Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue screens keep shutting me down


  • This topic is locked This topic is locked
16 replies to this topic

#1 kreG15

kreG15

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 19 April 2014 - 05:45 AM

Hi,

 

The story goes like this: I was infected with a ransomware (the interpol kind, if it matters), and all I could possibly do to get rid of it was a system restore. So I did it, and it helped. I don't know if it has anything to do with it, but ever since, I've been getting blue screens (BSOD), usually when playing games (hence, using up a big chunk of my 2GB RAM). The computer's also been performing relateively slower than it usually was.

 

I've read about BSOD on the internet and there were multiple advices to update all MB, GPU etc. drivers, so I did. Windows too (finally installed SP1, I think, although I'm sure I had already installed most of the security patches it includes). I also ran ESET online scanner - which found "Molebox.D" in a game's launcher (legit and known) and 4x "multiple threats" in java cache - and MBAM, which found nothing. I'm still getting those BSODs, which is really annoying.

 

I downloaded "WhoCrashed", which analyzed the minidump files to this:

 

On Sat 19/4/2014 10:19:28 GMT your computer crashed
crash dump file: C:\Windows\Minidump\041914-23977-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x3249DB)
Bugcheck code: 0x124 (0x0, 0xFFFFFFFF869C44DC, 0x0, 0x0)
Error: WHEA_UNCORRECTABLE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System

 

All other analyzes seem to point at "ntoskrnl.exe" too. Using Windows 7.

 

What should I do next to solve this problem?

 

Thanks in advance for any kind of help. I'm starting to get desperate.


Edited by kreG15, 19 April 2014 - 07:56 AM.


BC AdBot (Login to Remove)

 


#2 kreG15

kreG15
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 19 April 2014 - 08:57 AM

I just ran TDSSKiller, which detected 1 threat. Here's the relevant part of the log:

 

16:48:56.0851 0x0f7c  [ 89870175848C16330552FC38CD5B86FF, 89A4DBA92D4DE82C107592773FFABB92D0B96E584A2C038214C2C6DC612657A4 ] SOACS           C:\Windows\system32\drivers\soacs.sys
16:48:56.0851 0x0f7c  Suspicious file ( Forged ): C:\Windows\system32\drivers\soacs.sys. Real md5: 89870175848C16330552FC38CD5B86FF, sha256: 89A4DBA92D4DE82C107592773FFABB92D0B96E584A2C038214C2C6DC612657A4, fake md5: F129D94266679C5959824DFC5111A476, fake sha256: 373E58DB31DBAD517DFEDE6BB84A58F4F7D5BF03630597CA677658B8BD136106
16:48:56.0852 0x0f7c  SOACS - detected ForgedFile.Multi.Generic ( 1 )
16:48:59.0707 0x0f7c  Detect turned to UDS exact due to KSN untrusted
16:48:59.0784 0x0f7c  SOACS ( UDS:DangerousObject.Multi.Generic ) - infected
16:48:59.0784 0x0f7c  Force sending object to P2P due to detect: C:\Windows\system32\drivers\soacs.sys
16:49:02.0714 0x0f7c  Object send P2P result: true
 
I chose "Skip" as I don't know whether this system file is of vital importance to Windows or not.

Edited by kreG15, 19 April 2014 - 09:00 AM.


#3 kreG15

kreG15
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 19 April 2014 - 07:35 PM

Trillion other topics get answered and mine doesn't :(



#4 moonscape

moonscape

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 21 April 2014 - 10:14 PM

I'm new here, but have read around the forum a =lot=!   Have you?   These are volunteers who are incredibly generous with their time, and sometimes it takes days to respond.   Understandably.   There is a sticky topic where if you haven't heard anything in 3-5 days, then you put a single link there and that brings it back into focus.

 

Be patient!   It has been ONE DAY since you posted!    And you aren't getting a bill for this.

 

Frankly, I think we should feel grateful they are able to do as much as they do.   



#5 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:05:59 PM

Posted 21 April 2014 - 11:05 PM

Hello kreG15, and welcome to Bleeping Computer! :)
 
My name is bloopie and I will try to help you as best I can!  (And thank you very much moonscape for the note...much is obliged! :wink: )
 
Just so I don't repeat myself, have a look here where I closed your other topic: http://www.bleepingcomputer.com/forums/t/531727/blue-screen-of-death-keeps-reappearing/?p=3349274
 
As mentioned, there are plenty of reasons why your topic wasn't answered immediately. Let me explain a few of them: First, there are many people who have been waiting much longer for a response (some have been waiting over a week!), so those people certainly
have the priority (you didn't even wait a single day before bumping your topic!).
 
Second, there are a huge number of people asking for help on the forums, and only so few of us helpers to go around. We try the best we can to get to everyone as soon as possible, but inevitably, some users will have to wait just a bit longer than others.
 
And lastly, many here at BC may not feel very comfortable with the subject of your topic (crash dumps, etc...), and so they will leave the topic to the helpers with more experience with machines of that nature. I hope this clarifies things a bit for you. :wink:
 
====================
 
Now that I have taken your topic, I will stay with you until the end so please be patient...we are all volunteers and also have a life outside of BC (Again, thank you moonscape! :))!
 
====================

 

Now to business:
 
That TDSSKiller log is certainly showing that soacs.sys is malicious (it's also not a "system file"). Have a look at the Virustotal Result on that file: https://www.virustotal.com/en/file/89a4dba92d4de82c107592773ffabb92d0b96e584a2c038214c2c6dc612657a4/analysis/
 
Most of those detections show it as a "Backdoor", witch it may be, but I don't have enough information to prove that just yet. If you have a "Backdoor" trojan or other backdoor capable infection on board, your safest and quickest cleaning method would be to reformat and reinstall Windows as soon as possible!
 
This is a very dangerous type of infection (especially if you do any online banking) as your online passwords could have been compromised as well as other general online information (surfing habits, favorite websites, etc...)!
 
We can certainly clean this machine, but there is no guarantee that your computer will be 100% safe afterwards! I'd advise a reformat and reinstall of Windows, but if you'd still like to continue with the cleaning process anyway, then please follow the below steps:
 
==========

Step :step1:
 
First, I'd like to get the complete TDSSKiller logfile. See if you can find the full log here: TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\)

...copy/paste that log into your next reply (please do not attach it).

 

==========

Step :step2:
 
Next, please visit Virustotal.com, and follow the below instructions:

 

  • Click on the "Choose File" button
  • Navigate to, and double-click the file C:\Windows\system32\ntoskrnl.exe
  • Click the "Scan It" button
  • If you're told the file has already been scanned before, please click "Reanalyse"
  • Copy the URL to the VT results page (the address bar/link) and paste it back here for my review

 

==========

 

Post back with those two pieces of information, and we'll take the next steps from there! :)

 

bloopie



#6 kreG15

kreG15
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 22 April 2014 - 01:33 AM

You are totally right, I'm sorry and I didn't mean any disrespect to you guys, you actually are doing a great job helping people. I was kind of desperate as I couldn't use my computer properly because of the shut downs, every hour counts for me, so that's probably why I was nervous and wanting help so badly. Thanks a lot for your help!

 

====================

 

As for the "backdoor", I actually scanned on VirusTotal that "soacs.sys" file that TDSSKiller found, and it came out completely clean. I googled it and saw it has something to do with a game I played, Knight Online, and then found it in the game directory as well. I didn't need the game installed so I deleted it, along with the second soacs.sys file (which didn't come up in any AV/Anti-malware scan). I'd also like to note that I haven't had a blue screen for a pretty long time, but the game I played when the BSODs occured crashes from time to time, which is fine. I'll re-install it just to make sure.

 

====================

 

Anyway, here is the link to the VirusTotal scan on "ntoskrnl.exe":

 

https://www.virustotal.com/en/file/8d5948625bc56debad37567b988a17f76c7c463df1048778e1f09e836118c1bb/analysis/1398142993/

 

 

And the TDSSKiller full log:

 

 

