 2014-03-06 16:18 - 39351405 _____ () C:\Users\VETO\Downloads\FPI Experiment Pack 1-43143-1-0.zip
2014-03-06 16:16 - 2014-03-06 16:16 - 07580325 _____ () C:\Users\VETO\Downloads\Open Books Library-42362-1-3.zip
2014-03-06 16:16 - 2014-03-06 16:16 - 03370362 _____ () C:\Users\VETO\Downloads\3 Shelf Scrolls-16430-1-0.rar
2014-03-06 16:16 - 2014-03-06 16:16 - 02788435 _____ () C:\Users\VETO\Downloads\3 Shelf Scrolls - other shelf-16430-v1-0.rar
2014-03-06 16:16 - 2014-03-06 16:16 - 02443741 _____ () C:\Users\VETO\Downloads\Strotis Kitchen Tools -42690-1-1.7z
2014-03-06 16:15 - 2014-03-06 16:15 - 34633164 _____ () C:\Users\VETO\Downloads\Rug Resource-17303-1-0.rar
2014-03-06 16:15 - 2014-03-06 16:15 - 26866293 _____ () C:\Users\VETO\Downloads\Water plants 2048-29486-1-0.zip
2014-03-06 16:15 - 2014-03-06 16:15 - 10883756 _____ () C:\Users\VETO\Downloads\New Plants V 1_2-22018-1-2.7z
2014-03-06 16:14 - 2014-03-06 16:14 - 02853260 _____ () C:\Users\VETO\Downloads\yurufuwa rabbit-38138-1.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 01624181 _____ () C:\Users\VETO\Downloads\foodcontainer-14133-1-0.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 01056055 _____ () C:\Users\VETO\Downloads\mesh-14135-1-0.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 00927776 _____ () C:\Users\VETO\Downloads\mesh-14136-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 01421724 _____ () C:\Users\VETO\Downloads\Ingredients Wall Art Resource-30602-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 00491303 _____ () C:\Users\VETO\Downloads\AlchemyClutterResource-30599-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 00416525 _____ () C:\Users\VETO\Downloads\Ingredients Drawer Resource-30600-1-0.7z
2014-03-06 16:11 - 2014-03-06 16:12 - 18664000 _____ () C:\Users\VETO\Downloads\PaintingsFrames-17423-1-0.zip
2014-03-06 16:11 - 2014-03-06 16:12 - 104283904 _____ () C:\Users\VETO\Downloads\Pack5_0-26132-5-0.zip
2014-03-06 16:11 - 2014-03-06 16:11 - 12696207 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 CORE-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 06420260 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 FORGE-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 02219655 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 JARS-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 01208398 _____ () C:\Users\VETO\Downloads\mesh_textures-14134-1-0.7z
2014-03-06 16:06 - 2014-03-07 18:34 - 00000840 _____ () C:\Windows\setupact.log
2014-03-06 16:06 - 2014-03-06 16:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 22:02 - 2014-03-05 22:02 - 00005138 _____ () C:\Users\VETO\Downloads\SKSE INI should be NMM installable now-34858-.rar
2014-03-05 21:37 - 2014-03-05 21:37 - 79128665 _____ () C:\Users\VETO\Downloads\Vindictus Pack.rar
2014-03-05 21:37 - 2014-03-05 21:37 - 19593568 _____ () C:\Users\VETO\Downloads\Tieve Clothing.rar
2014-03-05 16:31 - 2014-03-05 16:31 - 00000000 ____D () C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2014-03-03 21:39 - 2014-03-03 21:39 - 02434109 _____ () C:\Users\VETO\Downloads\enbseries_skyrim_v0251 (1).zip
2014-03-03 21:38 - 2014-03-03 21:38 - 03910231 _____ () C:\Users\VETO\Downloads\Somber Antique 2-37716-2-13-250.zip
2014-03-03 21:38 - 2014-03-03 21:38 - 00000491 _____ () C:\Users\VETO\Downloads\Lanterns of Skyrim preset-37716-.zip
2014-03-03 21:25 - 2014-03-03 21:25 - 00003898 _____ () C:\Users\VETO\Downloads\EWIs High SkyrimPrefs and inis v01e-51033-v01e.rar
2014-03-03 21:24 - 2014-03-03 21:24 - 00014171 _____ () C:\Users\VETO\Downloads\ENBoost 5_0-38649-5-0.zip
2014-03-03 21:21 - 2014-03-03 21:21 - 02434109 _____ () C:\Users\VETO\Downloads\enbseries_skyrim_v0251.zip
2014-03-02 16:49 - 2014-03-02 16:49 - 00048529 _____ () C:\Users\VETO\Downloads\occupy_wallstreet.jpeg.size.xxlarge.letterbox.jpeg
2014-03-02 16:48 - 2014-03-02 16:48 - 00072749 _____ () C:\Users\VETO\Downloads\Occupy Toronto protesters are primed to take over Bay Street   iPolitics.htm
