Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rogue Killer > Anti Rootkit Tab > Suspicious Path > Kernel Filter


  • This topic is locked This topic is locked
19 replies to this topic

#1 Agent_Orange

Agent_Orange

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 08 August 2014 - 01:47 AM

Hi all, I have both attached and copy & pasted (scroll to bottom of my post) DDS files as well as a report from a scan I have conducted with Rogue Killer.

The Issue:

I became aware of an issue with my pc when Mozzilla Firefox started to behave in an odd manner a couple of days ago. I started to notice that Firefox was asking if I wanted to allow pages to be redirected from websites that do not normally ask me this (i.e You Tube)

I uninstalled Firefox and downloaded a new version and noticed some other odd things happening (i.e it would not save my preferences as well as having all of my old bookmarks on the new version)

Today I opened IE as normal user on a blank page and received the following messages from my anti virus (Kaspersky Pure 3.0)............
 

"Kaspersky Traffic Monitor cannot g/tee the security of the encrypted connection between 65.52.103.247 because it was impossible to check the website authentication certificate."

I was provided with an option to either accept the untrusted certificate or deny the untrusted certificate - I chose to deny.

Checking the log events in Kaspersky provided me with the following information :

 "c:\...\internet explorer\iexplore.exe (PID: 236): Encrypted connection (SSL/TLS) detected."

Further details  = Application: Internet Explorer........Object: (orig)_.phx.global_85c3f0e7.cer.......Event: Encypted connection (SSL/TSL) detected:*.phx.gbl

 

Opened IE and attempted to access Hotmail (e-mail), Google & Facebook = all failed to connect.

 

Opened IE by running as Administrator and attempted to connect to the same sites  = connected.

Downloaded Rogue Killer 64 bit

 

Ran Rogue Killer (as administrator) whilst logged on as a normal user (report attached)

 

Under "Registry" I noticed 2 PUM.Proxy entries (details as follows) and checked the box to have them both deleted - everything else was left unchecked.

 

1. FOUND PUM.Proxy HKEY_USERS S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings Proxy Server 0.0.0.0:80
2. FOUND PUM.Proxy HKEY_USERS s-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings Proxy Server 0.0.0.0:80

*When attempting to delete these registry entries the first one was successfully deleted however the second of the two gave an error message (ERROR 2)

 

 

Scanned system a second time with Rogue Killer  - noticed that an entry listed under "Antirookit" that was color coded Orange is now listed as "legit" details as follows :
 

Object : Filter

Index: no details provided

API:  \Driver\Disk@\Device\Harddisk0\DR0 

Module: \Driver\partmgr@Unkown  

Module Path: \SystemRoot\System32\drivers\partmgr.sys  

Address: 0x0

 

 

Scanned the system in Safe Mode using the resident anti virus (Kaspersky Pure 3.0)  - no issues detected

 

Scanned the system in Safe Mode using Malwarebytes Pro - no issues detected.


DDS Log :