16:48:21.0654 0x079c  TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
16:48:23.0788 0x079c  ============================================================
16:48:23.0789 0x079c  Current date / time: 2014/04/19 16:48:23.0788
16:48:23.0789 0x079c  SystemInfo:
16:48:23.0789 0x079c  
16:48:23.0789 0x079c  OS Version: 6.1.7601 ServicePack: 1.0
16:48:23.0789 0x079c  Product type: Workstation
16:48:23.0789 0x079c  ComputerName: XC1TE-PC
16:48:23.0789 0x079c  UserName: xc1te
16:48:23.0789 0x079c  Windows directory: C:\Windows
16:48:23.0789 0x079c  System windows directory: C:\Windows
16:48:23.0789 0x079c  Processor architecture: Intel x86
16:48:23.0789 0x079c  Number of processors: 2
16:48:23.0789 0x079c  Page size: 0x1000
16:48:23.0789 0x079c  Boot type: Normal boot
16:48:23.0789 0x079c  ============================================================
16:48:26.0341 0x079c  KLMD registered as C:\Windows\system32\drivers\55895912.sys
16:48:26.0389 0x079c  System UUID: {0CFDC05A-12E3-C229-D564-35B7BB401C8A}
16:48:26.0759 0x079c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:48:26.0761 0x079c  ============================================================
16:48:26.0761 0x079c  \Device\Harddisk0\DR0:
16:48:26.0761 0x079c  MBR partitions:
16:48:26.0761 0x079c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
16:48:26.0761 0x079c  ============================================================
16:48:26.0770 0x079c  C: <-> \Device\Harddisk0\DR0\Partition1
16:48:26.0770 0x079c  ============================================================
16:48:26.0770 0x079c  Initialize success
16:48:26.0770 0x079c  ============================================================
16:48:37.0838 0x0f7c  ============================================================
16:48:37.0838 0x0f7c  Scan started
16:48:37.0838 0x0f7c  Mode: Manual; 
16:48:37.0838 0x0f7c  ============================================================
16:48:37.0838 0x0f7c  KSN ping started
16:48:40.0583 0x0f7c  KSN ping finished: true
16:48:41.0121 0x0f7c  ================ Scan system memory ========================
16:48:41.0121 0x0f7c  System memory - ok
16:48:41.0121 0x0f7c  ================ Scan services =============================
16:48:41.0288 0x0f7c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:48:41.0292 0x0f7c  1394ohci - ok
16:48:41.0326 0x0f7c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:48:41.0330 0x0f7c  ACPI - ok
16:48:41.0389 0x0f7c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:48:41.0390 0x0f7c  AcpiPmi - ok
16:48:41.0552 0x0f7c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:48:41.0554 0x0f7c  AdobeARMservice - ok
16:48:41.0595 0x0f7c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:48:41.0602 0x0f7c  adp94xx - ok
16:48:41.0628 0x0f7c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:48:41.0634 0x0f7c  adpahci - ok
16:48:41.0655 0x0f7c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:48:41.0658 0x0f7c  adpu320 - ok
16:48:41.0691 0x0f7c  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:48:41.0693 0x0f7c  AeLookupSvc - ok
16:48:41.0754 0x0f7c  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
16:48:41.0760 0x0f7c  AFD - ok
16:48:41.0792 0x0f7c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
16:48:41.0793 0x0f7c  agp440 - ok
16:48:41.0827 0x0f7c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
16:48:41.0829 0x0f7c  aic78xx - ok
16:48:41.0883 0x0f7c  [ 537180A396EBF3B5E9E6EB24E9673E03, 382911E3F989EC58B5E8A0685929FF0913E159CD698F6CFF59D710256106D2D2 ] aksusb          C:\Windows\system32\DRIVERS\aksusb.sys
16:48:41.0884 0x0f7c  aksusb - ok
16:48:41.0932 0x0f7c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
16:48:41.0933 0x0f7c  ALG - ok
16:48:41.0986 0x0f7c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:48:41.0987 0x0f7c  aliide - ok
16:48:42.0020 0x0f7c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:48:42.0021 0x0f7c  amdagp - ok
16:48:42.0056 0x0f7c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:48:42.0058 0x0f7c  amdide - ok
16:48:42.0069 0x0f7c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:48:42.0071 0x0f7c  AmdK8 - ok
16:48:42.0086 0x0f7c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:48:42.0088 0x0f7c  AmdPPM - ok
16:48:42.0125 0x0f7c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:48:42.0127 0x0f7c  amdsata - ok
16:48:42.0170 0x0f7c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:48:42.0174 0x0f7c  amdsbs - ok
16:48:42.0197 0x0f7c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:48:42.0198 0x0f7c  amdxata - ok
16:48:42.0258 0x0f7c  [ D1AF38FBAC0DC7E6D796B0ED01707EE0, FAFD2C36594A1628293E7623C8CAB2D47EDF8C6C0E18CC2FB37F9A6CA1F0E57C ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
16:48:42.0260 0x0f7c  AppHostSvc - ok
16:48:42.0324 0x0f7c  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
16:48:42.0326 0x0f7c  AppID - ok
16:48:42.0346 0x0f7c  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:48:42.0347 0x0f7c  AppIDSvc - ok
16:48:42.0400 0x0f7c  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
16:48:42.0402 0x0f7c  Appinfo - ok
16:48:42.0422 0x0f7c  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:48:42.0426 0x0f7c  AppMgmt - ok
16:48:42.0444 0x0f7c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:48:42.0446 0x0f7c  arc - ok
16:48:42.0465 0x0f7c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:48:42.0468 0x0f7c  arcsas - ok
16:48:42.0592 0x0f7c  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:48:42.0619 0x0f7c  aspnet_state - ok
16:48:42.0664 0x0f7c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:48:42.0665 0x0f7c  AsyncMac - ok
16:48:42.0715 0x0f7c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:48:42.0716 0x0f7c  atapi - ok
16:48:42.0772 0x0f7c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:48:42.0781 0x0f7c  AudioEndpointBuilder - ok
16:48:42.0792 0x0f7c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:48:42.0798 0x0f7c  Audiosrv - ok
16:48:42.0864 0x0f7c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:48:42.0877 0x0f7c  AxInstSV - ok
16:48:42.0907 0x0f7c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
16:48:42.0915 0x0f7c  b06bdrv - ok
16:48:42.0948 0x0f7c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
16:48:42.0953 0x0f7c  b57nd60x - ok
16:48:42.0969 0x0f7c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
16:48:42.0971 0x0f7c  BDESVC - ok
16:48:42.0979 0x0f7c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:48:42.0980 0x0f7c  Beep - ok
16:48:43.0052 0x0f7c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
16:48:43.0061 0x0f7c  BFE - ok
16:48:43.0125 0x0f7c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
16:48:43.0136 0x0f7c  BITS - ok
16:48:43.0146 0x0f7c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:48:43.0148 0x0f7c  blbdrive - ok
16:48:43.0199 0x0f7c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:48:43.0201 0x0f7c  bowser - ok
16:48:43.0225 0x0f7c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:48:43.0226 0x0f7c  BrFiltLo - ok
16:48:43.0229 0x0f7c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:48:43.0230 0x0f7c  BrFiltUp - ok
16:48:43.0281 0x0f7c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
16:48:43.0284 0x0f7c  Browser - ok
16:48:43.0312 0x0f7c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:48:43.0317 0x0f7c  Brserid - ok
16:48:43.0334 0x0f7c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:48:43.0336 0x0f7c  BrSerWdm - ok
16:48:43.0339 0x0f7c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:48:43.0341 0x0f7c  BrUsbMdm - ok
16:48:43.0344 0x0f7c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:48:43.0345 0x0f7c  BrUsbSer - ok
16:48:43.0356 0x0f7c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:48:43.0357 0x0f7c  BTHMODEM - ok
16:48:43.0435 0x0f7c  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:48:43.0442 0x0f7c  BTHPORT - ok
16:48:43.0469 0x0f7c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
16:48:43.0471 0x0f7c  bthserv - ok
16:48:43.0533 0x0f7c  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:48:43.0535 0x0f7c  BTHUSB - ok
16:48:43.0563 0x0f7c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:48:43.0565 0x0f7c  cdfs - ok
16:48:43.0621 0x0f7c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:48:43.0624 0x0f7c  cdrom - ok
16:48:43.0666 0x0f7c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:48:43.0668 0x0f7c  CertPropSvc - ok
16:48:43.0686 0x0f7c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:48:43.0688 0x0f7c  circlass - ok
16:48:43.0704 0x0f7c  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
16:48:43.0708 0x0f7c  CLFS - ok
16:48:43.0764 0x0f7c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:48:43.0767 0x0f7c  clr_optimization_v2.0.50727_32 - ok
16:48:43.0821 0x0f7c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:48:43.0880 0x0f7c  clr_optimization_v4.0.30319_32 - ok
16:48:43.0884 0x0f7c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:48:43.0885 0x0f7c  CmBatt - ok
16:48:43.0916 0x0f7c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:48:43.0917 0x0f7c  cmdide - ok
16:48:43.0974 0x0f7c  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:48:43.0981 0x0f7c  CNG - ok
16:48:43.0985 0x0f7c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:48:43.0986 0x0f7c  Compbatt - ok
16:48:44.0045 0x0f7c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:48:44.0046 0x0f7c  CompositeBus - ok
16:48:44.0052 0x0f7c  COMSysApp - ok
16:48:44.0115 0x0f7c  [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv          C:\Program Files\SystemRequirementsLab\cpudrv.sys
16:48:44.0116 0x0f7c  cpudrv - ok
16:48:44.0120 0x0f7c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:48:44.0121 0x0f7c  crcdisk - ok
16:48:44.0145 0x0f7c  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:48:44.0148 0x0f7c  CryptSvc - ok
16:48:44.0210 0x0f7c  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
16:48:44.0217 0x0f7c  CSC - ok
16:48:44.0285 0x0f7c  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
16:48:44.0294 0x0f7c  CscService - ok
16:48:44.0355 0x0f7c  [ 7CAAF4AF453EF3582FEF65DD72CAA0AA, 4298235DE7B9F4702CC1A1155256D845F2F23EED20201A6CA946DC28C49EED76 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
16:48:44.0356 0x0f7c  dc3d - ok
16:48:44.0374 0x0f7c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:48:44.0382 0x0f7c  DcomLaunch - ok
16:48:44.0409 0x0f7c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
16:48:44.0414 0x0f7c  defragsvc - ok
16:48:44.0465 0x0f7c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:48:44.0467 0x0f7c  DfsC - ok
16:48:44.0520 0x0f7c  [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:48:44.0522 0x0f7c  dg_ssudbus - ok
16:48:44.0595 0x0f7c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:48:44.0600 0x0f7c  Dhcp - ok
16:48:44.0614 0x0f7c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
16:48:44.0615 0x0f7c  discache - ok
16:48:44.0674 0x0f7c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:48:44.0676 0x0f7c  Disk - ok
16:48:44.0726 0x0f7c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:48:44.0729 0x0f7c  Dnscache - ok
16:48:44.0819 0x0f7c  [ F699997EA7CD9814F1C094B59DC9FF75, EA4FE656170633905F5E3BF488FC2B9313373205CD300F76E01625F5335B4182 ] DokanCEDriver   C:\Program Files\BezeqCloud\dokance.sys
16:48:44.0821 0x0f7c  DokanCEDriver - ok
16:48:44.0833 0x0f7c  [ B756F4ACB8547A31959CA31049751D9B, BABC2B1D3F31FDE917E2CFE40FB1BDFBCC99D7B4D8A3BDBEF5E65231F002673C ] DokanCEMounter  C:\Program Files\BezeqCloud\dokanmnt.exe
16:48:44.0835 0x0f7c  DokanCEMounter - ok
16:48:44.0883 0x0f7c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:48:44.0887 0x0f7c  dot3svc - ok
16:48:44.0950 0x0f7c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
16:48:44.0953 0x0f7c  DPS - ok
16:48:45.0007 0x0f7c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:48:45.0008 0x0f7c  drmkaud - ok
16:48:45.0066 0x0f7c  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:48:45.0080 0x0f7c  DXGKrnl - ok
16:48:45.0084 0x0f7c  EagleXNt - ok
16:48:45.0124 0x0f7c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
16:48:45.0127 0x0f7c  EapHost - ok
16:48:45.0232 0x0f7c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
16:48:45.0342 0x0f7c  ebdrv - ok
16:48:45.0395 0x0f7c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
16:48:45.0397 0x0f7c  EFS - ok
16:48:45.0474 0x0f7c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:48:45.0484 0x0f7c  ehRecvr - ok
16:48:45.0527 0x0f7c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
16:48:45.0529 0x0f7c  ehSched - ok
16:48:45.0561 0x0f7c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:48:45.0569 0x0f7c  elxstor - ok
16:48:45.0616 0x0f7c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:48:45.0617 0x0f7c  ErrDev - ok
16:48:45.0643 0x0f7c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
16:48:45.0648 0x0f7c  EventSystem - ok
16:48:45.0664 0x0f7c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:48:45.0667 0x0f7c  exfat - ok
16:48:45.0683 0x0f7c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:48:45.0686 0x0f7c  fastfat - ok
16:48:45.0699 0x0f7c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:48:45.0712 0x0f7c  fdc - ok
16:48:45.0733 0x0f7c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
16:48:45.0734 0x0f7c  fdPHost - ok
16:48:45.0749 0x0f7c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:48:45.0751 0x0f7c  FDResPub - ok
16:48:45.0765 0x0f7c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:48:45.0767 0x0f7c  FileInfo - ok
16:48:45.0777 0x0f7c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:48:45.0778 0x0f7c  Filetrace - ok
16:48:45.0782 0x0f7c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:48:45.0783 0x0f7c  flpydisk - ok
16:48:45.0798 0x0f7c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:48:45.0802 0x0f7c  FltMgr - ok
16:48:45.0870 0x0f7c  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
16:48:45.0887 0x0f7c  FontCache - ok
16:48:45.0927 0x0f7c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:48:45.0929 0x0f7c  FontCache3.0.0.0 - ok
16:48:45.0940 0x0f7c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:48:45.0942 0x0f7c  FsDepends - ok
16:48:45.0996 0x0f7c  [ CBE5F69A5E5B918225F420BA748F3742, 930C81195346239A7843CAE140896698675E8025BF32C3E71D2BDDA53FAB0264 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
16:48:45.0998 0x0f7c  FsUsbExDisk - ok
16:48:46.0076 0x0f7c  [ 96633419F4A1E37ACB89B45EBCCFE001, 53DC59D8EB89F380BC2DBB009EDFFD66552D68B8606187A75FEF64707267E4F9 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
16:48:46.0081 0x0f7c  FsUsbExService - ok
16:48:46.0132 0x0f7c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:48:46.0133 0x0f7c  Fs_Rec - ok
16:48:46.0194 0x0f7c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:48:46.0198 0x0f7c  fvevol - ok
16:48:46.0215 0x0f7c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:48:46.0217 0x0f7c  gagp30kx - ok
16:48:46.0276 0x0f7c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:48:46.0287 0x0f7c  gpsvc - ok
16:48:46.0412 0x0f7c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
16:48:46.0415 0x0f7c  gupdate - ok
16:48:46.0419 0x0f7c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:48:46.0420 0x0f7c  gupdatem - ok
16:48:46.0443 0x0f7c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:48:46.0445 0x0f7c  hcw85cir - ok
16:48:46.0514 0x0f7c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:48:46.0520 0x0f7c  HdAudAddService - ok
16:48:46.0536 0x0f7c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:48:46.0538 0x0f7c  HDAudBus - ok
16:48:46.0542 0x0f7c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:48:46.0544 0x0f7c  HidBatt - ok
16:48:46.0559 0x0f7c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:48:46.0561 0x0f7c  HidBth - ok
16:48:46.0576 0x0f7c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:48:46.0577 0x0f7c  HidIr - ok
16:48:46.0598 0x0f7c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
16:48:46.0600 0x0f7c  hidserv - ok
16:48:46.0662 0x0f7c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:48:46.0663 0x0f7c  HidUsb - ok
16:48:46.0701 0x0f7c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:48:46.0704 0x0f7c  hkmsvc - ok
16:48:46.0744 0x0f7c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:48:46.0749 0x0f7c  HomeGroupListener - ok
16:48:46.0787 0x0f7c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:48:46.0792 0x0f7c  HomeGroupProvider - ok
16:48:46.0846 0x0f7c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:48:46.0847 0x0f7c  HpSAMD - ok
16:48:46.0933 0x0f7c  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:48:46.0942 0x0f7c  HTTP - ok
16:48:46.0988 0x0f7c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:48:46.0989 0x0f7c  hwpolicy - ok
16:48:47.0043 0x0f7c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:48:47.0045 0x0f7c  i8042prt - ok
16:48:47.0101 0x0f7c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:48:47.0108 0x0f7c  iaStorV - ok
16:48:47.0184 0x0f7c  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:48:47.0199 0x0f7c  idsvc - ok
16:48:47.0228 0x0f7c  IEEtwCollectorService - ok
16:48:47.0416 0x0f7c  [ 8828710129B835FD59E8BE6615EB3786, 8124C36A19F39D496D3B9A83813724963DACB84024CBB9A8DE33AB7F2222B396 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
16:48:47.0584 0x0f7c  igfx - ok
16:48:47.0617 0x0f7c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:48:47.0618 0x0f7c  iirsp - ok
16:48:47.0696 0x0f7c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:48:47.0709 0x0f7c  IKEEXT - ok
16:48:47.0861 0x0f7c  [ C6B9C84B5965E4BD6B9967B16058E4DE, F2F4F4C0522025782022E8F162A09697B18461DD06CB07E12B330AE00A7ABEFE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:48:47.0945 0x0f7c  IntcAzAudAddService - ok
16:48:47.0993 0x0f7c  [ E63CD0D9AA8D406CABDE5AA718936F40, FFAE499226426D6061F1B8BB6CBE3EDDF8F8E27AF9A8B82CDB5485F008F9D733 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
16:48:47.0996 0x0f7c  IntcHdmiAddService - ok
16:48:48.0044 0x0f7c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:48:48.0045 0x0f7c  intelide - ok
16:48:48.0069 0x0f7c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:48:48.0070 0x0f7c  intelppm - ok
16:48:48.0101 0x0f7c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:48:48.0104 0x0f7c  IPBusEnum - ok
16:48:48.0115 0x0f7c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:48:48.0117 0x0f7c  IpFilterDriver - ok
16:48:48.0183 0x0f7c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:48:48.0192 0x0f7c  iphlpsvc - ok
16:48:48.0236 0x0f7c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:48:48.0238 0x0f7c  IPMIDRV - ok
16:48:48.0260 0x0f7c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:48:48.0263 0x0f7c  IPNAT - ok
16:48:48.0290 0x0f7c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:48:48.0291 0x0f7c  IRENUM - ok
16:48:48.0310 0x0f7c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:48:48.0312 0x0f7c  isapnp - ok
16:48:48.0356 0x0f7c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:48:48.0361 0x0f7c  iScsiPrt - ok
16:48:48.0398 0x0f7c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:48:48.0399 0x0f7c  kbdclass - ok
16:48:48.0437 0x0f7c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:48:48.0438 0x0f7c  kbdhid - ok
16:48:48.0443 0x0f7c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
16:48:48.0445 0x0f7c  KeyIso - ok
16:48:48.0488 0x0f7c  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:48:48.0490 0x0f7c  KSecDD - ok
16:48:48.0502 0x0f7c  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:48:48.0505 0x0f7c  KSecPkg - ok
16:48:48.0529 0x0f7c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:48:48.0536 0x0f7c  KtmRm - ok
16:48:48.0554 0x0f7c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:48:48.0559 0x0f7c  LanmanServer - ok
16:48:48.0608 0x0f7c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:48:48.0611 0x0f7c  LanmanWorkstation - ok
16:48:48.0622 0x0f7c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:48:48.0624 0x0f7c  lltdio - ok
16:48:48.0644 0x0f7c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:48:48.0648 0x0f7c  lltdsvc - ok
16:48:48.0669 0x0f7c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:48:48.0670 0x0f7c  lmhosts - ok
16:48:48.0709 0x0f7c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:48:48.0711 0x0f7c  LSI_FC - ok
16:48:48.0722 0x0f7c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:48:48.0724 0x0f7c  LSI_SAS - ok
16:48:48.0737 0x0f7c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:48:48.0738 0x0f7c  LSI_SAS2 - ok
16:48:48.0758 0x0f7c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:48:48.0760 0x0f7c  LSI_SCSI - ok
16:48:48.0785 0x0f7c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:48:48.0787 0x0f7c  luafv - ok
16:48:48.0877 0x0f7c  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:48:48.0878 0x0f7c  MBAMProtector - ok
16:48:48.0982 0x0f7c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:48:48.0989 0x0f7c  MBAMScheduler - ok
16:48:49.0055 0x0f7c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:48:49.0067 0x0f7c  MBAMService - ok
16:48:49.0099 0x0f7c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:48:49.0102 0x0f7c  Mcx2Svc - ok
16:48:49.0130 0x0f7c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:48:49.0132 0x0f7c  megasas - ok
16:48:49.0159 0x0f7c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:48:49.0164 0x0f7c  MegaSR - ok
16:48:49.0269 0x0f7c  Microsoft SharePoint Workspace Audit Service - ok
16:48:49.0296 0x0f7c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
16:48:49.0298 0x0f7c  MMCSS - ok
16:48:49.0312 0x0f7c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
16:48:49.0314 0x0f7c  Modem - ok
16:48:49.0378 0x0f7c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:48:49.0379 0x0f7c  monitor - ok
16:48:49.0394 0x0f7c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\drivers\mouclass.sys
16:48:49.0395 0x0f7c  mouclass - ok
16:48:49.0415 0x0f7c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:48:49.0416 0x0f7c  mouhid - ok
16:48:49.0469 0x0f7c  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:48:49.0471 0x0f7c  mountmgr - ok
16:48:49.0528 0x0f7c  [ 8072A7BB35D92CC621AC2605EEF79BC4, 68F61BE84A5032CEC24F04C90DACA1AE78F3744016389BE2345256B26E44E09A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:48:49.0532 0x0f7c  MpFilter - ok
16:48:49.0551 0x0f7c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:48:49.0554 0x0f7c  mpio - ok
16:48:49.0582 0x0f7c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:48:49.0584 0x0f7c  mpsdrv - ok
16:48:49.0642 0x0f7c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:48:49.0653 0x0f7c  MpsSvc - ok
16:48:49.0704 0x0f7c  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:48:49.0706 0x0f7c  MRxDAV - ok
16:48:49.0757 0x0f7c  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:48:49.0760 0x0f7c  mrxsmb - ok
16:48:49.0819 0x0f7c  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:48:49.0823 0x0f7c  mrxsmb10 - ok
16:48:49.0843 0x0f7c  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:48:49.0846 0x0f7c  mrxsmb20 - ok
16:48:49.0895 0x0f7c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:48:49.0897 0x0f7c  msahci - ok
16:48:49.0937 0x0f7c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:48:49.0940 0x0f7c  msdsm - ok
16:48:49.0966 0x0f7c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
16:48:49.0970 0x0f7c  MSDTC - ok
16:48:49.0995 0x0f7c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:48:49.0996 0x0f7c  Msfs - ok
16:48:50.0009 0x0f7c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:48:50.0010 0x0f7c  mshidkmdf - ok
16:48:50.0050 0x0f7c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:48:50.0051 0x0f7c  msisadrv - ok
16:48:50.0078 0x0f7c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:48:50.0081 0x0f7c  MSiSCSI - ok
16:48:50.0085 0x0f7c  msiserver - ok
16:48:50.0116 0x0f7c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:48:50.0116 0x0f7c  MSKSSRV - ok
16:48:50.0211 0x0f7c  [ 1EE3643D1AA747222427F63353611AD7, 18465E375485DF4E980121449077D5BA87C25C5FA8D86F40DA3B7BE153306766 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:48:50.0212 0x0f7c  MsMpSvc - ok
16:48:50.0226 0x0f7c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:48:50.0227 0x0f7c  MSPCLOCK - ok
16:48:50.0230 0x0f7c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:48:50.0231 0x0f7c  MSPQM - ok
16:48:50.0262 0x0f7c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:48:50.0266 0x0f7c  MsRPC - ok
16:48:50.0322 0x0f7c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:48:50.0323 0x0f7c  mssmbios - ok
16:48:50.0326 0x0f7c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:48:50.0327 0x0f7c  MSTEE - ok
16:48:50.0330 0x0f7c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:48:50.0331 0x0f7c  MTConfig - ok
16:48:50.0348 0x0f7c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:48:50.0350 0x0f7c  Mup - ok
16:48:50.0404 0x0f7c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
16:48:50.0412 0x0f7c  napagent - ok
16:48:50.0446 0x0f7c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:48:50.0451 0x0f7c  NativeWifiP - ok
16:48:50.0523 0x0f7c  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:48:50.0535 0x0f7c  NDIS - ok
16:48:50.0550 0x0f7c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:48:50.0551 0x0f7c  NdisCap - ok
16:48:50.0588 0x0f7c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:48:50.0589 0x0f7c  NdisTapi - ok
16:48:50.0636 0x0f7c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:48:50.0638 0x0f7c  Ndisuio - ok
16:48:50.0682 0x0f7c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:48:50.0684 0x0f7c  NdisWan - ok
16:48:50.0730 0x0f7c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:48:50.0731 0x0f7c  NDProxy - ok
16:48:50.0741 0x0f7c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:48:50.0742 0x0f7c  NetBIOS - ok
16:48:50.0789 0x0f7c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:48:50.0793 0x0f7c  NetBT - ok
16:48:50.0807 0x0f7c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
16:48:50.0809 0x0f7c  Netlogon - ok
16:48:50.0822 0x0f7c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
16:48:50.0829 0x0f7c  Netman - ok
16:48:50.0893 0x0f7c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:48:50.0921 0x0f7c  NetMsmqActivator - ok
16:48:50.0925 0x0f7c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:48:50.0928 0x0f7c  NetPipeActivator - ok
16:48:50.0958 0x0f7c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
16:48:50.0965 0x0f7c  netprofm - ok
16:48:50.0971 0x0f7c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:48:50.0973 0x0f7c  NetTcpActivator - ok
16:48:50.0978 0x0f7c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:48:50.0980 0x0f7c  NetTcpPortSharing - ok
16:48:51.0012 0x0f7c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:48:51.0013 0x0f7c  nfrd960 - ok
16:48:51.0079 0x0f7c  [ FCBC2F48430EB0D7150A6521C0B84ACA, EEFB975E2D1121EE9E93702F2CA2938C99C6B2273616C85816BA15E857E8D4FF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:48:51.0081 0x0f7c  NisDrv - ok
16:48:51.0129 0x0f7c  [ E4AA07F8BCBCB66EF115C443CD45C7A2, 3B538D9E376F12FC8589BA500BB5E859337CF1856D0E4AA66E2E3B5E301DAEC5 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:48:51.0134 0x0f7c  NisSrv - ok