2014-03-02 16:48 - 2014-03-02 16:48 - 00000000 ____D () C:\Users\VETO\Downloads\Occupy Toronto protesters are primed to take over Bay Street   iPolitics_files
2014-03-01 22:56 - 2014-03-01 22:56 - 00020958 _____ () C:\Users\VETO\Downloads\polls_corpnews_5659_155503_poll_xlarge.jpeg
2014-03-01 14:52 - 2014-03-01 14:52 - 00139866 _____ () C:\Users\VETO\Downloads\iqbaltopp_I001635_-1.jpeg
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 19:26 - 2014-02-28 19:26 - 00278528 _____ () C:\Users\VETO\Downloads\image.jpeg
2014-02-27 16:10 - 2014-02-27 16:10 - 03418771 _____ (BOSS Development Team) C:\Users\VETO\Downloads\BOSS v2.1.1 Installer.exe
2014-02-27 15:48 - 2014-02-27 16:00 - 426895712 _____ () C:\Users\VETO\Downloads\Aether Suite.7z
2014-02-26 21:16 - 2014-02-26 21:16 - 00266051 _____ () C:\Users\VETO\Downloads\skse_1_06_16_installer.exe
2014-02-26 21:09 - 2014-02-26 21:09 - 00560881 _____ () C:\Users\VETO\Downloads\Isaac Auto Level Version-24298-1-2.rar
2014-02-26 21:06 - 2014-02-26 21:06 - 21963119 _____ () C:\Users\VETO\Downloads\Thanatos as Durnehviir Copper-35576-1-0.7z
2014-02-26 21:05 - 2014-02-26 21:07 - 225770923 _____ () C:\Users\VETO\Downloads\FAR - Forgotten Argonian Roots - 4k-42043-.zip
2014-02-26 21:05 - 2014-02-26 21:05 - 07722613 _____ () C:\Users\VETO\Downloads\Female head MAIN version fix-42043-.rar
2014-02-26 20:53 - 2014-02-26 20:54 - 74146532 _____ () C:\Users\VETO\Downloads\Kankaraya-49292-2-04.7z
2014-02-26 20:18 - 2014-02-26 20:19 - 85125791 _____ () C:\Users\VETO\Downloads\REPLACER_ETERNAL_SHINE_WEAPONS-17582.rar
2014-02-26 20:18 - 2014-02-26 20:18 - 62960818 _____ () C:\Users\VETO\Downloads\REPLACER_ETERNAL_SHINE_SET-17582.rar
2014-02-26 19:53 - 2014-02-26 19:53 - 02461206 _____ () C:\Users\VETO\Downloads\Yakkuru-50320-1-5.7z
2014-02-26 19:49 - 2014-02-26 19:49 - 00000605 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-02-25 17:32 - 2014-03-05 21:42 - 00000000 ____D () C:\Users\VETO\Documents\Nexus Mod Manager
2014-02-23 23:02 - 2014-02-23 23:02 - 00928395 _____ () C:\Users\VETO\Downloads\AajKiRaat-AlishaChinaiMahalaxmiSonuNigam.m4r
2014-02-23 18:10 - 2014-02-23 18:10 - 00130583 _____ () C:\Users\VETO\Downloads\First Person 1_6-49036-1-6.zip
2014-02-23 18:08 - 2014-02-23 18:12 - 04745425 _____ () C:\Users\VETO\Downloads\Hoth-24666-3.7z
2014-02-22 22:56 - 2014-02-22 22:56 - 04149856 _____ (Black Tree Gaming ) C:\Users\VETO\Downloads\Nexus Mod Manager-0.47.3.exe
2014-02-20 14:12 - 2014-02-20 14:12 - 00002032 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-02-20 14:12 - 2014-02-20 14:12 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-02-19 20:35 - 2014-02-26 21:16 - 00000965 _____ () C:\Users\VETO\Desktop\Skyrim (SKSE).lnk
2014-02-19 18:41 - 2014-02-08 11:18 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-02-19 18:11 - 2014-02-19 18:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-19 18:09 - 2014-02-08 13:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-19 18:09 - 2014-02-08 13:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00483104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00408352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00378656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-19 18:09 - 2014-02-08 13:34 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-17 13:40 - 2014-03-07 18:32 - 00490463 _____ () C:\Windows\WindowsUpdate.log
2014-02-15 15:20 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-15 15:20 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-15 15:20 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-15 15:20 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-15 15:20 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-15 15:20 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-15 15:20 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-15 15:20 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-15 15:20 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-15 15:20 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-15 