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207
Run by That Rookit Guy at 16:18:42 on 2014-08-08
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16324.13588 [GMT 10:00]
.
AV: Kaspersky PURE 3.0 *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky PURE 3.0 *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.au/
mStart Page = about:blank
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A580B55F-E775-436E-892A-33D503C3D374} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2014-7-10 84536]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-1-31 652784]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-1-31 28656]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-7-9 20616]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2014-7-10 66616]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-11-11 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2013-11-11 178448]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-23 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-11 144152]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [2014-7-9 927232]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2013-11-11 356128]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2013-9-25 818888]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-1-31 15344]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2014-7-9 169432]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-10 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-10 860472]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-1-27 773968]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-7-10 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-7-10 18956064]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-7 1229528]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-7-31 411936]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-7-9 366216]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-7-9 786056]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-11-11 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-11-11 29280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-7-10 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-10 63704]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-7-10 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-7-10 40392]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-12-7 18456]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-7-9 805088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-7 662232]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-10 111616]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-7-10 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-7-10 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-7-10 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-7-10 1255736]
.
=============== Created Last 30 ================
.
2014-08-07 09:00:29 -------- d-sh--w- C:\$RECYCLE.BIN
2014-08-07 08:26:48 98816 ----a-w- C:\Windows\sed.exe
2014-08-07 08:26:48 256000 ----a-w- C:\Windows\PEV.exe
2014-08-07 08:26:48 208896 ----a-w- C:\Windows\MBR.exe
2014-08-07 08:18:03 122584 ----a-w- C:\Windows\System32\drivers\48C23661.sys
2014-08-07 08:17:15 -------- d-----w- C:\AdwCleaner
2014-08-07 04:50:11 -------- d-----w- C:\Program Files\HitmanPro
2014-08-07 04:49:51 -------- d-----w- C:\ProgramData\HitmanPro
2014-07-31 13:42:28 -------- d-----w- C:\TDSSKiller_Quarantine
2014-07-31 06:56:48 609240 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-07-31 06:48:22 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-07-31 06:48:22 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-07-30 02:53:50 -------- d-----w- C:\ProgramData\regid.1995-08.com.techsmith
2014-07-30 02:53:48 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared
2014-07-29 13:00:12 -------- d-----w- C:\Users\That Rookit Guy\AppData\Roaming\TechSmith
2014-07-29 12:49:15 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\assembly
2014-07-29 12:49:01 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\TechSmith
2014-07-19 10:51:06 -------- d-----w- C:\Users\That Rookit Guy\AppData\Roaming\SUPERAntiSpyware.com
2014-07-19 10:50:44 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-07-19 10:50:44 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-07-17 09:59:52 30312 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2014-07-17 09:56:10 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\Macromedia
2014-07-12 14:34:14 -------- d-----w- C:\Windows\pss
2014-07-12 09:40:41 -------- d-----w- C:\Program Files (x86)\Nero
2014-07-12 09:40:26 -------- d-----w- C:\ProgramData\Nero
2014-07-12 09:38:39 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll
2014-07-12 09:38:02 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2014-07-11 03:08:42 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-11 03:08:42 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-11 02:47:19 122584 ----a-w- C:\Windows\System32\drivers\48230029.sys
2014-07-11 02:35:45 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\Mozilla
2014-07-11 01:59:08 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2014-07-11 01:59:08 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2014-07-10 15:06:00 -------- d-----w- C:\Program Files (x86)\VideoLAN
2014-07-10 09:36:11 -------- d-sh--w- C:\Users\That Rookit Guy\AppData\Local\EmieUserList
2014-07-10 09:36:11 -------- d-sh--w- C:\Users\That Rookit Guy\AppData\Local\EmieSiteList
2014-07-10 05:45:28 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\Secunia PSI
2014-07-10 05:45:22 -------- d-----w- C:\Program Files (x86)\Secunia
2014-07-10 05:34:39 29160 ----a-w- C:\Windows\SysWow64\drivers\TrueSight.sys
2014-07-10 05:34:37 -------- d-----w- C:\ProgramData\RogueKiller
2014-07-10 05:24:26 -------- d-----w- C:\Windows\SysWow64\Wat
2014-07-10 05:24:26 -------- d-----w- C:\Windows\System32\Wat
2014-07-10 05:23:23 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-07-10 05:23:23 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-07-10 05:22:55 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-07-10 05:22:55 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-07-10 05:21:40 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2014-07-10 05:21:40 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-07-10 05:21:39 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll
2014-07-10 05:21:39 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2014-07-10 05:21:39 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2014-07-10 05:21:39 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2014-07-10 05:21:23 1283136 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-07-10 05:21:23 1126480 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-07-10 05:21:23 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\NVIDIA Corporation
2014-07-10 05:19:07 40392 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-07-10 05:19:07 37320 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-07-10 05:19:07 34760 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-07-10 05:19:07 2814656 ----a-w- C:\Windows\SysWow64\nvapi.dll
2014-07-10 05:19:07 1889112 ----a-w- C:\Windows\System32\nvdispco6433788.dll
2014-07-10 05:19:07 1541576 ----a-w- C:\Windows\System32\nvdispgenco6433788.dll
2014-07-10 05:17:24 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\Razer_Inc
2014-07-10 05:16:07 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\NVIDIA
2014-07-10 04:57:24 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2014-07-10 04:57:24 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2014-07-10 04:57:24 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2014-07-10 04:57:24 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-07-10 04:57:24 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2014-07-10 04:55:21 935368 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-07-10 04:55:21 6783776 ----a-w- C:\Windows\System32\nvcpl.dll
2014-07-10 04:55:21 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-07-10 04:55:21 386520 ----a-w- C:\Windows\System32\nvmctray.dll
2014-07-10 04:55:21 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-07-10 04:55:21 3522392 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-07-10 04:55:21 2558808 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-07-10 04:55:12 75040 ----a-w- C:\Windows\System32\OpenCL.dll
2014-07-10 04:55:12 61912 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-07-10 04:55:01 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-07-10 04:54:56 -------- d-----w- C:\Program Files\NVIDIA Corporation
2014-07-10 04:54:56 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-07-10 04:36:43 -------- d-s---w- C:\Windows\System32\CompatTel
2014-07-10 04:34:42 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-07-10 04:34:42 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-07-10 04:34:42 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-07-10 04:34:42 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-07-10 04:28:28 -------- d-----w- C:\Windows\Migration
2014-07-10 04:20:04 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-10 03:59:58 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-07-10 03:57:22 -------- d-----w- C:\Windows\System32\MRT
2014-07-10 03:45:39 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2014-07-10 03:45:39 5120 ----a-w- C:\Windows\System32\wmi.dll
2014-07-10 03:45:39 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-07-10 03:42:57 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2014-07-10 03:40:01 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2014-07-10 03:39:56 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-07-10 03:38:43 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-07-10 03:37:59 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2014-07-10 03:17:13 64856 ----a-w- C:\Windows\System32\klfphc.dll
2014-07-10 03:17:04 66616 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
2014-07-10 03:17:02 84536 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys
2014-07-10 03:16:51 -------- d-----w- C:\Windows\ELAMBKUP
2014-07-10 03:16:50 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2014-07-10 03:16:50 -------- d-----w- C:\Program Files (x86)\Common Files\InfoWatch
2014-07-10 03:16:49 -------- d-----w- C:\ProgramData\Kaspersky Lab
2014-07-10 03:16:44 92768 ----a-w- C:\Windows\System32\drivers\klflt.sys
2014-07-10 03:11:17 -------- d-----w- C:\Program Files\CCleaner
2014-07-10 02:58:10 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2014-07-10 02:58:10 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-07-10 02:58:10 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2014-07-10 02:54:20 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\WindowsUpdate
2014-07-10 02:53:16 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-10 02:53:06 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-10 02:53:06 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-10 02:53:06 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-10 02:53:06 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-10 02:53:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-10 02:52:56 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\Programs
2014-07-10 02:49:16 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\Diagnostics
2014-07-09 23:48:52 -------- d-----w- C:\Windows\Panther
2014-07-09 07:59:14 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2014-07-09 07:58:50 -------- d-----w- C:\Windows\System32\drivers\NISx64\1400000.088
2014-07-09 07:58:50 -------- d-----w- C:\Windows\System32\drivers\NISx64
2014-07-09 07:57:54 -------- d-----w- C:\ProgramData\Norton
2014-07-09 07:57:50 -------- d-----w- C:\ProgramData\NortonInstaller
2014-07-09 06:22:57 -------- d-----w- C:\Users\That Rookit Guy\AppData\Local\Google
.
==================== Find3M  ====================
.
2014-07-10 04:20:04 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-10 03:58:39 29792 ----a-w- C:\Windows\System32\drivers\klim6.sys
2014-07-10 03:58:38 458336 ----a-w- C:\Windows\System32\drivers\kl1.sys
2014-07-09 06:01:27 16896 ----a-w- C:\Windows\AsTaskSched.dll
2014-06-30 02:09:33 519168 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-05-28 21:32:14 80384 ----a-w- C:\Windows\System32\RazerCoinstaller.dll
2014-05-14 16:21:04 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-05-14 16:20:45 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-05-14 16:17:10 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-05-13 23:23:04 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-05-13 23:23:04 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2014-05-13 23:20:46 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-05-13 23:17:14 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
.
============= FINISH: 16:19:00.28 ===============