16:48:51.0182 0x0f7c  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:48:51.0187 0x0f7c  NlaSvc - ok
16:48:51.0200 0x0f7c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:48:51.0202 0x0f7c  Npfs - ok
16:48:51.0207 0x0f7c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
16:48:51.0209 0x0f7c  nsi - ok
16:48:51.0212 0x0f7c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:48:51.0213 0x0f7c  nsiproxy - ok
16:48:51.0294 0x0f7c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:48:51.0330 0x0f7c  Ntfs - ok
16:48:51.0381 0x0f7c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
16:48:51.0382 0x0f7c  Null - ok
16:48:51.0426 0x0f7c  [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
16:48:51.0429 0x0f7c  NVHDA - ok
16:48:51.0714 0x0f7c  [ 8E3BD4ED84EEF035B1AF3F90141D13D1, 764C700D9C08548225B1F0CD978265976B9CE65F20931970B69B2953CD00B611 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:48:51.0982 0x0f7c  nvlddmkm - ok
16:48:52.0100 0x0f7c  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
16:48:52.0149 0x0f7c  NvNetworkService - ok
16:48:52.0195 0x0f7c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:48:52.0198 0x0f7c  nvraid - ok
16:48:52.0237 0x0f7c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:48:52.0240 0x0f7c  nvstor - ok
16:48:52.0654 0x0f7c  [ DA09A1DAEBD38226C0CB22BA8D967F63, 55654C3D4D96185E5754DE63C08D40FA6CB46FAECBAACA6CEAB0F48E643C392C ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
16:48:53.0133 0x0f7c  NvStreamSvc - ok
16:48:53.0251 0x0f7c  [ 7A50B5448C45C0BEBFCF0E6481ABD73F, 6890320DD8DC9A58F845D6C6E058858F4651067B62E25AEED9F94436F10A4EA1 ] NVSvc           C:\Windows\system32\nvvsvc.exe
16:48:53.0263 0x0f7c  NVSvc - ok
16:48:53.0301 0x0f7c  [ D230D757C084FB8D7BC4936E3D6334B8, 28F6416C2C8B174F388B42F7951E2D35B42EA5443DC9A89A016FCDE8A3D57F4A ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
16:48:53.0302 0x0f7c  nvvad_WaveExtensible - ok
16:48:53.0350 0x0f7c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:48:53.0353 0x0f7c  nv_agp - ok
16:48:53.0395 0x0f7c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:48:53.0396 0x0f7c  ohci1394 - ok
16:48:53.0489 0x0f7c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:48:53.0492 0x0f7c  ose - ok
16:48:53.0701 0x0f7c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:48:53.0822 0x0f7c  osppsvc - ok
16:48:53.0875 0x0f7c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:48:53.0881 0x0f7c  p2pimsvc - ok
16:48:53.0911 0x0f7c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:48:53.0918 0x0f7c  p2psvc - ok
16:48:53.0960 0x0f7c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:48:53.0962 0x0f7c  Parport - ok
16:48:54.0009 0x0f7c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:48:54.0010 0x0f7c  partmgr - ok
16:48:54.0026 0x0f7c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
16:48:54.0027 0x0f7c  Parvdm - ok
16:48:54.0041 0x0f7c  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:48:54.0046 0x0f7c  PcaSvc - ok
16:48:54.0094 0x0f7c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
16:48:54.0097 0x0f7c  pci - ok
16:48:54.0142 0x0f7c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:48:54.0143 0x0f7c  pciide - ok
16:48:54.0163 0x0f7c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:48:54.0167 0x0f7c  pcmcia - ok
16:48:54.0187 0x0f7c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:48:54.0188 0x0f7c  pcw - ok
16:48:54.0223 0x0f7c  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:48:54.0233 0x0f7c  PEAUTH - ok
16:48:54.0285 0x0f7c  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:48:54.0304 0x0f7c  PeerDistSvc - ok
16:48:54.0384 0x0f7c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
16:48:54.0433 0x0f7c  pla - ok
16:48:54.0500 0x0f7c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:48:54.0507 0x0f7c  PlugPlay - ok
16:48:54.0533 0x0f7c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:48:54.0535 0x0f7c  PNRPAutoReg - ok
16:48:54.0547 0x0f7c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:48:54.0552 0x0f7c  PNRPsvc - ok
16:48:54.0575 0x0f7c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:48:54.0582 0x0f7c  PolicyAgent - ok
16:48:54.0633 0x0f7c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
16:48:54.0637 0x0f7c  Power - ok
16:48:54.0651 0x0f7c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:48:54.0653 0x0f7c  PptpMiniport - ok
16:48:54.0671 0x0f7c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:48:54.0672 0x0f7c  Processor - ok
16:48:54.0728 0x0f7c  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:48:54.0733 0x0f7c  ProfSvc - ok
16:48:54.0743 0x0f7c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:48:54.0745 0x0f7c  ProtectedStorage - ok
16:48:54.0773 0x0f7c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:48:54.0775 0x0f7c  Psched - ok
16:48:54.0828 0x0f7c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:48:54.0863 0x0f7c  ql2300 - ok
16:48:54.0923 0x0f7c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:48:54.0926 0x0f7c  ql40xx - ok
16:48:54.0945 0x0f7c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
16:48:54.0951 0x0f7c  QWAVE - ok
16:48:54.0959 0x0f7c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:48:54.0961 0x0f7c  QWAVEdrv - ok
16:48:54.0978 0x0f7c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:48:54.0979 0x0f7c  RasAcd - ok
16:48:55.0012 0x0f7c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:48:55.0013 0x0f7c  RasAgileVpn - ok
16:48:55.0026 0x0f7c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
16:48:55.0030 0x0f7c  RasAuto - ok
16:48:55.0042 0x0f7c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:48:55.0044 0x0f7c  Rasl2tp - ok
16:48:55.0101 0x0f7c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
16:48:55.0108 0x0f7c  RasMan - ok
16:48:55.0119 0x0f7c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:48:55.0121 0x0f7c  RasPppoe - ok
16:48:55.0131 0x0f7c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:48:55.0133 0x0f7c  RasSstp - ok
16:48:55.0195 0x0f7c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:48:55.0199 0x0f7c  rdbss - ok
16:48:55.0208 0x0f7c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:48:55.0209 0x0f7c  rdpbus - ok
16:48:55.0225 0x0f7c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:48:55.0226 0x0f7c  RDPCDD - ok
16:48:55.0278 0x0f7c  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:48:55.0281 0x0f7c  RDPDR - ok
16:48:55.0310 0x0f7c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:48:55.0311 0x0f7c  RDPENCDD - ok
16:48:55.0323 0x0f7c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:48:55.0324 0x0f7c  RDPREFMP - ok
16:48:55.0376 0x0f7c  [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:48:55.0377 0x0f7c  RdpVideoMiniport - ok
16:48:55.0429 0x0f7c  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:48:55.0433 0x0f7c  RDPWD - ok
16:48:55.0480 0x0f7c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:48:55.0484 0x0f7c  rdyboost - ok
16:48:55.0504 0x0f7c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:48:55.0507 0x0f7c  RemoteAccess - ok
16:48:55.0526 0x0f7c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:48:55.0530 0x0f7c  RemoteRegistry - ok
16:48:55.0552 0x0f7c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:48:55.0555 0x0f7c  RpcEptMapper - ok
16:48:55.0582 0x0f7c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
16:48:55.0583 0x0f7c  RpcLocator - ok
16:48:55.0607 0x0f7c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
16:48:55.0613 0x0f7c  RpcSs - ok
16:48:55.0629 0x0f7c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:48:55.0630 0x0f7c  rspndr - ok
16:48:55.0693 0x0f7c  [ ABCF32B572A695605692A0622008CEFC, 26530079439649525531D30E43ECC70EC260090627CDD3C65E9484348F42CA3C ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
16:48:55.0706 0x0f7c  RTL8167 - ok
16:48:55.0749 0x0f7c  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:48:55.0750 0x0f7c  s3cap - ok
16:48:55.0764 0x0f7c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
16:48:55.0766 0x0f7c  SamSs - ok
16:48:55.0804 0x0f7c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:48:55.0806 0x0f7c  sbp2port - ok
16:48:55.0827 0x0f7c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:48:55.0831 0x0f7c  SCardSvr - ok
16:48:55.0915 0x0f7c  [ 20B2751CD4C8F3FD989739CA661B9F30, 7D2449FB3657DD219D7A401AB8BC0B3AF0FBB6BD784C1AC723825CB1B688BEC5 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
16:48:55.0917 0x0f7c  SCDEmu - ok
16:48:55.0930 0x0f7c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:48:55.0931 0x0f7c  scfilter - ok
16:48:56.0007 0x0f7c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
16:48:56.0022 0x0f7c  Schedule - ok
16:48:56.0064 0x0f7c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:48:56.0065 0x0f7c  SCPolicySvc - ok
16:48:56.0106 0x0f7c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:48:56.0111 0x0f7c  SDRSVC - ok
16:48:56.0119 0x0f7c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:48:56.0120 0x0f7c  secdrv - ok
16:48:56.0136 0x0f7c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
16:48:56.0150 0x0f7c  seclogon - ok
16:48:56.0172 0x0f7c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
16:48:56.0175 0x0f7c  SENS - ok
16:48:56.0182 0x0f7c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:48:56.0184 0x0f7c  SensrSvc - ok
16:48:56.0202 0x0f7c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:48:56.0204 0x0f7c  Serenum - ok
16:48:56.0216 0x0f7c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:48:56.0218 0x0f7c  Serial - ok
16:48:56.0261 0x0f7c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:48:56.0262 0x0f7c  sermouse - ok
16:48:56.0314 0x0f7c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:48:56.0317 0x0f7c  SessionEnv - ok
16:48:56.0368 0x0f7c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:48:56.0369 0x0f7c  sffdisk - ok
16:48:56.0374 0x0f7c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:48:56.0376 0x0f7c  sffp_mmc - ok
16:48:56.0392 0x0f7c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:48:56.0393 0x0f7c  sffp_sd - ok
16:48:56.0408 0x0f7c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:48:56.0409 0x0f7c  sfloppy - ok
16:48:56.0449 0x0f7c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:48:56.0456 0x0f7c  SharedAccess - ok
16:48:56.0513 0x0f7c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:48:56.0520 0x0f7c  ShellHWDetection - ok
16:48:56.0566 0x0f7c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
16:48:56.0567 0x0f7c  sisagp - ok
16:48:56.0612 0x0f7c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:48:56.0613 0x0f7c  SiSRaid2 - ok
16:48:56.0641 0x0f7c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:48:56.0643 0x0f7c  SiSRaid4 - ok
16:48:56.0726 0x0f7c  [ 875B04A71869D34A415CC8B4D4673EC4, 8FDFD38B1A6302EC7FAFC23A22C332B1E7240231DBE3519AD6F51F6BD668B481 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
16:48:56.0730 0x0f7c  SkypeUpdate - ok
16:48:56.0760 0x0f7c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:48:56.0763 0x0f7c  Smb - ok
16:48:56.0791 0x0f7c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:48:56.0793 0x0f7c  SNMPTRAP - ok
16:48:56.0851 0x0f7c  [ 89870175848C16330552FC38CD5B86FF, 89A4DBA92D4DE82C107592773FFABB92D0B96E584A2C038214C2C6DC612657A4 ] SOACS           C:\Windows\system32\drivers\soacs.sys
16:48:56.0851 0x0f7c  Suspicious file ( Forged ): C:\Windows\system32\drivers\soacs.sys. Real md5: 89870175848C16330552FC38CD5B86FF, sha256: 89A4DBA92D4DE82C107592773FFABB92D0B96E584A2C038214C2C6DC612657A4, fake md5: F129D94266679C5959824DFC5111A476, fake sha256: 373E58DB31DBAD517DFEDE6BB84A58F4F7D5BF03630597CA677658B8BD136106
16:48:56.0852 0x0f7c  SOACS - detected ForgedFile.Multi.Generic ( 1 )
16:48:59.0707 0x0f7c  Detect turned to UDS exact due to KSN untrusted
16:48:59.0784 0x0f7c  SOACS ( UDS:DangerousObject.Multi.Generic ) - infected
16:48:59.0784 0x0f7c  Force sending object to P2P due to detect: C:\Windows\system32\drivers\soacs.sys
16:49:02.0714 0x0f7c  Object send P2P result: true
16:49:05.0463 0x0f7c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:49:05.0464 0x0f7c  spldr - ok
16:49:05.0525 0x0f7c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
16:49:05.0541 0x0f7c  Spooler - ok
16:49:05.0656 0x0f7c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
16:49:05.0740 0x0f7c  sppsvc - ok
16:49:05.0783 0x0f7c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:49:05.0786 0x0f7c  sppuinotify - ok
16:49:05.0837 0x0f7c  [ C4BB8A12843D9CBB65F5FF617F389BBD, 4BE4347E8BFC18E97B7910BF26F8845CCC917E4727EBD6617466615F2E0192B8 ] sptd            C:\Windows\system32\Drivers\sptd.sys
16:49:05.0838 0x0f7c  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: C4BB8A12843D9CBB65F5FF617F389BBD, sha256: 4BE4347E8BFC18E97B7910BF26F8845CCC917E4727EBD6617466615F2E0192B8
16:49:05.0839 0x0f7c  sptd - detected LockedFile.Multi.Generic ( 1 )
16:49:08.0708 0x0f7c  Detect skipped due to KSN trusted
16:49:08.0708 0x0f7c  sptd - ok
16:49:08.0759 0x0f7c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:49:08.0765 0x0f7c  srv - ok
16:49:08.0825 0x0f7c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:49:08.0851 0x0f7c  srv2 - ok
16:49:08.0898 0x0f7c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:49:08.0901 0x0f7c  srvnet - ok
16:49:08.0936 0x0f7c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:49:08.0941 0x0f7c  SSDPSRV - ok
16:49:08.0955 0x0f7c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:49:08.0958 0x0f7c  SstpSvc - ok
16:49:09.0005 0x0f7c  [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
16:49:09.0009 0x0f7c  ssudmdm - ok
16:49:09.0080 0x0f7c  [ 54946449A0EB74915A4BB34F7EE51A5A, 4C9EFC564520FD5E082A8066B0FCFDC9FCC5050DC26518810E57ECF3B90EF248 ] ss_bus          C:\Windows\system32\DRIVERS\ss_bus.sys
16:49:09.0082 0x0f7c  ss_bus - ok
16:49:09.0097 0x0f7c  [ 4450BC0B2E9D7D9B90E3C3DE4EA00A78, 4AE89D25F4D3B061D8CBD31329EDD3D5BAD9ED5D24ECC49FBC263B4DFE6760AB ] ss_mdfl         C:\Windows\system32\DRIVERS\ss_mdfl.sys
16:49:09.0098 0x0f7c  ss_mdfl - ok
16:49:09.0118 0x0f7c  [ 30B8D0DD01EAD1243F329CAF7D7D1517, A4BC52064E3C6140175BF403ED396C1718BF5EB996CB050989051532D0D79C71 ] ss_mdm          C:\Windows\system32\DRIVERS\ss_mdm.sys
16:49:09.0121 0x0f7c  ss_mdm - ok
16:49:09.0168 0x0f7c  Steam Client Service - ok
16:49:09.0237 0x0f7c  [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:49:09.0244 0x0f7c  Stereo Service - ok
16:49:09.0271 0x0f7c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:49:09.0272 0x0f7c  stexstor - ok
16:49:09.0326 0x0f7c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
16:49:09.0336 0x0f7c  StiSvc - ok
16:49:09.0349 0x0f7c  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:49:09.0351 0x0f7c  storflt - ok
16:49:09.0402 0x0f7c  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:49:09.0404 0x0f7c  storvsc - ok
16:49:09.0445 0x0f7c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:49:09.0446 0x0f7c  swenum - ok
16:49:09.0595 0x0f7c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:49:09.0606 0x0f7c  SwitchBoard - ok
16:49:09.0627 0x0f7c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
16:49:09.0635 0x0f7c  swprv - ok
16:49:09.0651 0x0f7c  Synth3dVsc - ok
16:49:09.0739 0x0f7c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
16:49:09.0775 0x0f7c  SysMain - ok
16:49:09.0814 0x0f7c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
16:49:09.0818 0x0f7c  TabletInputService - ok
16:49:09.0862 0x0f7c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:49:09.0868 0x0f7c  TapiSrv - ok
16:49:09.0897 0x0f7c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
16:49:09.0900 0x0f7c  TBS - ok
16:49:09.0975 0x0f7c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:49:10.0011 0x0f7c  Tcpip - ok
16:49:10.0045 0x0f7c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:49:10.0061 0x0f7c  TCPIP6 - ok
16:49:10.0111 0x0f7c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:49:10.0112 0x0f7c  tcpipreg - ok
16:49:10.0163 0x0f7c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:49:10.0165 0x0f7c  TDPIPE - ok
16:49:10.0178 0x0f7c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:49:10.0179 0x0f7c  TDTCP - ok
16:49:10.0226 0x0f7c  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:49:10.0228 0x0f7c  tdx - ok
16:49:10.0385 0x0f7c  [ C9B9373A0A430C11F0213E359D0772B2, 819D967B58987E1BBF0D4E6DDE0FB4800EDA6273762756A4BABB128566FED33B ] TeamViewer7     C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
16:49:10.0458 0x0f7c  TeamViewer7 - ok
16:49:10.0496 0x0f7c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:49:10.0498 0x0f7c  TermDD - ok
16:49:10.0553 0x0f7c  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
16:49:10.0563 0x0f7c  TermService - ok
16:49:10.0572 0x0f7c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
16:49:10.0575 0x0f7c  Themes - ok
16:49:10.0585 0x0f7c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
16:49:10.0587 0x0f7c  THREADORDER - ok
16:49:10.0619 0x0f7c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
16:49:10.0622 0x0f7c  TrkWks - ok
16:49:10.0695 0x0f7c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:49:10.0699 0x0f7c  TrustedInstaller - ok
16:49:10.0746 0x0f7c  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:49:10.0747 0x0f7c  tssecsrv - ok
16:49:10.0788 0x0f7c  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:49:10.0809 0x0f7c  TsUsbFlt - ok
16:49:10.0812 0x0f7c  tsusbhub - ok
16:49:10.0880 0x0f7c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:49:10.0882 0x0f7c  tunnel - ok
16:49:10.0912 0x0f7c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:49:10.0914 0x0f7c  uagp35 - ok
16:49:10.0960 0x0f7c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:49:10.0987 0x0f7c  udfs - ok
16:49:10.0999 0x0f7c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:49:11.0002 0x0f7c  UI0Detect - ok
16:49:11.0038 0x0f7c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:49:11.0039 0x0f7c  uliagpkx - ok
16:49:11.0108 0x0f7c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
16:49:11.0110 0x0f7c  umbus - ok
16:49:11.0132 0x0f7c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:49:11.0134 0x0f7c  UmPass - ok
16:49:11.0201 0x0f7c  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:49:11.0206 0x0f7c  UmRdpService - ok
16:49:11.0220 0x0f7c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
16:49:11.0226 0x0f7c  upnphost - ok
16:49:11.0280 0x0f7c  [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
16:49:11.0281 0x0f7c  USBAAPL - ok
16:49:11.0321 0x0f7c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
16:49:11.0323 0x0f7c  usbccgp - ok
16:49:11.0391 0x0f7c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:49:11.0393 0x0f7c  usbcir - ok
16:49:11.0409 0x0f7c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:49:11.0410 0x0f7c  usbehci - ok
16:49:11.0467 0x0f7c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:49:11.0472 0x0f7c  usbhub - ok
16:49:11.0516 0x0f7c  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:49:11.0517 0x0f7c  usbohci - ok
16:49:11.0521 0x0f7c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:49:11.0522 0x0f7c  usbprint - ok
16:49:11.0549 0x0f7c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
16:49:11.0551 0x0f7c  USBSTOR - ok
16:49:11.0570 0x0f7c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:49:11.0571 0x0f7c  usbuhci - ok
16:49:11.0619 0x0f7c  [ D82F43D15FDAA666856C0190CB73E7C9, A998F5F0535ADCFE0E6F37E4B222262F59D4E43CB596D62E785EF8E0D7E296F6 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
16:49:11.0620 0x0f7c  usb_rndisx - ok
16:49:11.0633 0x0f7c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
16:49:11.0636 0x0f7c  UxSms - ok
16:49:11.0653 0x0f7c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
16:49:11.0654 0x0f7c  VaultSvc - ok
16:49:11.0708 0x0f7c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:49:11.0710 0x0f7c  vdrvroot - ok
16:49:11.0764 0x0f7c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
16:49:11.0794 0x0f7c  vds - ok
16:49:11.0798 0x0f7c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:49:11.0800 0x0f7c  vga - ok
16:49:11.0820 0x0f7c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:49:11.0821 0x0f7c  VgaSave - ok
16:49:11.0828 0x0f7c  VGPU - ok
16:49:11.0883 0x0f7c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:49:11.0887 0x0f7c  vhdmp - ok
16:49:11.0895 0x0f7c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
16:49:11.0897 0x0f7c  viaagp - ok
16:49:11.0919 0x0f7c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
16:49:11.0920 0x0f7c  ViaC7 - ok
16:49:11.0959 0x0f7c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:49:11.0960 0x0f7c  viaide - ok
16:49:12.0015 0x0f7c  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:49:12.0018 0x0f7c  vmbus - ok
16:49:12.0036 0x0f7c  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:49:12.0037 0x0f7c  VMBusHID - ok
16:49:12.0085 0x0f7c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:49:12.0086 0x0f7c  volmgr - ok
16:49:12.0120 0x0f7c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:49:12.0126 0x0f7c  volmgrx - ok
16:49:12.0149 0x0f7c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:49:12.0154 0x0f7c  volsnap - ok
16:49:12.0181 0x0f7c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:49:12.0184 0x0f7c  vsmraid - ok
16:49:12.0255 0x0f7c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
16:49:12.0286 0x0f7c  VSS - ok
16:49:12.0300 0x0f7c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:49:12.0302 0x0f7c  vwifibus - ok
16:49:12.0320 0x0f7c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
16:49:12.0327 0x0f7c  W32Time - ok
16:49:12.0346 0x0f7c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:49:12.0347 0x0f7c  WacomPen - ok
16:49:12.0402 0x0f7c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:49:12.0404 0x0f7c  WANARP - ok
16:49:12.0408 0x0f7c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:49:12.0409 0x0f7c  Wanarpv6 - ok
16:49:12.0488 0x0f7c  [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
16:49:12.0496 0x0f7c  WAS - ok
16:49:12.0553 0x0f7c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
16:49:12.0588 0x0f7c  wbengine - ok
16:49:12.0624 0x0f7c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:49:12.0629 0x0f7c  WbioSrvc - ok
16:49:12.0673 0x0f7c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:49:12.0703 0x0f7c  wcncsvc - ok
16:49:12.0719 0x0f7c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:49:12.0722 0x0f7c  WcsPlugInService - ok
16:49:12.0736 0x0f7c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:49:12.0737 0x0f7c  Wd - ok
16:49:12.0798 0x0f7c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:49:12.0827 0x0f7c  Wdf01000 - ok
16:49:12.0855 0x0f7c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:49:12.0859 0x0f7c  WdiServiceHost - ok
16:49:12.0862 0x0f7c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:49:12.0865 0x0f7c  WdiSystemHost - ok
16:49:12.0911 0x0f7c  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
16:49:12.0917 0x0f7c  WebClient - ok
16:49:12.0929 0x0f7c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:49:12.0934 0x0f7c  Wecsvc - ok
16:49:12.0952 0x0f7c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:49:12.0955 0x0f7c  wercplsupport - ok
16:49:12.0974 0x0f7c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
16:49:12.0977 0x0f7c  WerSvc - ok
16:49:13.0006 0x0f7c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:49:13.0007 0x0f7c  WfpLwf - ok
16:49:13.0019 0x0f7c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:49:13.0021 0x0f7c  WIMMount - ok
16:49:13.0099 0x0f7c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:49:13.0124 0x0f7c  WinDefend - ok
16:49:13.0145 0x0f7c  WinHttpAutoProxySvc - ok
16:49:13.0186 0x0f7c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:49:13.0190 0x0f7c  Winmgmt - ok
16:49:13.0260 0x0f7c  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
16:49:13.0296 0x0f7c  WinRM - ok
16:49:13.0370 0x0f7c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
16:49:13.0372 0x0f7c  WinUsb - ok
16:49:13.0416 0x0f7c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:49:13.0432 0x0f7c  Wlansvc - ok
16:49:13.0599 0x0f7c  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:49:13.0648 0x0f7c  wlidsvc - ok
16:49:13.0703 0x0f7c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:49:13.0704 0x0f7c  WmiAcpi - ok
16:49:13.0720 0x0f7c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:49:13.0724 0x0f7c  wmiApSrv - ok
16:49:13.0789 0x0f7c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
16:49:13.0809 0x0f7c  WMPNetworkSvc - ok
16:49:13.0838 0x0f7c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:49:13.0841 0x0f7c  WPCSvc - ok
16:49:13.0888 0x0f7c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:49:13.0891 0x0f7c  WPDBusEnum - ok
16:49:13.0923 0x0f7c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:49:13.0924 0x0f7c  ws2ifsl - ok
16:49:13.0934 0x0f7c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:49:13.0938 0x0f7c  wscsvc - ok
16:49:13.0967 0x0f7c  WSearch - ok
16:49:14.0068 0x0f7c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:49:14.0117 0x0f7c  wuauserv - ok
16:49:14.0167 0x0f7c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:49:14.0168 0x0f7c  WudfPf - ok
16:49:14.0204 0x0f7c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
16:49:14.0207 0x0f7c  WUDFRd - ok
16:49:14.0262 0x0f7c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:49:14.0266 0x0f7c  wudfsvc - ok
16:49:14.0312 0x0f7c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:49:14.0318 0x0f7c  WwanSvc - ok
16:49:14.0325 0x0f7c  ================ Scan global ===============================
16:49:14.0376 0x0f7c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
16:49:14.0426 0x0f7c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
16:49:14.0436 0x0f7c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
16:49:14.0466 0x0f7c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
16:49:14.0485 0x0f7c  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
16:49:14.0504 0x0f7c  [ Global ] - ok
16:49:14.0505 0x0f7c  ================ Scan MBR ==================================
16:49:14.0523 0x0f7c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:49:14.0643 0x0f7c  \Device\Harddisk0\DR0 - ok
16:49:14.0643 0x0f7c  ================ Scan VBR ==================================
16:49:14.0645 0x0f7c  [ B62638E144ACD09701980960D155856D ] \Device\Harddisk0\DR0\Partition1
16:49:14.0646 0x0f7c  \Device\Harddisk0\DR0\Partition1 - ok
16:49:14.0647 0x0f7c  Waiting for KSN requests completion. In queue: 112
16:49:15.0647 0x0f7c  Waiting for KSN requests completion. In queue: 112
16:49:16.0647 0x0f7c  Waiting for KSN requests completion. In queue: 112
16:49:17.0678 0x0f7c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x60000 ( disabled : updated )
16:49:17.0709 0x0f7c  Win FW state via NFP2: enabled
16:49:20.0446 0x0f7c  ============================================================
16:49:20.0446 0x0f7c  Scan finished
16:49:20.0446 0x0f7c  ============================================================
16:49:20.0451 0x0908  Detected object count: 1
16:49:20.0451 0x0908  Actual detected object count: 1
16:55:00.0199 0x0908  SOACS ( UDS:DangerousObject.Multi.Generic ) - skipped by user
16:55:00.0200 0x0908  SOACS ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
16:58:21.0618 0x0964  Deinitialize success