15:20 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-15 15:20 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-15 15:20 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-15 15:20 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-15 15:20 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-15 15:20 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-15 15:20 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-15 15:20 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-15 15:20 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-15 15:20 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-15 15:20 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-15 15:20 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 15:20 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-15 15:20 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-15 15:20 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-15 15:20 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-15 15:20 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-15 15:20 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-15 15:20 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-15 15:20 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-15 15:20 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-15 15:20 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-15 15:20 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-15 15:20 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-15 15:20 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-15 15:20 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-15 15:20 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-15 15:20 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-15 15:20 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-15 15:20 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 15:20 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 16:07 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 16:07 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 16:06 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 16:06 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 16:06 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 16:06 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 16:06 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 16:06 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 16:06 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 16:06 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 16:06 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 16:06 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 16:06 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 16:06 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 16:06 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 16:06 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 16:06 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 16:06 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 16:06 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 16:06 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 16:06 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 16:06 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 16:06 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 16:06 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 16:06 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 16:06 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 16:06 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 16:06 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-09 22:54 - 2014-02-11 20:22 - 00000000 ____D () C:\Users\VETO\Desktop\76561198081560718
2014-02-08 13:37 - 2014-02-08 13:44 - 00000000 ____D () C:\Users\VETO\Documents\My Cheat Tables
2014-02-08 13:37 - 2014-02-08 13:37 - 00000605 _____ () C:\Users\VETO\Desktop\Cheat Engine.lnk
2014-02-06 22:50 - 2014-02-09 22:51 - 00000495 _____ () C:\Users\VETO\Desktop\profile.bin
 