Rogue Killer Scan Log :

 

RogueKiller V9.2.6.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : That Rookit Guy [Admin rights]
Mode : Scan -- Date : 08/08/2014  14:40:24

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 18 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 0.0.0.0:80  -> FOUND
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 0.0.0.0:80  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1357874107-891379425-543128260-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ATA WDC WD1003FZEX-0 SCSI Disk Device +++++
--- User ---
[MBR] a5b1a9004429479633f17bf989cfeabd
[BSP] 277b4e2cd086a0f7362b34f7ce2025b6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_DEL_07102014_153802.log - RKreport_DEL_08072014_143104.log - RKreport_DEL_08072014_183806.log - RKreport_DEL_08072014_191026.log
RKreport_DEL_08082014_133204.log - RKreport_SCN_07102014_153635.log - RKreport_SCN_07112014_115632.log - RKreport_SCN_07172014_200232.log
RKreport_SCN_07312014_235102.log - RKreport_SCN_08072014_134145.log - RKreport_SCN_08072014_141234.log - RKreport_SCN_08072014_143927.log
RKreport_SCN_08072014_170333.log - RKreport_SCN_08072014_171406.log - RKreport_SCN_08072014_174207.log - RKreport_SCN_08072014_174800.log
RKreport_SCN_08072014_183628.log - RKreport_SCN_08072014_185104.log - RKreport_SCN_08072014_190950.log - RKreport_SCN_08072014_195319.log
RKreport_SCN_08082014_132742.log - RKreport_SCN_08082014_135009.log - RKreport_SCN_08082014_143752.log

 

I have no idea where to begin in attempting to determine what my machine is infected (Zero Access Rootkit or something similar is my uneducated guess) with and therefore no idea how to remove it - any assistance would be greatly appreciated.