Edited by kreG15, 22 April 2014 - 01:37 AM.


#7 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:05:59 PM

Posted 22 April 2014 - 06:07 PM

Hello again,
 

I'm sorry and I didn't mean any disrespect to you guys

It's okay, none taken. And I understand your desperation and nerves as well. The important thing is to be patient, as logs take time to analyze, but not to worry, we'll get you cleaned up.  :)

 

==========
 
Thanks for the log! Okay, I have moved this topic to the Virus, Trojan, Spyware, and Malware Removal Logs forum where it will stay so that we can get some more logs posted. :wink:

The BSOD's you're experiencing could be caused by the game you're trying to play, but I'd like to take a better look for malware first. Please post the two logs that FRST generates next. Instructions are below:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

bloopie



#8 kreG15

kreG15
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 24 April 2014 - 06:28 AM

Sorry for not being available until now.
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014
Ran by xc1te (administrator) on XC1TE-PC on 24-04-2014 14:22:01
Running from C:\Users\xc1te\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cloud Engines) C:\Program Files\BezeqCloud\dokanmnt.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Users\xc1te\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\xc1te\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\xc1te\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-4094849295-1092034879-3769963386-1001\...\Run: [Google Update] => C:\Users\xc1te\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-08-12] (Google Inc.)
HKU\S-1-5-21-4094849295-1092034879-3769963386-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4094849295-1092034879-3769963386-1001\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-4094849295-1092034879-3769963386-1001\...\MountPoints2: G - G:\Setup.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.il/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/iat/us_il.aspx
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x673A9962083ACB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: cdl - No CLSID Value - 
Handler: file - No CLSID Value - 
Handler: ftp - No CLSID Value - 
Handler: http - No CLSID Value - 
Handler: https - No CLSID Value - 
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: local - No CLSID Value - 
Handler: mk - No CLSID Value - 
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\..\Interfaces\{E2B3B955-60B3-4AA7-B41A-512F3DB79A56}: [NameServer]192.115.106.31
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\xc1te\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\xc1te\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR StartupUrls: "hxxp://www.google.co.uk/"
CHR DefaultSearchKeyword: google.co.uk
CHR DefaultSearchProvider: google.co.uk
CHR DefaultNewTabURL: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\xc1te\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\xc1te\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\xc1te\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java™ Platform SE 7 U4) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\xc1te\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (חיפוש Google) - C:\Users\xc1te\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (Google Wallet) - C:\Users\xc1te\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\xc1te\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
CHR StartMenuInternet: Google Chrome - C:\Users\xc1te\AppData\Local\Google\Chrome\Application\chrome.exe
 