==================== One Month Modified Files and Folders =======
 
2014-03-07 18:35 - 2014-03-07 15:39 - 00015561 _____ () C:\Users\VETO\Desktop\FRST.txt
2014-03-07 18:35 - 2014-03-07 15:39 - 00000000 ____D () C:\FRST
2014-03-07 18:35 - 2013-11-20 18:37 - 00004958 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PRIME-VETO PRIME
2014-03-07 18:34 - 2014-03-06 16:06 - 00000840 _____ () C:\Windows\setupact.log
2014-03-07 18:34 - 2013-10-26 21:23 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 18:34 - 2013-01-17 08:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-07 18:34 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 18:32 - 2014-02-17 13:40 - 00490463 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 18:28 - 2013-01-17 08:11 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-07 18:28 - 2013-01-17 08:11 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-03-07 18:20 - 2013-01-17 08:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 17:45 - 2013-10-26 21:23 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 16:44 - 2014-03-07 16:43 - 00001942 _____ () C:\Users\VETO\Desktop\Search.txt
2014-03-07 15:39 - 2014-03-07 15:39 - 00028645 _____ () C:\Users\VETO\Desktop\Addition.txt
2014-03-07 15:35 - 2014-03-07 15:35 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\VETO\Desktop\tdsskiller (1).exe
2014-03-07 15:34 - 2014-03-07 15:33 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\VETO\Desktop\tdsskiller.exe
2014-03-07 15:33 - 2014-03-07 15:33 - 02156544 _____ (Farbar) C:\Users\VETO\Desktop\FRST64.exe
2014-03-07 15:13 - 2014-03-07 15:04 - 00019640 _____ () C:\Users\VETO\Desktop\dds.txt
2014-03-07 15:13 - 2014-03-07 15:04 - 00010087 _____ () C:\Users\VETO\Desktop\attach.txt
2014-03-07 15:12 - 2014-03-07 15:12 - 00688992 ____R (Swearware) C:\Users\VETO\Desktop\dds.com
2014-03-07 15:12 - 2014-03-07 15:12 - 00688992 _____ (Swearware) C:\Users\VETO\Downloads\dds (1).com
2014-03-07 15:07 - 2013-01-19 17:00 - 00000000 ____D () C:\Users\VETO\AppData\Local\Adobe
2014-03-07 15:06 - 2014-03-07 15:06 - 01244192 _____ () C:\Users\VETO\Downloads\AdwCleaner.exe
2014-03-07 15:04 - 2009-07-13 23:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 15:04 - 2009-07-13 23:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 15:03 - 2014-03-07 15:03 - 00688992 ____R (Swearware) C:\Users\VETO\Downloads\dds.com
2014-03-07 15:02 - 2009-07-14 00:13 - 00849400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-06 16:19 - 2014-03-06 16:19 - 00338405 _____ () C:\Users\VETO\Downloads\Windows Resource Pack-40676-1-0.zip
2014-03-06 16:19 - 2014-03-06 16:19 - 00315106 _____ () C:\Users\VETO\Downloads\Crates Of Stuff-36756-.7z
2014-03-06 16:18 - 2014-03-06 16:18 - 64288585 _____ () C:\Users\VETO\Downloads\Architectural Mesh Expansion-38550-1-0.rar
2014-03-06 16:18 - 2014-03-06 16:18 - 39351405 _____ () C:\Users\VETO\Downloads\FPI Experiment Pack 1-43143-1-0.zip
2014-03-06 16:16 - 2014-03-06 16:16 - 07580325 _____ () C:\Users\VETO\Downloads\Open Books Library-42362-1-3.zip
2014-03-06 16:16 - 2014-03-06 16:16 - 03370362 _____ () C:\Users\VETO\Downloads\3 Shelf Scrolls-16430-1-0.rar
2014-03-06 16:16 - 2014-03-06 16:16 - 02788435 _____ () C:\Users\VETO\Downloads\3 Shelf Scrolls - other shelf-16430-v1-0.rar
2014-03-06 16:16 - 2014-03-06 16:16 - 02443741 _____ () C:\Users\VETO\Downloads\Strotis Kitchen Tools -42690-1-1.7z
2014-03-06 16:15 - 2014-03-06 16:15 - 34633164 _____ () C:\Users\VETO\Downloads\Rug Resource-17303-1-0.rar
2014-03-06 16:15 - 2014-03-06 16:15 - 26866293 _____ () C:\Users\VETO\Downloads\Water plants 2048-29486-1-0.zip
2014-03-06 16:15 - 2014-03-06 16:15 - 10883756 _____ () C:\Users\VETO\Downloads\New Plants V 1_2-22018-1-2.7z
2014-03-06 16:14 - 2014-03-06 16:14 - 02853260 _____ () C:\Users\VETO\Downloads\yurufuwa rabbit-38138-1.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 01624181 _____ () C:\Users\VETO\Downloads\foodcontainer-14133-1-0.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 01056055 _____ () C:\Users\VETO\Downloads\mesh-14135-1-0.7z