 



 

Attached Files


Edited by Agent_Orange, 08 August 2014 - 02:11 AM.


BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:51 PM

Posted 13 August 2014 - 01:50 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/543701 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Agent_Orange

Agent_Orange
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 13 August 2014 - 03:54 AM

Hi, boy am I glad to hear from you - thank you for taking the time to help me with my issue.

I have new information for you and have posted the DDS logs that you have requested together with the complete Rogue Killer report from the scan (scroll down the page for the posting).

Here is what I have done since my original post and request for assistance..........

1. After making a complete mess with Combo Fix and a couple of "Windows fixing tools" I went ahead and performed a "wipe & reload" of the HDD (using Lsoft's "Active Kill Disk 9.0) and operating system.

2. I downloaded a copy of Rogue Killer (64bit), ran a scan and found the very same items listed under the "Anti Rootkit" tab that were causing me concern in my initial post were present again - after performing a "wipe & reload".
 

3. As soon as the scan had completed a tab in my web browser popped up (http://www.adlice.com/kernelmode-rootkits-part-3-kernel-filters/) which seems to suggest that my pc is possibly infected with a kernel filter rootkit.
 

4. I searched Google to see if I could determine what and who "CSCrySec.sys" is/are and found that it is part of "CryptoStorage" developed by Infowatch, a search on "Infowatch" points to it being developed/owned by Kaspersky.

5. I am confused - I don't know whether this is what is known as a "false positive" or whether it is legitimate and therefore to be ignored.

6. I am still finding that Firefox is blocking a lot of attempts for pages to be automatically redirected (Bleeping Computer website is one of them) as per my Firefox settings to warn me of these attempts - but again, i am not sure if this is normal or suspicious.

 


DDS Log :