========================== Services (Whitelisted) =================
 
R2 DokanCEMounter; C:\Program Files\BezeqCloud\dokanmnt.exe [108320 2013-02-25] (Cloud Engines)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [16512 2011-08-09] (SafeNet Inc.)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] ()
R2 DokanCEDriver; C:\Program Files\BezeqCloud\dokance.sys [55224 2013-02-25] (Cloud Engines)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
S3 SOACS; C:\Windows\system32\drivers\soacs.sys [4736 2013-08-15] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [697328 2010-08-17] ()
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-04-24 14:22 - 2014-04-24 14:22 - 00014661 _____ () C:\Users\xc1te\Desktop\FRST.txt
2014-04-24 14:21 - 2014-04-24 14:22 - 00000000 ____D () C:\FRST
2014-04-24 14:21 - 2014-04-24 14:21 - 01048576 _____ (Farbar) C:\Users\xc1te\Desktop\FRST.exe
2014-04-22 09:16 - 2014-04-24 14:14 - 00000672 _____ () C:\Windows\setupact.log
2014-04-22 09:16 - 2014-04-22 09:16 - 00001282 _____ () C:\Windows\PFRO.log
2014-04-22 09:16 - 2014-04-22 09:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-21 03:21 - 2014-04-21 03:24 - 00002120 _____ () C:\Users\xc1te\Desktop\Rkill.txt
2014-04-21 03:20 - 2014-04-21 03:21 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\xc1te\Desktop\rkill.exe
2014-04-21 03:15 - 2014-04-21 03:15 - 01016261 _____ (Thisisu) C:\Users\xc1te\Desktop\JRT.exe
2014-04-20 14:14 - 2014-04-24 14:20 - 00192622 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 03:49 - 2014-04-20 03:49 - 00047836 _____ () C:\JavaRa.log
2014-04-20 03:48 - 2014-04-20 03:48 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Oracle
2014-04-20 03:48 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-20 03:47 - 2014-04-20 03:47 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-20 03:47 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-20 03:47 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-20 03:47 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-20 03:38 - 2014-04-20 03:38 - 00855379 _____ () C:\Users\xc1te\Desktop\SecurityCheck.exe
2014-04-19 18:30 - 2014-04-19 18:34 - 00000000 ____D () C:\AdwCleaner
2014-04-19 18:30 - 2014-04-19 18:30 - 01258805 _____ () C:\Users\xc1te\Desktop\AdwCleaner.exe
2014-04-19 17:50 - 2014-04-19 17:50 - 00002005 _____ () C:\Users\xc1te\Desktop\aswMBR.txt
2014-04-19 17:50 - 2014-04-19 17:50 - 00000512 _____ () C:\Users\xc1te\Desktop\MBR.dat
2014-04-19 16:54 - 2014-04-19 16:54 - 04745728 _____ (AVAST Software) C:\Users\xc1te\Desktop\aswMBR.exe
2014-04-19 16:48 - 2014-04-19 16:48 - 00000000 ____D () C:\Users\xc1te\Desktop\TDSSKiller
2014-04-19 16:46 - 2014-04-11 08:56 - 04139360 _____ (Kaspersky Lab ZAO) C:\Users\xc1te\Desktop\TDSSKiller.exe
2014-04-19 13:19 - 2014-04-19 13:19 - 00131072 ____N () C:\Windows\Minidump\041914-23977-01.dmp
2014-04-19 12:53 - 2014-04-19 12:53 - 00131072 ____N () C:\Windows\Minidump\041914-36675-01.dmp
2014-04-19 12:16 - 2014-04-19 12:16 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-19 12:16 - 2014-04-19 12:16 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-19 12:16 - 2014-04-19 12:16 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-19 12:16 - 2014-04-19 12:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-19 12:16 - 2014-04-19 12:16 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-19 12:16 - 2014-04-19 12:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-19 03:43 - 2013-05-10 07:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-19 03:43 - 2013-05-10 07:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-19 00:17 - 2012-10-09 20:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-04-19 00:17 - 2012-10-09 20:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-04-19 00:16 - 2013-11-27 04:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-19 00:16 - 2013-11-27 04:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-19 00:16 - 2013-11-27 04:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-19 00:16 - 2013-11-27 04:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-19 00:16 - 2013-11-27 04:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-19 00:16 - 2013-11-27 04:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-19 00:16 - 2013-11-27 04:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-19 00:16 - 2013-09-14 03:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-19 00:16 - 2013-09-08 05:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-04-19 00:16 - 2013-07-09 07:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-19 00:16 - 2013-07-09 07:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-04-19 00:16 - 2013-07-04 14:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-19 00:16 - 2013-07-03 06:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-04-19 00:16 - 2013-07-03 06:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-04-19 00:16 - 2012-08-22 20:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-04-19 00:16 - 2012-07-04 22:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-04-19 00:15 - 2013-10-04 04:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-04-19 00:15 - 2013-10-04 04:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-04-19 00:15 - 2013-10-04 04:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-04-19 00:13 - 2014-02-04 05:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-19 00:13 - 2013-10-30 05:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-19 00:12 - 2013-09-25 05:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-19 00:12 - 2013-09-25 05:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-19 00:12 - 2013-09-25 04:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-19 00:12 - 2013-09-25 04:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-19 00:12 - 2013-09-25 04:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-19 00:12 - 2013-09-25 04:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-19 00:12 - 2013-09-25 04:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-19 00:12 - 2013-09-25 03:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-19 00:12 - 2013-09-25 03:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-19 00:12 - 2013-07-04 15:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-19 00:11 - 2014-01-01 02:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-19 00:10 - 2013-12-06 05:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-19 00:10 - 2013-12-06 05:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-19 00:10 - 2013-10-19 04:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-19 00:10 - 2013-10-12 05:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-19 00:10 - 2013-10-12 05:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-19 00:10 - 2013-10-12 04:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-19 00:10 - 2013-10-12 04:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-19 00:10 - 2013-08-01 14:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-04-19 00:10 - 2013-04-10 08:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-04-19 00:10 - 2012-08-21 23:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-04-19 00:09 - 2013-11-12 05:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-19 00:09 - 2013-05-10 06:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-04-19 00:08 - 2014-01-28 05:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-19 00:08 - 2013-08-29 04:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-04-19 00:08 - 2013-08-29 04:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-19 00:08 - 2013-08-29 04:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-19 00:08 - 2013-08-29 04:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-04-19 00:08 - 2013-08-29 04:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-04-19 00:08 - 2013-08-28 03:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-04-19 00:08 - 2013-07-20 13:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-04-19 00:08 - 2013-06-06 07:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-04-19 00:08 - 2013-06-06 07:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-04-19 00:08 - 2013-06-06 07:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-04-19 00:08 - 2013-06-06 06:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-19 00:08 - 2013-06-06 06:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-19 00:08 - 2013-04-26 07:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-19 00:08 - 2013-03-19 06:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-04-19 00:07 - 2013-05-13 06:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-04-19 00:07 - 2013-05-13 06:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-04-19 00:06 - 2014-02-04 05:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-19 00:06 - 2014-02-04 05:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-19 00:06 - 2014-02-04 05:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-19 00:06 - 2014-02-04 05:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-19 00:06 - 2012-10-03 19:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-04-19 00:06 - 2012-10-03 19:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-04-19 00:06 - 2012-10-03 19:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-04-19 00:06 - 2012-10-03 19:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-04-19 00:06 - 2012-10-03 19:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-04-19 00:06 - 2012-10-03 19:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-04-19 00:06 - 2012-10-03 18:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-04-19 00:05 - 2014-02-07 04:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-19 00:05 - 2014-01-24 05:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-19 00:05 - 2013-07-25 11:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-04-19 00:05 - 2013-04-26 02:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-04-19 00:04 - 2013-10-04 04:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-19 00:04 - 2013-10-04 04:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-04-19 00:03 - 2013-07-04 14:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-19 00:03 - 2013-07-04 14:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-19 00:03 - 2013-07-04 12:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-04-19 00:01 - 2013-11-26 14:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-19 00:01 - 2013-10-03 04:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-04-19 00:01 - 2013-09-08 05:07 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-19 00:01 - 2013-07-26 04:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-19 00:01 - 2013-07-26 04:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-04-19 00:00 - 2013-10-12 05:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-04-19 00:00 - 2013-10-12 05:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-04-19 00:00 - 2013-10-12 05:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-04-19 00:00 - 2013-10-05 22:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-19 00:00 - 2013-08-05 04:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-04-19 00:00 - 2013-07-09 07:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-19 00:00 - 2013-07-09 07:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-19 00:00 - 2012-11-23 05:48 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-04-18 23:59 - 2013-07-12 13:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-04-18 23:58 - 2014-03-04 12:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-18 23:58 - 2014-01-29 05:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-18 23:58 - 2013-08-02 04:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-18 23:58 - 2013-08-02 04:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 03:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-18 23:58 - 2013-08-02 03:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 03:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 03:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-18 23:58 - 2013-08-02 03:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-18 23:57 - 2013-12-04 05:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-18 23:57 - 2013-12-04 05:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-18 23:57 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-18 23:57 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-18 23:57 - 2013-12-04 05:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-18 23:57 - 2013-12-04 04:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-18 23:57 - 2013-12-04 04:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-18 23:57 - 2013-12-04 04:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-18 23:57 - 2013-12-04 04:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-18 23:57 - 2013-06-26 01:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-18 23:57 - 2013-06-15 06:40 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-04-18 23:57 - 2013-06-15 06:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-04-18 23:20 - 2013-02-27 08:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-18 23:20 - 2013-02-27 07:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-04-18 20:00 - 2014-04-18 20:00 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Curse Advertising
2014-04-18 19:59 - 2014-04-19 11:47 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Curse Client
2014-04-18 19:59 - 2014-04-18 19:59 - 00000994 _____ () C:\Users\xc1te\Desktop\Curse.lnk
2014-04-18 19:59 - 2014-04-18 19:59 - 00000980 _____ () C:\Users\xc1te\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-04-18 19:59 - 2014-04-18 19:59 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Curse
2014-04-18 02:14 - 2014-04-18 02:14 - 00000000 ____D () C:\Windows\system32\SPReview
2014-04-18 02:10 - 2014-04-18 02:13 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-04-18 02:09 - 2014-04-18 02:13 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-04-18 02:08 - 2014-04-18 02:13 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-18 02:00 - 2010-11-20 15:29 - 00520064 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-04-18 02:00 - 2010-11-20 15:21 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-04-18 02:00 - 2010-11-20 15:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2014-04-18 02:00 - 2010-11-20 15:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2014-04-18 02:00 - 2010-11-20 15:21 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-18 02:00 - 2010-11-20 15:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-04-18 02:00 - 2010-11-20 15:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2014-04-18 02:00 - 2010-11-20 15:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2014-04-18 02:00 - 2010-11-20 15:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2014-04-18 02:00 - 2010-11-20 15:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-04-18 02:00 - 2010-11-20 15:17 - 00080896 _____ () C:\Windows\system32\RDVGHelper.exe
2014-04-18 02:00 - 2010-11-20 13:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-04-18 02:00 - 2010-11-05 04:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-04-18 02:00 - 2010-11-05 04:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-04-18 01:59 - 2010-11-20 15:36 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2014-04-18 01:59 - 2010-11-20 15:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2014-04-18 01:59 - 2010-11-20 15:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2014-04-18 01:59 - 2010-11-20 15:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2014-04-18 01:59 - 2010-11-20 15:30 - 00245632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00175360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00173440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00160128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00153984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00140160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00130432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00116096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00085376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00078208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00040704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2014-04-18 01:59 - 2010-11-20 15:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2014-04-18 01:59 - 2010-11-20 15:29 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
2014-04-18 01:59 - 2010-11-20 15:29 - 00274304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-04-18 01:59 - 2010-11-20 15:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2014-04-18 01:59 - 2010-11-20 15:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-04-18 01:59 - 2010-11-20 15:29 - 00137088 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2014-04-18 01:59 - 2010-11-20 15:29 - 00043392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2014-04-18 01:59 - 2010-11-20 15:29 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2014-04-18 01:59 - 2010-11-20 15:24 - 00690680 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-04-18 01:59 - 2010-11-20 15:24 - 00508904 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-18 01:59 - 2010-11-20 15:24 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-18 01:59 - 2010-11-20 15:24 - 00271664 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-04-18 01:59 - 2010-11-20 15:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01086976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00521216 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2014-04-18 01:59 - 2010-11-20 15:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
2014-04-18 01:59 - 2010-11-20 15:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2014-04-18 01:59 - 2010-11-20 15:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2014-04-18 01:59 - 2010-11-20 15:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2014-04-18 01:59 - 2010-11-20 15:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2014-04-18 01:59 - 2010-11-20 15:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2014-04-18 01:59 - 2010-11-20 15:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2014-04-18 01:59 - 2010-11-20 15:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-04-18 01:59 - 2010-11-20 15:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2014-04-18 01:59 - 2010-11-20 15:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-04-18 01:59 - 2010-11-20 15:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00093696 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2014-04-18 01:59 - 2010-11-20 15:19 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-04-18 01:59 - 2010-11-20 15:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00863744 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-04-18 01:59 - 2010-11-20 15:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00252928 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2014-04-18 01:59 - 2010-11-20 15:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-04-18 01:59 - 2010-11-20 15:17 - 03367424 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 01203200 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 01049600 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00098816 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\PushPrinterConnections.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
2014-04-18 01:59 - 2010-11-20 15:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2014-04-18 01:59 - 2010-11-20 15:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2014-04-18 01:59 - 2010-11-20 15:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2014-04-18 01:59 - 2010-11-20 15:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-04-18 01:59 - 2010-11-20 15:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-04-18 01:59 - 2010-11-20 15:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-04-18 01:59 - 2010-11-20 15:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-04-18 01:59 - 2010-11-20 15:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-04-18 01:59 - 2010-11-20 15:16 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2014-04-18 01:59 - 2010-11-20 15:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
2014-04-18 01:59 - 2010-11-20 15:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-04-18 01:59 - 2010-11-20 15:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-04-18 01:59 - 2010-11-20 15:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2014-04-18 01:59 - 2010-11-20 15:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2014-04-18 01:59 - 2010-11-20 15:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-04-18 01:59 - 2010-11-20 15:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2014-04-18 01:59 - 2010-11-20 15:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2014-04-18 01:59 - 2010-11-20 15:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2014-04-18 01:59 - 2010-11-20 15:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2014-04-18 01:59 - 2010-11-20 15:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2014-04-18 01:59 - 2010-11-20 15:16 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2014-04-18 01:59 - 2010-11-20 15:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2014-04-18 01:59 - 2010-11-20 15:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-04-18 01:59 - 2010-11-20 15:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2014-04-18 01:59 - 2010-11-20 15:16 - 00065024 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2014-04-18 01:59 - 2010-11-20 14:54 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-18 01:59 - 2010-11-20 13:24 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2014-04-18 01:59 - 2010-11-20 13:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-04-18 01:59 - 2010-11-20 13:22 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2014-04-18 01:59 - 2010-11-20 13:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2014-04-18 01:59 - 2010-11-20 13:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
2014-04-18 01:59 - 2010-11-20 12:59 - 00035968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2014-04-18 01:59 - 2010-11-20 12:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-18 01:59 - 2010-11-20 12:14 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2014-04-18 01:59 - 2010-11-20 11:44 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2014-04-18 01:59 - 2010-11-20 11:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-04-18 01:59 - 2010-11-20 11:42 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-04-18 01:59 - 2010-11-20 11:40 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-04-18 01:59 - 2010-11-20 11:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2014-04-18 01:59 - 2010-11-20 11:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-04-18 01:59 - 2010-11-05 05:20 - 00146852 _____ () C:\Windows\system32\systemsf.ebd
2014-04-18 01:59 - 2010-11-05 05:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-04-18 01:59 - 2010-11-05 04:58 - 00155472 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-04-18 01:59 - 2010-11-05 04:58 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-04-18 01:59 - 2010-11-05 04:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-04-18 01:59 - 2010-11-05 04:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-04-18 01:59 - 2010-11-05 04:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2014-04-18 01:58 - 2010-11-20 15:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2014-04-18 01:58 - 2010-11-20 15:21 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2014-04-18 01:58 - 2010-11-20 15:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\sppinst.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\sppuinotify.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2014-04-18 01:58 - 2010-11-20 15:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-04-18 01:58 - 2010-11-20 15:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2014-04-18 01:58 - 2010-11-20 15:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2014-04-18 01:58 - 2010-11-20 15:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2014-04-18 01:58 - 2010-11-20 15:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2014-04-18 01:58 - 2010-11-20 15:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
2014-04-18 01:58 - 2010-11-20 15:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2014-04-18 01:58 - 2010-11-20 15:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2014-04-18 01:58 - 2010-11-20 15:17 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00066048 _____ () C:\Windows\system32\PrintBrmUi.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shadow.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2014-04-18 01:58 - 2010-11-20 15:17 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-18 01:58 - 2010-11-20 15:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2014-04-18 01:58 - 2010-11-20 15:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2014-04-18 01:58 - 2010-11-20 15:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2014-04-18 01:58 - 2010-11-20 15:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2014-04-18 01:58 - 2010-11-20 15:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2014-04-18 01:58 - 2010-11-20 15:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-04-18 01:58 - 2010-11-20 15:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2014-04-18 01:58 - 2010-11-20 15:16 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2014-04-18 01:58 - 2010-11-20 15:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2014-04-18 01:58 - 2010-11-20 15:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2014-04-18 01:58 - 2010-11-20 15:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2014-04-18 01:58 - 2010-11-20 15:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2014-04-18 01:58 - 2010-11-20 15:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2014-04-18 01:58 - 2010-11-20 15:16 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2014-04-18 01:58 - 2010-11-20 15:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2014-04-18 01:58 - 2010-11-20 15:16 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2014-04-18 01:58 - 2010-11-20 15:16 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2014-04-18 01:58 - 2010-11-20 15:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-04-18 01:58 - 2010-11-20 15:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2014-04-18 01:58 - 2010-11-20 15:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2014-04-18 01:58 - 2010-11-20 15:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2014-04-18 01:58 - 2010-11-20 15:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
2014-04-18 01:58 - 2010-11-20 15:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2014-04-18 01:58 - 2010-11-20 15:03 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\vmbusres.dll
2014-04-18 01:58 - 2010-11-20 15:03 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\vmstorfltres.dll
2014-04-18 01:58 - 2010-11-20 15:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2014-04-18 01:58 - 2010-11-20 15:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2014-04-18 01:58 - 2010-11-20 15:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
2014-04-18 01:58 - 2010-11-20 15:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-04-18 01:58 - 2010-11-20 15:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
2014-04-18 01:58 - 2010-11-20 14:56 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
2014-04-18 01:58 - 2010-11-20 13:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
2014-04-18 01:58 - 2010-11-20 13:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys
2014-04-18 01:58 - 2010-11-20 13:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\RDPREFDD.dll
2014-04-18 01:58 - 2010-11-20 13:07 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2014-04-18 01:58 - 2010-11-20 13:07 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2014-04-18 01:58 - 2010-11-20 13:06 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2014-04-18 01:58 - 2010-11-20 13:06 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2014-04-18 01:58 - 2010-11-20 13:06 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2014-04-18 01:58 - 2010-11-20 13:00 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2014-04-18 01:58 - 2010-11-20 13:00 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2014-04-18 01:58 - 2010-11-20 13:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2014-04-18 01:58 - 2010-11-20 13:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2014-04-18 01:58 - 2010-11-20 12:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-04-18 01:58 - 2010-11-20 12:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-04-18 01:58 - 2010-11-20 12:50 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2014-04-18 01:58 - 2010-11-20 12:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2014-04-18 01:58 - 2010-11-20 12:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-04-18 01:58 - 2010-11-20 12:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-04-18 01:58 - 2010-11-20 12:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2014-04-18 01:58 - 2010-11-20 12:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-04-18 01:58 - 2010-11-20 12:14 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\VmbusCoinstaller.dll
2014-04-18 01:58 - 2010-11-20 12:14 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\VmdCoinstall.dll
2014-04-18 01:58 - 2010-11-20 12:14 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2014-04-18 01:58 - 2010-11-20 12:14 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2014-04-18 01:58 - 2010-11-20 12:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2014-04-18 01:58 - 2010-11-20 12:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2014-04-18 01:58 - 2010-11-20 12:14 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2014-04-18 01:58 - 2010-11-20 11:47 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
2014-04-18 01:58 - 2010-11-20 11:42 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-18 01:58 - 2010-11-20 11:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2014-04-18 01:58 - 2010-11-20 11:38 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2014-04-18 01:58 - 2010-11-20 08:23 - 00053600 _____ () C:\Windows\system32\dosx.exe
2014-04-18 01:58 - 2010-11-10 04:45 - 00010429 _____ () C:\Windows\system32\ScavengeSpace.xml
2014-04-18 01:58 - 2010-11-05 05:20 - 00105559 _____ () C:\Windows\system32\RacRules.xml
2014-04-18 01:57 - 2010-11-20 15:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2014-04-18 01:57 - 2010-11-20 15:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-04-18 01:57 - 2010-11-20 15:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2014-04-18 01:57 - 2010-11-20 15:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-04-17 23:47 - 2014-04-17 23:47 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-17 23:47 - 2014-04-17 23:47 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-04-17 23:46 - 2014-04-17 23:46 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-04-17 23:46 - 2013-12-10 20:35 - 43342848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-04-17 23:46 - 2013-12-10 20:20 - 02937432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-04-17 23:46 - 2013-12-10 10:17 - 00693385 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-17 23:46 - 2013-12-05 20:21 - 00125144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-04-17 23:46 - 2013-12-04 16:27 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-04-17 23:46 - 2013-12-02 16:55 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-04-17 23:46 - 2013-11-25 15:59 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-04-17 23:46 - 2013-11-25 15:59 - 02329304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-04-17 23:46 - 2013-11-13 18:53 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-04-17 23:46 - 2013-11-13 18:52 - 13881600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-04-17 23:46 - 2013-11-13 18:52 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-04-17 23:46 - 2013-11-13 18:48 - 03629824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2014-04-17 23:46 - 2013-11-13 18:38 - 01677568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2014-04-17 23:46 - 2013-11-13 17:56 - 01824000 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-04-17 23:46 - 2013-11-13 17:56 - 01097984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2014-04-17 23:46 - 2013-11-05 11:21 - 00865592 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-04-17 23:46 - 2013-11-05 11:18 - 05115672 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-04-17 23:46 - 2013-10-28 17:29 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-04-17 23:46 - 2013-10-16 03:43 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-04-17 23:46 - 2013-10-11 12:47 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-04-17 23:46 - 2013-10-11 11:31 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-04-17 23:46 - 2013-10-09 20:13 - 00926976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2014-04-17 23:46 - 2013-10-09 20:12 - 27369216 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2014-04-17 23:46 - 2013-10-07 00:14 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2014-04-17 23:46 - 2013-10-07 00:14 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2014-04-17 23:46 - 2013-10-07 00:14 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2014-04-17 23:46 - 2013-09-10 04:02 - 06176944 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2014-04-17 23:46 - 2013-09-10 04:02 - 00272048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2014-04-17 23:46 - 2013-09-10 04:01 - 01489072 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2014-04-17 23:46 - 2013-09-10 04:01 - 00219312 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2014-04-17 23:46 - 2013-08-24 03:14 - 00938752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2014-04-17 23:46 - 2013-08-24 03:14 - 00823040 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2014-04-17 23:46 - 2013-08-24 03:14 - 00604928 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2014-04-17 23:46 - 2013-08-24 03:14 - 00218368 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2014-04-17 23:46 - 2013-08-20 17:36 - 00502584 _____ () C:\Windows\system32\audioLibVc.dll
2014-04-17 23:46 - 2013-08-14 16:36 - 00873728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2014-04-17 23:46 - 2013-08-14 16:36 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-04-17 23:46 - 2013-08-14 16:35 - 00761088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2014-04-17 23:46 - 2013-08-14 16:35 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-04-17 23:46 - 2013-08-05 18:10 - 02395680 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2014-04-17 23:46 - 2013-06-17 20:20 - 00188696 _____ () C:\Windows\system32\AcpiServiceVnA.dll
2014-04-17 23:46 - 2013-04-03 14:12 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-04-17 23:46 - 2012-08-31 19:17 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2014-04-17 23:46 - 2012-08-31 19:17 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2014-04-17 23:46 - 2012-08-31 19:17 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2014-04-17 23:46 - 2012-08-31 19:17 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2014-04-17 23:46 - 2012-08-31 19:17 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2014-04-17 23:46 - 2012-03-08 11:47 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-04-17 23:46 - 2012-01-30 11:42 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2014-04-17 23:46 - 2012-01-10 10:20 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2014-04-17 23:46 - 2011-11-22 16:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2014-04-17 23:46 - 2011-09-02 14:21 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2014-04-17 23:46 - 2011-09-02 14:21 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2014-04-17 23:46 - 2011-09-02 14:21 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2014-04-17 23:46 - 2011-08-23 17:00 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2014-04-17 23:46 - 2011-05-31 09:42 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2014-04-17 23:46 - 2011-03-17 12:16 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-04-17 23:46 - 2011-03-07 17:03 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-04-17 23:46 - 2010-11-08 07:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2014-04-17 23:46 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2014-04-17 23:46 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2014-04-17 23:46 - 2010-11-08 07:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2014-04-17 23:46 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2014-04-17 23:46 - 2010-11-08 07:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2014-04-17 23:46 - 2010-09-27 09:34 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-17 23:46 - 2009-12-04 15:43 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2014-04-17 23:46 - 2009-11-24 09:55 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-04-17 23:46 - 2009-11-24 09:55 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2014-04-17 23:46 - 2009-11-24 09:55 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2014-04-17 23:46 - 2009-11-24 09:55 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-04-17 23:46 - 2009-11-18 18:42 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2014-04-17 23:16 - 2014-04-17 23:16 - 00000000 ____D () C:\Users\xc1te\AppData\Local\NVIDIA Corporation
2014-04-17 23:15 - 2014-02-05 12:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-04-17 23:13 - 2014-03-04 14:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2014-04-17 23:09 - 2014-03-04 17:29 - 23716640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-04-17 23:09 - 2014-03-04 17:29 - 17559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-17 23:09 - 2014-03-04 17:29 - 10523480 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-17 23:09 - 2014-03-04 17:29 - 09728064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-17 23:09 - 2014-03-04 17:29 - 09690424 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-17 23:09 - 2014-03-04 17:29 - 02956632 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-17 23:09 - 2014-03-04 17:29 - 02411976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-17 23:09 - 2014-03-04 17:29 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233523.dll
2014-04-17 23:09 - 2014-03-04 17:29 - 00894296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233523.dll
2014-04-17 23:09 - 2014-03-04 17:29 - 00865224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2014-04-17 23:09 - 2014-03-04 17:29 - 00847136 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2014-04-17 23:09 - 2013-12-27 21:42 - 00034080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2014-04-17 23:09 - 2013-12-27 21:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2014-04-17 23:09 - 2013-11-28 16:38 - 00162592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2014-04-17 23:09 - 2013-11-28 16:38 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2014-04-17 22:52 - 2010-06-17 12:02 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2014-04-17 22:40 - 2013-11-26 15:49 - 00683736 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2014-04-17 22:40 - 2013-11-26 15:49 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2014-04-17 22:10 - 2014-04-17 22:10 - 00013507 _____ () C:\Users\xc1te\Desktop\MemTest.zip
2014-04-17 21:58 - 2014-04-19 14:31 - 00000000 ____D () C:\Program Files\WhoCrashed
2014-04-17 21:58 - 2014-04-17 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2014-04-17 21:56 - 2014-04-17 21:58 - 02668480 _____ (Resplendence Software Projects Sp. ) C:\Users\xc1te\Desktop\whocrashedSetup.exe
2014-04-11 19:23 - 2014-04-11 19:30 - 00000000 ____D () C:\ProgramData\2992199F9A
 