2014-03-06 16:13 - 2014-03-06 16:13 - 00927776 _____ () C:\Users\VETO\Downloads\mesh-14136-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 01421724 _____ () C:\Users\VETO\Downloads\Ingredients Wall Art Resource-30602-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 00491303 _____ () C:\Users\VETO\Downloads\AlchemyClutterResource-30599-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:12 - 00416525 _____ () C:\Users\VETO\Downloads\Ingredients Drawer Resource-30600-1-0.7z
2014-03-06 16:12 - 2014-03-06 16:11 - 18664000 _____ () C:\Users\VETO\Downloads\PaintingsFrames-17423-1-0.zip
2014-03-06 16:12 - 2014-03-06 16:11 - 104283904 _____ () C:\Users\VETO\Downloads\Pack5_0-26132-5-0.zip
2014-03-06 16:11 - 2014-03-06 16:11 - 12696207 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 CORE-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 06420260 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 FORGE-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 02219655 _____ () C:\Users\VETO\Downloads\Modders Resource Pack 2_0 JARS-16525-2-0.7z
2014-03-06 16:11 - 2014-03-06 16:11 - 01208398 _____ () C:\Users\VETO\Downloads\mesh_textures-14134-1-0.7z
2014-03-06 16:06 - 2014-03-06 16:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 22:10 - 2013-01-17 18:54 - 00000000 ____D () C:\Users\VETO\AppData\Local\Skyrim
2014-03-05 22:02 - 2014-03-05 22:02 - 00005138 _____ () C:\Users\VETO\Downloads\SKSE INI should be NMM installable now-34858-.rar
2014-03-05 21:42 - 2014-02-25 17:32 - 00000000 ____D () C:\Users\VETO\Documents\Nexus Mod Manager
2014-03-05 21:37 - 2014-03-05 21:37 - 79128665 _____ () C:\Users\VETO\Downloads\Vindictus Pack.rar
2014-03-05 21:37 - 2014-03-05 21:37 - 19593568 _____ () C:\Users\VETO\Downloads\Tieve Clothing.rar
2014-03-05 16:31 - 2014-03-05 16:31 - 00000000 ____D () C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2014-03-03 21:39 - 2014-03-03 21:39 - 02434109 _____ () C:\Users\VETO\Downloads\enbseries_skyrim_v0251 (1).zip
2014-03-03 21:38 - 2014-03-03 21:38 - 03910231 _____ () C:\Users\VETO\Downloads\Somber Antique 2-37716-2-13-250.zip
2014-03-03 21:38 - 2014-03-03 21:38 - 00000491 _____ () C:\Users\VETO\Downloads\Lanterns of Skyrim preset-37716-.zip
2014-03-03 21:25 - 2014-03-03 21:25 - 00003898 _____ () C:\Users\VETO\Downloads\EWIs High SkyrimPrefs and inis v01e-51033-v01e.rar
2014-03-03 21:24 - 2014-03-03 21:24 - 00014171 _____ () C:\Users\VETO\Downloads\ENBoost 5_0-38649-5-0.zip
2014-03-03 21:21 - 2014-03-03 21:21 - 02434109 _____ () C:\Users\VETO\Downloads\enbseries_skyrim_v0251.zip
2014-03-03 21:11 - 2013-04-02 19:14 - 00000000 ____D () C:\Users\VETO\Documents\Word
2014-03-03 17:46 - 2014-01-05 16:49 - 00000000 ____D () C:\Users\VETO\AppData\Roaming\.minecraft
2014-03-02 16:49 - 2014-03-02 16:49 - 00048529 _____ () C:\Users\VETO\Downloads\occupy_wallstreet.jpeg.size.xxlarge.letterbox.jpeg
2014-03-02 16:48 - 2014-03-02 16:48 - 00072749 _____ () C:\Users\VETO\Downloads\Occupy Toronto protesters are primed to take over Bay Street   iPolitics.htm
2014-03-02 16:48 - 2014-03-02 16:48 - 00000000 ____D () C:\Users\VETO\Downloads\Occupy Toronto protesters are primed to take over Bay Street   iPolitics_files
2014-03-01 22:56 - 2014-03-01 22:56 - 00020958 _____ () C:\Users\VETO\Downloads\polls_corpnews_5659_155503_poll_xlarge.jpeg
2014-03-01 14:52 - 2014-03-01 14:52 - 00139866 _____ () C:\Users\VETO\Downloads\iqbaltopp_I001635_-1.jpeg
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:52 - 2014-03-01 14:52 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 14:52 - 2014-01-29 19:58 - 00001447 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 14:15 - 2013-01-16 21:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-01 14:13 - 2013-01-16 12:15 - 00000000 ____D () C:\Users\VETO
2014-02-28 19:26 - 2014-02-28 19:26 - 00278528 _____ () C:\Users\VETO\Downloads\image.jpeg
2014-02-27 16:10 - 2014-02-27 16:10 - 03418771 _____ (BOSS Development Team) C:\Users\VETO\Downloads\BOSS v2.1.1 Installer.exe
2014-02-27 16:00 - 2014-02-27 15:48 - 426895712 _____ () C:\Users\VETO\Downloads\Aether Suite.7z
2014-02-26 21:16 - 2014-02-26 21:16 - 00266051 _____ () C:\Users\VETO\Downloads\skse_1_06_16_installer.exe
2014-02-26 21:16 - 2014-02-19 20:35 - 00000965 _____ () C:\Users\VETO\Desktop\Skyrim (SKSE).lnk
2014-02-26 21:09 - 2014-02-26 21:09 - 00560881 _____ () C:\Users\VETO\Downloads\Isaac Auto Level Version-24298-1-2.rar
2014-02-26 21:07 - 2014-02-26 21:05 - 225770923 _____ () C:\Users\VETO\Downloads\FAR - Forgotten Argonian Roots - 4k-42043-.zip
2014-02-26 21:06 - 2014-02-26 21:06 - 21963119 _____ () C:\Users\VETO\Downloads\Thanatos as Durnehviir Copper-35576-1-0.7z
2014-02-26 21:05 - 2014-02-26 21:05 - 07722613 _____ () C:\Users\VETO\Downloads\Female head MAIN version fix-42043-.rar
2014-02-26 20:54 - 2014-02-26 20:53 - 74146532 _____ () C:\Users\VETO\Downloads\Kankaraya-49292-2-04.7z
2014-02-26 20:19 - 2014-02-26 20:18 - 85125791 _____ () C:\Users\VETO\Downloads\REPLACER_ETERNAL_SHINE_WEAPONS-17582.rar
2014-02-26 20:18 - 2014-02-26 20:18 - 62960818 _____ () C:\Users\VETO\Downloads\REPLACER_ETERNAL_SHINE_SET-17582.rar
2014-02-26 19:53 - 2014-02-26 19:53 - 02461206 _____ () C:\Users\VETO\Downloads\Yakkuru-50320-1-5.7z
2014-02-26 19:49 - 2014-02-26 19:49 - 00000605 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-02-26 19:49 - 2013-01-17 18:54 - 00000000 ____D () C:\Users\VETO\AppData\Local\Black_Tree_Gaming
2014-02-23 23:02 - 2014-02-23 23:02 - 00928395 _____ () C:\Users\VETO\Downloads\AajKiRaat-AlishaChinaiMahalaxmiSonuNigam.m4r
2014-02-23 18:12 - 2014-02-23 18:08 - 04745425 _____ () C:\Users\VETO\Downloads\Hoth-24666-3.7z
2014-02-23 18:10 - 2014-02-23 18:10 - 00130583 _____ () C:\Users\VETO\Downloads\First Person 1_6-49036-1-6.zip
2014-02-22 22:56 - 2014-02-22 22:56 - 04149856 _____ (Black Tree Gaming ) C:\Users\VETO\Downloads\Nexus Mod Manager-0.47.3.exe
2014-02-22 19:50 - 2014-01-01 21:46 - 00000000 ____D () C:\Users\VETO\AppData\Roaming\Apple Computer
2014-02-21 08:21 - 2013-03-20 20:00 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys
2014-02-20 20:20 - 2013-01-17 08:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 20:20 - 2013-01-17 08:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 20:20 - 2013-01-17 08:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 17:47 - 2009-07-13 23:45 - 03465352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-20 14:26 - 2013-01-17 07:57 - 00119272 _____ () C:\Users\VETO\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 14:12 - 2014-02-20 14:12 - 00002032 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-02-20 14:12 - 2014-02-20 14:12 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-02-20 14:12 - 2014-01-07 21:28 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-20 14:12 - 2013-01-16 21:27 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-20 14:12 - 2013-01-16 21:27 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-20 14:12 - 2013-01-16 21:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-20 14:12 - 2013-01-16 21:27 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-20 14:12 - 2013-01-16 21:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-19 20:31 - 2013-11-17 18:16 - 00000000 ____D () C:\Steam
2014-02-19 18:41 - 2013-01-17 08:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-19 18:11 - 2014-02-19 18:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:35 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 16:38 - 2013-08-14 16:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 16:38 - 2013-01-17 08:19 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 15:40 - 2013-10-26 21:23 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 15:40 - 2013-10-26 21:23 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 15:21 - 2013-06-22 11:49 - 00833266 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-11 20:22 - 2014-02-09 22:54 - 00000000 ____D () C:\Users\VETO\Desktop\76561198081560718
2014-02-09 22:51 - 2014-02-06 22:50 - 00000495 _____ () C:\Users\VETO\Desktop\profile.bin
2014-02-09 14:51 - 2009-07-14 00:08 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-08 13:44 - 2014-02-08 13:37 - 00000000 ____D () C:\Users\VETO\Documents\My Cheat Tables
2014-02-08 13:37 - 2014-02-08 13:37 - 00000605 _____ () C:\Users\VETO\Desktop\Cheat Engine.lnk