==================== One Month Modified Files and Folders =======
 
2014-04-24 14:22 - 2014-04-24 14:22 - 00014661 _____ () C:\Users\xc1te\Desktop\FRST.txt
2014-04-24 14:22 - 2014-04-24 14:21 - 00000000 ____D () C:\FRST
2014-04-24 14:21 - 2014-04-24 14:21 - 01048576 _____ (Farbar) C:\Users\xc1te\Desktop\FRST.exe
2014-04-24 14:20 - 2014-04-20 14:14 - 00192622 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 14:19 - 2009-07-14 07:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-24 14:19 - 2009-07-14 07:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-24 14:14 - 2014-04-22 09:16 - 00000672 _____ () C:\Windows\setupact.log
2014-04-24 14:14 - 2012-04-29 01:30 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-24 14:14 - 2010-08-12 13:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-24 14:14 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 20:25 - 2012-04-29 01:30 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-23 20:23 - 2010-08-12 13:43 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4094849295-1092034879-3769963386-1001UA.job
2014-04-22 09:44 - 2010-08-12 13:22 - 01364968 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-22 09:16 - 2014-04-22 09:16 - 00001282 _____ () C:\Windows\PFRO.log
2014-04-22 09:16 - 2014-04-22 09:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-22 09:16 - 2010-09-26 11:29 - 00000000 ____D () C:\Users\xc1te\AppData\Local\Adobe
2014-04-21 17:23 - 2010-08-12 13:43 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4094849295-1092034879-3769963386-1001Core.job
2014-04-21 12:36 - 2009-07-14 07:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-04-21 03:24 - 2014-04-21 03:21 - 00002120 _____ () C:\Users\xc1te\Desktop\Rkill.txt
2014-04-21 03:21 - 2014-04-21 03:20 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\xc1te\Desktop\rkill.exe
2014-04-21 03:15 - 2014-04-21 03:15 - 01016261 _____ (Thisisu) C:\Users\xc1te\Desktop\JRT.exe
2014-04-20 19:34 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\rescache
2014-04-20 03:54 - 2010-08-16 14:23 - 00000000 ____D () C:\Users\xc1te\Documents\TorrentLeech
2014-04-20 03:49 - 2014-04-20 03:49 - 00047836 _____ () C:\JavaRa.log
2014-04-20 03:49 - 2010-08-20 20:00 - 00000000 ____D () C:\Program Files\Java
2014-04-20 03:48 - 2014-04-20 03:48 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Oracle
2014-04-20 03:48 - 2013-10-23 09:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 03:47 - 2014-04-20 03:47 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-20 03:38 - 2014-04-20 03:38 - 00855379 _____ () C:\Users\xc1te\Desktop\SecurityCheck.exe
2014-04-19 18:34 - 2014-04-19 18:30 - 00000000 ____D () C:\AdwCleaner
2014-04-19 18:30 - 2014-04-19 18:30 - 01258805 _____ () C:\Users\xc1te\Desktop\AdwCleaner.exe
2014-04-19 18:07 - 2010-08-12 13:52 - 00000000 ____D () C:\Users\xc1te\Documents\Knight OnLine Stuff
2014-04-19 17:50 - 2014-04-19 17:50 - 00002005 _____ () C:\Users\xc1te\Desktop\aswMBR.txt
2014-04-19 17:50 - 2014-04-19 17:50 - 00000512 _____ () C:\Users\xc1te\Desktop\MBR.dat
2014-04-19 17:38 - 2011-10-01 13:40 - 00000000 ____D () C:\Users\xc1te\Desktop\SGS2
2014-04-19 16:54 - 2014-04-19 16:54 - 04745728 _____ (AVAST Software) C:\Users\xc1te\Desktop\aswMBR.exe
2014-04-19 16:48 - 2014-04-19 16:48 - 00000000 ____D () C:\Users\xc1te\Desktop\TDSSKiller
2014-04-19 14:31 - 2014-04-17 21:58 - 00000000 ____D () C:\Program Files\WhoCrashed
2014-04-19 13:19 - 2014-04-19 13:19 - 00131072 ____N () C:\Windows\Minidump\041914-23977-01.dmp
2014-04-19 13:19 - 2011-01-17 13:20 - 00000000 ____D () C:\Windows\Minidump
2014-04-19 12:53 - 2014-04-19 12:53 - 00131072 ____N () C:\Windows\Minidump\041914-36675-01.dmp
2014-04-19 12:31 - 2011-03-09 21:34 - 00000000 ____D () C:\Windows\pss
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\he-IL
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-04-19 12:23 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-19 12:16 - 2014-04-19 12:16 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-19 12:16 - 2014-04-19 12:16 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-19 12:16 - 2014-04-19 12:16 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-19 12:16 - 2014-04-19 12:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-19 12:16 - 2014-04-19 12:16 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-19 12:16 - 2014-04-19 12:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-19 12:16 - 2014-04-19 12:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-19 12:16 - 2014-04-19 12:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-19 12:06 - 2014-04-19 12:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-19 11:47 - 2014-04-18 19:59 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Curse Client
2014-04-19 05:14 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-19 05:04 - 2009-07-14 07:33 - 03762928 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-19 04:56 - 2009-07-14 07:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-18 23:07 - 2010-08-12 21:23 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Mp3tag
2014-04-18 23:02 - 2010-08-12 19:33 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\uTorrent
2014-04-18 20:01 - 2011-08-07 12:18 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\TS3Client
2014-04-18 20:00 - 2014-04-18 20:00 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Curse Advertising
2014-04-18 19:59 - 2014-04-18 19:59 - 00000994 _____ () C:\Users\xc1te\Desktop\Curse.lnk
2014-04-18 19:59 - 2014-04-18 19:59 - 00000980 _____ () C:\Users\xc1te\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-04-18 19:59 - 2014-04-18 19:59 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Curse
2014-04-18 19:23 - 2011-08-07 12:14 - 00001124 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-04-18 19:23 - 2011-08-07 12:14 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-18 03:28 - 2010-08-13 16:03 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2014-04-18 03:28 - 2009-07-14 10:49 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-04-18 03:28 - 2009-07-14 07:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-18 03:28 - 2009-07-14 07:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-04-18 03:28 - 2009-07-14 07:52 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-04-18 03:28 - 2009-07-14 07:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-04-18 03:28 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-04-18 03:28 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-04-18 03:28 - 2009-07-14 05:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-18 03:25 - 2009-07-14 05:05 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-04-18 03:17 - 2011-08-11 15:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-18 02:14 - 2014-04-18 02:14 - 00000000 ____D () C:\Windows\system32\SPReview
2014-04-18 02:13 - 2014-04-18 02:10 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-04-18 02:13 - 2014-04-18 02:09 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-04-18 02:13 - 2014-04-18 02:08 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-18 02:11 - 2011-08-11 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-17 23:47 - 2014-04-17 23:47 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-17 23:47 - 2014-04-17 23:47 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-04-17 23:46 - 2014-04-17 23:46 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-04-17 23:46 - 2010-08-12 13:20 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-17 23:38 - 2013-06-08 18:09 - 00000000 ____D () C:\Users\xc1te\AppData\Local\NVIDIA
2014-04-17 23:17 - 2011-11-05 21:59 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-17 23:16 - 2014-04-17 23:16 - 00000000 ____D () C:\Users\xc1te\AppData\Local\NVIDIA Corporation
2014-04-17 23:15 - 2010-08-12 13:36 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-04-17 23:14 - 2013-04-12 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-04-17 22:52 - 2012-01-28 19:47 - 00000000 ____D () C:\Program Files\Intel
2014-04-17 22:39 - 2010-08-12 13:20 - 00000000 ____D () C:\Program Files\Realtek
2014-04-17 22:10 - 2014-04-17 22:10 - 00013507 _____ () C:\Users\xc1te\Desktop\MemTest.zip
2014-04-17 21:58 - 2014-04-17 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2014-04-17 21:58 - 2014-04-17 21:56 - 02668480 _____ (Resplendence Software Projects Sp. ) C:\Users\xc1te\Desktop\whocrashedSetup.exe
2014-04-17 21:56 - 2010-09-09 15:58 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-17 21:53 - 2009-07-14 05:04 - 00000478 _____ () C:\Windows\win.ini
2014-04-17 21:39 - 2013-09-04 01:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-14 20:13 - 2014-04-20 03:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-04-20 03:48 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-14 20:05 - 2014-04-20 03:47 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-14 20:04 - 2014-04-20 03:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-12 06:42 - 2010-08-12 13:44 - 00000000 ____D () C:\Users\xc1te\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-12 06:42 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-04-12 06:42 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\registration
2014-04-11 19:44 - 2010-08-12 13:18 - 00000000 ____D () C:\Users\xc1te
2014-04-11 19:30 - 2014-04-11 19:23 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-04-11 08:56 - 2014-04-19 16:46 - 04139360 _____ (Kaspersky Lab ZAO) C:\Users\xc1te\Desktop\TDSSKiller.exe
2014-03-31 03:51 - 2010-08-12 14:38 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-30 09:14 - 2009-07-14 05:37 - 00000000 __RSD () C:\Windows\Media
2014-03-29 21:05 - 2013-12-19 13:09 - 00000000 ____D () C:\Users\xc1te\Desktop\Prison Break COMPLETE BluRay 720p nHD x264 NhaNc3
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-04-19 06:22
 
==================== End Of Log ============================

Edited by kreG15, 24 April 2014 - 06:33 AM.


#9 kreG15

kreG15
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 24 April 2014 - 06:30 AM

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2014
Ran by xc1te at 2014-04-24 14:22:54
Running from C:\Users\xc1te\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe AIR (Version: 2.0.3.13070 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVI ReComp 1.5.3 (HKLM\...\AVI ReComp) (Version: 1.5.3 - Mateusz Gola (aka Prozac))
AviSynth 2.5 (HKLM\...\Avisynth) (Version:  - )
Bezeq Cloud (HKLM\...\PogoplugBackup) (Version: 5.1.7 - Cloud Engines Inc.)
Call of Duty Modern Warfare 2 (HKLM\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 2.36 - Piriform)
Combined Community Codec Pack 2010-10-10 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2010.10.10.0 - CCCP Project)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
CrystalDiskMark 3.0.2f (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
Curse (HKLM\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp DSP Effects (HKLM\...\dBpoweramp DSP Effects) (Version: Release 6 - Illustrate)
dBpoweramp Music Converter (HKLM\...\dBpoweramp Music Converter) (Version: Release 14 - Illustrate)
dBpoweramp Windows Media Audio 10 Codec (HKLM\...\dBpoweramp Windows Media Audio 10 Codec) (Version: Release 7 - Illustrate)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MaxKO Expansion (HKLM\...\MaxKO Expansion) (Version:  - )
Medieval CUE Splitter (HKLM\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
mIRC (HKLM\...\mIRC) (Version: 6.31 - mIRC Co. Ltd.)
Mp3 Audio Editor (HKLM\...\Mp3 Audio Editor) (Version:  - Mp3AudioEditor Inc.)
Mp3tag v2.54 (HKLM\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need For Speed Underground (HKLM\...\{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version:  - )
NoNameScript (HKCU\...\NoNameScript) (Version: 4.2 - Regroup Esports A/S)
Now Playing: A Windows Media Player Plugin (HKLM\...\{B4096A70-AB6D-4dc9-8382-DB2213F861AE}) (Version: 3.8.0.4 - Brandon Fuller)
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
Preset Manager 2.0 (HKLM\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.3.11082_152 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.3.11082_152 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.4.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Source SDK Base 2006 (HKLM\...\Steam App 215) (Version:  - Valve)
SpeechRedist (HKLM\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subtitles modifier 2.95 (HKLM\...\Subtitles modifier_is1) (Version:  - Cosmin Ciuperca)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab CYRI (HKLM\...\{6FCBE08B-EB47-448E-8566-CE38E8B8D065}) (Version: 4.4.16.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{294BB21B-0091-492F-87D2-A9192DA3E448}) (Version: 4.3.16.0 - Husdawg, LLC)
TeamSpeak 2 RC2 (HKLM\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.15723 - TeamViewer)
Uninstall KnightOnline (HKLM\...\{87DA31F6-6418-4740-A3F2-26D880EF65CD}}_is1) (Version:  - KnightOnline)
Unreal Tournament (HKLM\...\UnrealTournament) (Version:  - )
Unreal Tournament 2004 (HKLM\...\UT2004) (Version:  - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Vegas Pro 11.0 (HKLM\...\{E6F012B0-E930-11E0-A67A-F04DA23A5C58}) (Version: 11.0.370 - Sony)
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.5 - Flagship Industries, Inc.)
VobSub 2.23 (HKLM\...\VobSub) (Version: 2.23 - Gabest)
WhoCrashed 5.01 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Winrar 3.93 (HKLM\...\Winrar 3.93) (Version:  - )
Xilisoft Video Converter Ultimate 6 (HKLM\...\Xilisoft Video Converter Ultimate 6) (Version: 6.0.12.0914 - Xilisoft)
Xvid 1.3.0 (HKLM\...\Xvid_is1) (Version: 1.3.0 - Xvid Solutions)
 
==================== Restore Points  =========================
 
19-04-2014 08:58:36 Windows Update
19-04-2014 09:03:49 Windows Update
20-04-2014 00:46:03 Installed Java 7 Update 55
20-04-2014 11:16:12 Windows Update
23-04-2014 15:06:09 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-14 05:04 - 2010-09-16 18:07 - 00000852 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0FCCA75F-CB0C-456C-9738-5299121968D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-29] (Google Inc.)
Task: {7BFB4E83-8876-45CA-A215-29F1BEE78167} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4094849295-1092034879-3769963386-1001Core => C:\Users\xc1te\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {7F4B383B-1169-4087-9C40-BD2EF7A61263} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {C55CACB8-BE3E-4580-9BB4-E7C8FB4A90A7} - System32\Tasks\{7D410FB1-4338-4A61-8969-65F5372C3F20} => Chrome.exe http://ui.skype.com/ui/0/6.3.73.105.456/he/abandoninstall?page=tsWLM
Task: {C7A7DA07-4404-44D1-AEB8-F68ADF844829} - System32\Tasks\CrystalDiskInfo => C:\Users\xc1te\Desktop\CrystalDiskInfo5_6_2Shizuku\DiskInfoS.exe
Task: {D38E1942-6757-4212-BB49-20B78E8CD6B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-29] (Google Inc.)
Task: {FB715D16-374A-4BCD-9D15-A52FB4571E44} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4094849295-1092034879-3769963386-1001UA => C:\Users\xc1te\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4094849295-1092034879-3769963386-1001Core.job => C:\Users\xc1te\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4094849295-1092034879-3769963386-1001UA.job => C:\Users\xc1te\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-11-10 21:04 - 2014-03-04 15:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-03-15 11:28 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\Winrar\rarext.dll
2010-10-10 16:19 - 2010-10-10 16:19 - 00043520 _____ () C:\Windows\system32\CmdLineExt03.dll
2014-04-12 01:24 - 2014-04-02 04:57 - 00065352 _____ () C:\Users\xc1te\AppData\Local\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-12 01:24 - 2014-04-02 04:57 - 00674632 _____ () C:\Users\xc1te\AppData\Local\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-12 01:24 - 2014-04-02 04:57 - 00093000 _____ () C:\Users\xc1te\AppData\Local\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-12 01:24 - 2014-04-02 04:57 - 04081480 _____ () C:\Users\xc1te\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-12 01:24 - 2014-04-02 04:58 - 00390472 _____ () C:\Users\xc1te\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-12 01:24 - 2014-04-02 04:57 - 01647432 _____ () C:\Users\xc1te\AppData\Local\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:76650B61
AlternateDataStreams: C:\ProgramData\TEMP:EF6E4E62
AlternateDataStreams: C:\Users\xc1te\Downloads\Friends.S10E07.HEBSUB.avi:TOC.WMV
AlternateDataStreams: C:\Users\xc1te\Downloads\Friends.S10E08.HEBSUB.avi:TOC.WMV
AlternateDataStreams: C:\Users\xc1te\Downloads\Friends.S10E09.HEBSUB.avi:TOC.WMV
AlternateDataStreams: C:\Users\xc1te\Downloads\Friends.s6e12.The.Joke.DivX.Hebsub.by.mei00.sharetw.info.avi:TOC.WMV
AlternateDataStreams: C:\Users\xc1te\Downloads\Friends.s6e13.Rachel'S.Sister.DivX.Hebsub.by.mei00.sharetw.info.avi:TOC.WMV
AlternateDataStreams: C:\Users\xc1te\Downloads\Friends.s7e22.Chandler'S.Dad.DivX.Hebsub.by.mei00.sharetw.info.avi:TOC.WMV
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\startupfolder: C:^Users^xc1te^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Pogoplug Backup => "C:\Program Files\BezeqCloud\ppbrowser.exe" --starthidden
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/22/2014 09:44:57 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
 
Error: (04/21/2014 01:29:12 PM) (Source: BugSplat) (User: )
Description: This event has been logged by the BugSplat crash reporting library (
in partnership with your vendor lol_beta_riotgames_com.
A crash report from the application 'LOL_Public' has been successfully logged into the BugSplat database with id=113553607.
Please contact your vendor for more information.
 
Error: (04/21/2014 04:05:22 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
 
Error: (04/19/2014 00:28:47 PM) (Source: PerfNet) (User: )
Description: 
 
Error: (04/19/2014 00:28:47 PM) (Source: PerfNet) (User: )
Description: 
 
Error: (04/19/2014 11:55:46 AM) (Source: PerfNet) (User: )
Description: 
 
Error: (04/19/2014 11:55:46 AM) (Source: PerfNet) (User: )
Description: 
 
Error: (04/19/2014 05:06:56 AM) (Source: PerfNet) (User: )
Description: 
 
Error: (04/19/2014 05:06:56 AM) (Source: PerfNet) (User: )
Description: 
 
Error: (04/18/2014 09:02:10 PM) (Source: PerfNet) (User: )
Description: 
 
 
System errors:
=============
Error: (04/22/2014 09:42:15 AM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
%%1058
 
Error: (04/22/2014 09:42:15 AM) (Source: DCOM) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error: (04/21/2014 00:36:58 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
%%1058
 
Error: (04/21/2014 00:36:58 PM) (Source: DCOM) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error: (04/20/2014 02:04:53 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:03:24 PM on ‎4/‎20/‎2014 was unexpected.
 
Error: (04/20/2014 00:17:59 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:16:45 AM on ‎4/‎20/‎2014 was unexpected.
 
Error: (04/19/2014 01:20:00 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
 
Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 1
 
The details view of this entry contains further information.
 
Error: (04/19/2014 01:20:00 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
 
Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 0
 
The details view of this entry contains further information.
 
Error: (04/19/2014 01:20:00 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
 
Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 0
 
The details view of this entry contains further information.
 
Error: (04/19/2014 01:19:44 PM) (Source: BugCheck) (User: )
Description: 0x00000124 (0x00000000, 0x869c44dc, 0x00000000, 0x00000000)C:\Windows\Minidump\041914-23977-01.dmp041914-23977-01
 
 
Microsoft Office Sessions:
=========================
Error: (04/22/2014 09:44:57 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
 
Error: (04/21/2014 01:29:12 PM) (Source: BugSplat)(User: )
Description: lol_beta_riotgames_comLOL_Public113553607
 
Error: (04/21/2014 04:05:22 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
 
Error: (04/19/2014 00:28:47 PM) (Source: PerfNet)(User: )
Description: 
 
Error: (04/19/2014 00:28:47 PM) (Source: PerfNet)(User: )
Description: 
 
Error: (04/19/2014 11:55:46 AM) (Source: PerfNet)(User: )
Description: 
 
Error: (04/19/2014 11:55:46 AM) (Source: PerfNet)(User: )
Description: 
 
Error: (04/19/2014 05:06:56 AM) (Source: PerfNet)(User: )
Description: 
 
Error: (04/19/2014 05:06:56 AM) (Source: PerfNet)(User: )
Description: 
 
Error: (04/18/2014 09:02:10 PM) (Source: PerfNet)(User: )
Description: 
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 38%
Total physical RAM: 2047.24 MB
Available physical RAM: 1249.24 MB
Total Pagefile: 4094.48 MB
Available Pagefile: 3035.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.25 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.75 GB) (Free:59.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 51A4DD69)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#10 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:05:59 PM

Posted 24 April 2014 - 04:11 PM

Hello again,
 
I see you have a lot of items disabled in MSCONFIG, what is the reason for disabling all those items?
 
Please do the below steps next. The first step is to see if we can get the exact error code if you can get the machine to Blue Screen again. If you're unable to, then skip it and follow step 2:

Step :step1:

We Need to Diagnose Your BlueScreen
  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:
    advancedoptions.png
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:
    bsod_c.jpg
Please post me the error(s).

==========

Step :step2:

Run Combofix

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out here or here

Combofix may need to reboot your computer more than once to do its job...this is normal.

You can download Combofix from one of these links.
  • Close any open browsers or any other programs that are open.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you C:\Combofix.txt. Please include that in your next reply.
Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

bloopie

#11 kreG15

kreG15
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 24 April 2014 - 06:18 PM

I disabled the items in MSConfig simply because I don't need or want them running on startup. Is there anything important there that I disabled?