2014-02-08 13:34 - 2014-02-19 18:09 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-08 13:34 - 2014-02-19 18:09 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00483104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00408352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00378656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-08 13:34 - 2014-02-19 18:09 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-08 13:34 - 2013-07-05 16:37 - 14669032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-08 13:34 - 2013-01-17 08:33 - 18257576 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-08 13:34 - 2013-01-17 08:33 - 17715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-08 13:34 - 2013-01-17 08:33 - 02713728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-08 13:34 - 2013-01-17 08:16 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-02-08 13:34 - 2013-01-17 08:16 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-02-08 13:34 - 2012-10-10 21:23 - 03090184 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-02-08 13:34 - 2012-10-10 21:23 - 00947296 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-02-08 13:34 - 2012-10-10 21:22 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-02-08 12:42 - 2013-01-17 08:16 - 06712608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-02-08 12:42 - 2013-01-17 08:16 - 03498272 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-02-08 12:42 - 2013-01-17 08:16 - 00923936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-02-08 12:42 - 2013-01-17 08:16 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-02-08 12:42 - 2013-01-17 08:16 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-02-08 11:18 - 2014-02-19 18:41 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-02-06 22:48 - 2013-11-17 18:51 - 00000000 ____D () C:\Users\VETO\Documents\my games
2014-02-06 22:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-02-06 21:29 - 2013-02-11 22:47 - 00000000 ____D () C:\Users\VETO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-06 07:16 - 2014-02-15 15:20 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-15 15:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-15 15:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-15 15:20 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-15 15:20 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-15 15:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-15 15:20 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-15 15:20 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-15 15:20 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-15 15:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-15 15:20 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-15 15:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-15 15:20 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-15 15:20 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-15 15:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-15 15:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-15 15:20 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-15 15:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-15 15:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-15 15:20 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-15 15:20 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-15 15:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-15 15:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-15 15:20 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-15 15:20 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-15 15:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-15 15:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-15 15:20 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-02-15 15:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-02-15 15:20 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-15 15:20 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-15 15:20 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-15 15:20 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-15 15:20 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-15 15:20 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-15 15:20 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-15 15:20 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-15 15:20 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-15 15:20 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 16:26 - 2013-01-17 08:32 - 00000000 ____D () C:\Users\VETO\AppData\Roaming\Adobe
2014-02-05 12:52 - 2013-01-17 08:16 - 03573739 _____ () C:\Windows\system32\nvcoproc.bin
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-28 19:53
 