 

As for the STOP code, I think it's on the dump file. I checked Event Viewer and found these codes from different "BugCheck" events:

 

0x00000124 (0x00000000, 0x86a15024, 0x00000000, 0x00000000) 

0x00000124 (0x00000000, 0x869c44dc, 0x00000000, 0x00000000)

0x00000124 (0x00000000, 0x86ae08fc, 0x00000000, 0x00000000)

0x00000124 (0x00000000, 0x86a8a4dc, 0x00000000, 0x00000000)

 

The title for 0x124 code is WHEA_UNCORRECTABLE_ERROR.

 

 

ComboFix 14-04-20.01 - xc1te 25/04/2014   1:39.1.2 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1255.972.1033.18.2047.1298 [GMT 3:00]
Running from: c:\users\xc1te\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\xc1te\AppData\Local\ImgBurn.exe
c:\users\xc1te\AppData\Local\tsMuxeR.exe
c:\windows\Downloaded Program Files\libFLAC
c:\windows\Downloaded Program Files\libFLAC\install.bat
c:\windows\Downloaded Program Files\libFLAC\InstallFilter.exe
c:\windows\Downloaded Program Files\libFLAC\libFLAC.dll
c:\windows\Downloaded Program Files\libFLAC\madFlac.ax
c:\windows\Downloaded Program Files\libFLAC\readme.txt
c:\windows\Downloaded Program Files\libFLAC\swflash.inf
c:\windows\Downloaded Program Files\libFLAC\uninstall.bat
.
.
(((((((((((((((((((((((((   Files Created from 2014-03-24 to 2014-04-24  )))))))))))))))))))))))))))))))
.
.
2014-04-24 20:11 . 2014-04-24 20:11 -------- d-----w- C:\Riot Games
2014-04-24 20:11 . 2014-04-24 20:15 -------- d-----w- c:\users\xc1te\AppData\Local\PMB Files
2014-04-24 20:11 . 2014-04-24 20:15 -------- d-----w- c:\programdata\PMB Files
2014-04-24 19:57 . 2014-04-24 20:11 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2014-04-24 15:29 . 2014-04-17 02:32 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9486F4E2-3FAD-4ECD-BDC2-35DD027BF9C6}\mpengine.dll
2014-04-24 11:21 . 2014-04-24 11:23 -------- d-----w- C:\FRST
2014-04-23 15:06 . 2014-04-17 02:32 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-20 00:48 . 2014-04-20 00:48 -------- d-----w- c:\users\xc1te\AppData\Roaming\Oracle
2014-04-20 00:47 . 2014-04-14 17:13 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-19 15:30 . 2014-04-19 15:34 -------- d-----w- C:\AdwCleaner
2014-04-19 09:06 . 2014-04-19 09:06 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-19 01:25 . 2014-04-19 01:25 -------- d-----w- c:\windows\Migration
2014-04-19 00:43 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-04-19 00:43 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-04-18 21:17 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2014-04-18 21:17 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2014-04-18 21:15 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-04-18 21:15 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\system32\authui.dll
2014-04-18 21:15 . 2013-10-04 01:56 168960 ----a-w- c:\windows\system32\credui.dll
2014-04-18 21:13 . 2014-02-04 02:04 509440 ----a-w- c:\windows\system32\qedit.dll
2014-04-18 21:13 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2014-04-18 21:12 . 2013-09-25 02:01 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-18 21:12 . 2013-09-25 02:01 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-18 21:12 . 2013-09-25 01:57 99840 ----a-w- c:\windows\system32\sspicli.dll
2014-04-18 21:12 . 2013-09-25 01:57 22016 ----a-w- c:\windows\system32\secur32.dll
2014-04-18 21:12 . 2013-09-25 01:57 247808 ----a-w- c:\windows\system32\schannel.dll
2014-04-18 21:12 . 2013-09-25 01:56 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-04-18 21:12 . 2013-09-25 01:56 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-18 21:12 . 2013-09-25 00:49 22016 ----a-w- c:\windows\system32\lsass.exe
2014-04-18 21:12 . 2013-09-25 00:49 15872 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-18 21:12 . 2013-07-04 12:16 369848 ----a-w- c:\windows\system32\drivers\cng.sys
2014-04-18 21:10 . 2013-10-19 01:36 159232 ----a-w- c:\windows\system32\imagehlp.dll
2014-04-18 21:10 . 2013-12-06 02:02 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-04-18 21:10 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\system32\msxml3.dll
2014-04-18 21:10 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2014-04-18 21:10 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2014-04-18 21:10 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2014-04-18 21:10 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2014-04-18 21:10 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-04-18 21:10 . 2013-08-01 11:03 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-04-18 21:10 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-04-18 21:09 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2014-04-18 21:09 . 2013-11-12 02:07 2048 ----a-w- c:\windows\system32\tzres.dll
2014-04-18 21:07 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2014-04-18 21:07 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2014-04-18 21:06 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-18 21:06 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-18 21:06 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-18 21:06 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-18 21:06 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2014-04-18 21:06 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2014-04-18 21:06 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2014-04-18 21:06 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2014-04-18 21:06 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2014-04-18 21:06 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2014-04-18 21:06 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2014-04-18 21:05 . 2014-02-07 01:07 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-04-18 21:05 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-04-18 21:05 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-18 21:05 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-04-18 21:04 . 2013-10-04 01:49 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-04-18 21:04 . 2013-10-04 01:17 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-04-18 21:03 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-04-18 21:03 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2014-04-18 21:03 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2014-04-18 21:03 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-04-18 21:01 . 2013-10-03 01:58 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-04-18 21:01 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2014-04-18 21:01 . 2013-09-08 02:07 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-04-18 21:00 . 2013-08-05 01:56 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2014-04-18 21:00 . 2013-10-12 02:03 656896 ----a-w- c:\windows\system32\nshwfp.dll
2014-04-18 21:00 . 2013-10-12 02:01 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-04-18 21:00 . 2013-10-12 02:01 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-04-18 21:00 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-04-18 21:00 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\system32\crypt32.dll
2014-04-18 21:00 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2014-04-18 21:00 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2014-04-18 20:59 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2014-04-18 20:57 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-04-18 20:57 . 2013-12-04 01:54 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-04-18 20:57 . 2013-12-04 01:54 572416 ----a-w- c:\windows\system32\RMActivate.exe
2014-04-18 20:57 . 2013-12-04 01:54 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-04-18 20:57 . 2013-12-04 02:03 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2014-04-18 20:57 . 2013-12-04 02:03 428032 ----a-w- c:\windows\system32\secproc.dll
2014-04-18 20:57 . 2013-12-04 02:02 390144 ----a-w- c:\windows\system32\msdrm.dll
2014-04-18 20:57 . 2013-12-04 01:54 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-04-18 20:57 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2014-04-18 20:57 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2014-04-18 20:57 . 2013-06-15 03:40 918528 ----a-w- c:\windows\system32\rdpcorets.dll
2014-04-18 20:57 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-04-18 20:20 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2014-04-18 20:20 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2014-04-18 17:00 . 2014-04-18 17:00 -------- d-----w- c:\users\xc1te\AppData\Roaming\Curse Advertising
2014-04-18 16:59 . 2014-04-19 08:47 -------- d-----w- c:\users\xc1te\AppData\Roaming\Curse Client
2014-04-18 16:59 . 2014-04-18 16:59 -------- d-----w- c:\users\xc1te\AppData\Roaming\Curse
2014-04-17 23:14 . 2014-04-17 23:14 -------- d-----w- c:\windows\system32\SPReview
2014-04-17 23:08 . 2014-04-17 23:13 -------- d-----w- c:\program files\Microsoft Security Client
2014-04-17 22:59 . 2010-11-20 12:29 14208 ----a-w- c:\windows\system32\drivers\hwpolicy.sys
2014-04-17 22:58 . 2010-11-20 12:21 507392 ----a-w- c:\windows\system32\wmdrmdev.dll
2014-04-17 22:57 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll
2014-04-17 22:57 . 2010-11-20 12:17 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2014-04-17 22:57 . 2010-11-20 12:18 323072 ----a-w- c:\windows\system32\drvstore.dll
2014-04-17 22:57 . 2010-11-20 12:18 257024 ----a-w- c:\windows\system32\dpx.dll
2014-04-17 20:47 . 2014-04-17 20:47 -------- d-----w- c:\windows\system32\RTCOM
2014-04-17 20:16 . 2014-04-17 20:16 -------- d-----w- c:\users\xc1te\AppData\Local\NVIDIA Corporation
2014-04-17 20:15 . 2014-02-05 09:31 1048152 ----a-w- c:\windows\system32\nvspcap.dll
2014-04-17 20:14 . 2014-04-17 20:14 -------- d-----w- c:\program files\AGEIA Technologies
2014-04-17 20:13 . 2014-03-04 11:32 599840 ----a-w- c:\windows\system32\nvStreaming.exe
2014-04-17 19:52 . 2010-06-17 09:02 53248 ----a-w- c:\windows\system32\CSVer.dll
2014-04-17 19:40 . 2013-11-26 12:49 76872 ----a-w- c:\windows\system32\RtNicProp32.dll
2014-04-17 19:40 . 2013-11-26 12:49 683736 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2014-04-17 18:58 . 2014-04-19 11:31 -------- d-----w- c:\program files\WhoCrashed
2014-04-16 00:09 . 2014-03-07 04:35 7969936 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{685E675C-1FE2-4503-B42D-B0D2E4E62FEB}\mpengine.dll
2014-04-11 16:23 . 2014-04-11 16:30 -------- d-----w- c:\programdata\2992199F9A
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-18 00:25 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2014-03-11 06:52 . 2013-09-27 06:53 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-04 14:29 . 2013-04-12 10:41 14709720 ----a-w- c:\windows\system32\nvd3dum.dll
2014-03-04 14:29 . 2011-06-03 13:01 2715264 ----a-w- c:\windows\system32\nvapi.dll
2014-03-04 14:29 . 2011-04-22 10:21 15783992 ----a-w- c:\windows\system32\nvwgf2um.dll
2014-03-04 12:34 . 2011-01-07 19:06 4348704 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 12:34 . 2011-01-07 19:06 3044696 ----a-w- c:\windows\system32\nvsvc.dll
2014-03-04 12:34 . 2011-01-07 19:06 663896 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 12:34 . 2011-01-07 19:06 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 12:34 . 2011-01-07 19:06 2556360 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 12:34 . 2011-01-07 19:06 375128 ----a-w- c:\windows\system32\nvmctray.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 13:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 13:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 13:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 13:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 13:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 13:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-07-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-07-24 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-07-24 151064]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2013-10-24 12017368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^xc1te^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
path=c:\users\xc1te\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
backup=c:\windows\pss\Curse.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 18:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2012-11-05 12:27 89184 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2011-09-29 13:19 20880 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2013-04-04 11:50 532040 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2014-03-11 07:13 951576 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
2014-02-05 09:32 2234144 ----a-w- c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 00:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
2014-02-05 09:31 1048152 ----a-w- c:\windows\System32\nvspcap.dll
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-04-19 108032]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 122368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 SOACS;SOACS Driver;c:\windows\system32\drivers\soacs.sys [2013-08-15 4736]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-03-01 161384]
R4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R4 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-17 697328]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 15904544]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 40320]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-12-27 34080]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2013-11-26 683736]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - FSUSBEXDISK
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ   w3svc was
apphost REG_MULTI_SZ   apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-28 22:30]
.
2014-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-28 22:30]
.
2014-04-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4094849295-1092034879-3769963386-1001Core.job
- c:\users\xc1te\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12 10:43]
.
2014-04-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4094849295-1092034879-3769963386-1001UA.job
- c:\users\xc1te\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12 10:43]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.il/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
Trusted Zone: rapidshare.com
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{E2B3B955-60B3-4AA7-B41A-512F3DB79A56}: NameServer = 192.115.106.31
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-NPSStartup - (no file)
HKLM-Run-Nvtmru - c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-AutoStartNPSAgent - c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
MSConfigStartUp-DAEMON Tools Pro Agent - c:\program files\DAEMON Tools Pro\DTProAgent.exe
MSConfigStartUp-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
MSConfigStartUp-Pogoplug Backup - c:\program files\BezeqCloud\ppbrowser.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4094849295-1092034879-3769963386-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*t*L*l%\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Completion time: 2014-04-25  02:02:11 - machine was rebooted
ComboFix-quarantined-files.txt  2014-04-24 23:02
.
Pre-Run: 66,008,752,128 bytes free
Post-Run: 65,384,140,800 bytes free
.
- - End Of File - - FBBEE0DBC16590A1F1F4087786A4C961
A36C5E4F47E84449FF07ED3517B43A31


#12 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:05:59 PM

Posted 24 April 2014 - 10:47 PM

Hello again,

 

Most people do not disable items in MSCONFIG...when they don't want them to automatically load...they usually "set" the programs to either load, or not load. MSCONFIG is normally a troubleshooting option. We can disable them from automatically running another way if you'd like, but let's now check your hardware to make sure it can handle the games you're throwing at it! :wink:

 

The BSOD x124 and WHEA_UNCORRECTABLE_ERRORs, seem to be pointing to a RAM (or HDD) issue, (personally, I'm guessing a RAM or HDD issue, but I could be wrong (as this is not my area of expertise))..

==========

 

More to the issue, have you intentionally overclocked this machine? Yes or no, I'd like for you to perform a memory test...you may have a bad RAM chip that is causing the BSOD's...but we'll see.

 

Please run memtestx86. It may be wise to run this overnight as it can take some considerable time:

 

Testing Computer Memory Using MemTest86+

--------------------

  • Download the latest version of MemTest86+ Windows Images: Image for creating boot-able CD , and and save it to your desktop
  • Right click on the folder and select Extract All...
  • Select Next, Next, then Finish
  • Burn the image file to a CD, as an image file. If you're unsure how to do this, see the How to Burn an ISO File tutorial.
  • Put your CD in the drive and configure your machine to boot to the CD. This is different on all machines, but it's usually by pressing F12 or F10 as your system boots, and selecting either "CDROM" or your cdrom drive.
  • If you've done it correctly, MemTest86+ will start to run automaticly, as shown below:

memtestStart.png

  • If you see any errors, please stop the test and let me know! Once a single pass is complete, you should see the following message:

memtestFinished.png

  • But a single pass is not nearly sufficient to test the RAM, if you want to be completely sure your RAM is OK, allow MemTest to run overnight (or for at least 8 passes). Memtest will run forever until power is pulled on the machine, or you manually stop the test.
  • Check the MemTest screen for any reported errors. Errors will appear as RED warnings at the bottom of the screen, similar to the following screenshot:

memtestFail.png

  • Press the reset button on the computer, removing the MemTest disk in the process.
  • Please report the results to me.

bloopie



#13 kreG15

kreG15
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 25 April 2014 - 02:50 PM

Apparently I did OC my CPU a little (E7500 @ 2.93Ghz to 3.6Ghz), with no additional voltage though. It was long time ago and I totally forgot about it.

 

I went to Microsoft's support community to ask for extra help. They analyzed the dump file and came to the conclusion it's a CPU error:

 

"BUSL0_SRC_ERR_M_NOTIMEOUT_ERR (Proc 0 Bank 0) indicates that your processor is sending out a request to read data from the L0 Cache, and there was a delay (invalid data in cache, miss, etc). There is only so much you can do with a bugcheck like this until it comes down to a faulty processor that will need to be replaced."

 

I have reset the BIOS to fail-safe settings and re-installed the game I play when the BSODs happen, hoping for the best.

 

Thanks a lot for your help. I hope this topic will be useful for future cases.



#14 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:05:59 PM

Posted 25 April 2014 - 04:22 PM

Hello again,
 
Thanks for letting me know, and glad you got a more precise answer. :)
 
In that case, it would be best for you to uninstall Combofix before we part ways:

Uninstall ComboFix:
  • Turn off all active protection software.
  • Hold the "Windows0d8a4985-b5e2-41a6-a1b6-e4bafb517937_92." key and press "R" to open the runbox, then copy/paste ComboFix /Uninstall into the box and click Ok.
  • Note the space between the X and the /Uninstall, it needs to be there.
CF-Uninstall.png

==========

Would you like me to leave this thread open until you are satisfied with your machine?

bloopie

#15 kreG15

kreG15
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 26 April 2014 - 03:01 AM

No, it's OK. I have uninstalled ComboFix. Thanks.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users