==================== End Of Log ============================


#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:52 AM

Posted 07 March 2014 - 06:46 PM

Great! Let's do a final check up then to see if anything else shows up:


Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!

#10 Inriser

Inriser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:52 PM

Posted 07 March 2014 - 11:35 PM

This was literally the longest scan I have ever done for any computer. XD
 
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8316797134acdb4f8c41ec6c942550fa
# engine=17364
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-08 04:24:00
# local_time=2014-03-07 11:24:00 (-0500, Eastern Standard Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=772 16777213 83 82 411119 6861978 0 0
# compatibility_mode=5893 16776573 100 94 0 145796090 0 0
# scanned=266712
# found=9
# cleaned=0
# scan_time=11433
sh=1E3FF58866D59D4658FE8ED7DCA3E9B73F86BD83 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\ProgramData\APN\APN-Stub\W3IV6-G\APNIC.7z"
sh=D6356361CB5D33E62695230274A8C219D18884A5 ft=1 fh=758f4dd0748812c4 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\ProgramData\APN\APN-Stub\W3IV6-G\APNIC.dll"
sh=1E3FF58866D59D4658FE8ED7DCA3E9B73F86BD83 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Users\All Users\APN\APN-Stub\W3IV6-G\APNIC.7z"
sh=D6356361CB5D33E62695230274A8C219D18884A5 ft=1 fh=758f4dd0748812c4 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Users\All Users\APN\APN-Stub\W3IV6-G\APNIC.dll"
sh=B20B0BD8E5CDD280C5DC922FFD896DF50D208CB7 ft=1 fh=59ddf8c2c6946d84 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application" ac=I fn="E:\Cheat Engine 6.3\cheatengine-i386.exe"
sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application" ac=I fn="E:\Cheat Engine 6.3\standalonephase1.dat"
sh=5A256195081DBC13F31C622325802E5BE93781D8 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Conduit.Z potentially unwanted application" ac=I fn="E:\PRIME\Backup Set 2014-01-05 201500\Backup Files 2014-01-19 190000\Backup files 2.zip"
sh=08687920D2184303DD1EF7AF30E2486A5D9151D2 ft=0 fh=0000000000000000 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="E:\PRIME\Backup Set 2014-01-05 201500\Backup Files 2014-01-26 190000\Backup files 2.zip"
sh=EED9E81DD5137A9A678FDBB74E30783132625693 ft=0 fh=0000000000000000 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="E:\PRIME\Backup Set 2014-01-05 201500\Backup Files 2014-02-09 190000\Backup files 2.zip"


#11 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:52 AM

Posted 08 March 2014 - 03:01 PM

Yeah, I was deperately waiting for this darn scan to finally end too many times.. ;)
But it's looking good. No active malware has beend found at all!


That's it! Your logs look clean to me at the moment.
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!



Clean Up

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download DelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

 

 

Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.



#12 Inriser

Inriser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:52 PM

Posted 08 March 2014 - 06:36 PM

Alright! Thank you so much for your help and time!

 

:D

 

I donated! YOU SIR ARE AWESOME!



#13 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:52 AM

Posted 08 March 2014 - 06:47 PM

Thank you very much for your donation!
All the best.

#14 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:52 AM

Posted 08 March 2014 - 06:47 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users