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239
Run by Angry_Robot at 18:47:40 on 2014-08-13
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.61.1033.18.16323.12862 [GMT 10:00]
.
AV: Kaspersky PURE 3.0 *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky PURE 3.0 *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Just_some_dude\Desktop\RogueKillerX64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4EA894B2-9587-4ED0-B15F-19595D74673E} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Angry_Robot\AppData\Roaming\Mozilla\Firefox\Profiles\zn2lazw5.default\
FF - prefs.js: network.proxy.type - 0
.
============= SERVICES / DRIVERS ===============
.
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2014-8-13 84536]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-8-13 20616]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2014-8-13 66616]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-11-11 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2013-11-11 178448]
R1 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-8-13 91352]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [2014-8-13 927232]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2013-11-11 356128]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2013-9-25 818888]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2014-8-13 169432]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-8-13 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-8-13 860472]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-7 1229528]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-8-13 411936]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-8-13 366216]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-8-13 786056]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-11-11 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-11-11 29280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-8-13 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-8-13 63704]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-12-7 18456]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-8-13 805088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-7 662232]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-13 111616]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-8-13 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-8-13 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-8-13 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-8-13 1255736]
.
=============== Created Last 30 ================
.
2014-08-13 19:15:41    --------    d-----w-    C:\Windows\Panther
2014-08-13 08:25:03    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C711EC31-4DEF-42D4-8472-8A69C1D91332}\offreg.dll
2014-08-13 08:15:03    30312    ----a-w-    C:\Windows\System32\drivers\TrueSight.sys
2014-08-13 08:15:02    --------    d-----w-    C:\ProgramData\RogueKiller
2014-08-13 07:45:48    3178496    ----a-w-    C:\Windows\System32\rdpcorets.dll
2014-08-13 07:45:48    16384    ----a-w-    C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-08-13 07:45:14    --------    d-----w-    C:\Users\Angry_Robot\AppData\Local\Secunia PSI
2014-08-13 07:17:45    514560    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2014-08-13 07:16:16    1643520    ----a-w-    C:\Windows\System32\DWrite.dll
2014-08-13 07:16:16    1247744    ----a-w-    C:\Windows\SysWow64\DWrite.dll
2014-08-13 07:16:15    67072    ----a-w-    C:\Windows\splwow64.exe
2014-08-13 07:16:15    559104    ----a-w-    C:\Windows\System32\spoolsv.exe
2014-08-13 07:16:15    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2014-08-13 07:16:15    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2014-08-13 06:01:16    --------    d-----w-    C:\TDSSKiller_Quarantine
2014-08-13 05:58:27    --------    d-----w-    C:\Program Files\CCleaner
2014-08-13 05:57:42    --------    d-----w-    C:\Program Files (x86)\VideoLAN
2014-08-13 05:56:56    --------    d-----w-    C:\Program Files (x86)\Secunia
2014-08-13 05:48:53    --------    d-----w-    C:\Users\Angry_Robot\AppData\Local\NVIDIA
2014-08-13 05:07:20    167424    ----a-w-    C:\Program Files\Windows Media Player\wmplayer.exe
2014-08-13 05:07:20    164864    ----a-w-    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-08-13 05:07:19    12625920    ----a-w-    C:\Windows\System32\wmploc.DLL
2014-08-13 05:07:19    12625408    ----a-w-    C:\Windows\SysWow64\wmploc.DLL
2014-08-13 05:00:53    --------    d-----w-    C:\Windows\Migration
2014-08-13 04:50:06    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-13 04:38:13    2560    ----a-w-    C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-08-13 04:36:46    --------    d-----w-    C:\Windows\System32\MRT
2014-08-13 04:24:45    8199504    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-08-13 04:24:43    10924376    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C711EC31-4DEF-42D4-8472-8A69C1D91332}\mpengine.dll
2014-08-13 04:21:40    5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2014-08-13 04:21:40    5120    ----a-w-    C:\Windows\System32\wmi.dll
2014-08-13 04:21:40    23408    ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2014-08-13 04:17:23    99480    ----a-w-    C:\Windows\SysWow64\infocardapi.dll
2014-08-13 04:17:23    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
2014-08-13 04:17:23    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-08-13 04:17:23    619672    ----a-w-    C:\Windows\SysWow64\icardagt.exe
2014-08-13 04:17:23    171160    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-08-13 04:17:23    1389208    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-13 04:17:21    35480    ----a-w-    C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-13 04:17:21    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-13 04:17:16    --------    d-s---w-    C:\Windows\System32\CompatTel
2014-08-13 04:15:57    55296    ----a-w-    C:\Windows\SysWow64\cero.rs
2014-08-13 04:14:58    327168    ----a-w-    C:\Windows\System32\mswsock.dll
2014-08-13 04:13:57    95744    ----a-w-    C:\Windows\System32\synceng.dll
2014-08-13 04:12:08    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2014-08-13 04:11:59    515584    ----a-w-    C:\Windows\System32\timedate.cpl
2014-08-13 04:11:59    478720    ----a-w-    C:\Windows\SysWow64\timedate.cpl
2014-08-13 04:11:59    202752    ----a-w-    C:\Windows\System32\scrrun.dll
2014-08-13 04:11:59    168960    ----a-w-    C:\Windows\System32\wscript.exe
2014-08-13 04:11:59    163840    ----a-w-    C:\Windows\SysWow64\scrrun.dll
2014-08-13 04:11:59    156160    ----a-w-    C:\Windows\System32\cscript.exe
2014-08-13 04:11:59    150016    ----a-w-    C:\Windows\System32\wshom.ocx
2014-08-13 04:11:59    141824    ----a-w-    C:\Windows\SysWow64\wscript.exe
2014-08-13 04:11:59    126976    ----a-w-    C:\Windows\SysWow64\cscript.exe
2014-08-13 04:11:59    121856    ----a-w-    C:\Windows\SysWow64\wshom.ocx
2014-08-13 04:07:14    529920    ----a-w-    C:\Windows\System32\aepdu.dll
2014-08-13 04:07:14    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-08-13 04:07:13    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-08-13 04:07:13    461312    ----a-w-    C:\Windows\System32\scavengeui.dll
2014-08-13 04:07:13    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-08-13 04:07:12    859648    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2014-08-13 04:07:12    830464    ----a-w-    C:\Windows\System32\nshwfp.dll
2014-08-13 04:07:12    656896    ----a-w-    C:\Windows\SysWow64\nshwfp.dll
2014-08-13 04:07:12    324096    ----a-w-    C:\Windows\System32\FWPUCLNT.DLL
2014-08-13 04:07:12    216576    ----a-w-    C:\Windows\SysWow64\FWPUCLNT.DLL
2014-08-13 04:04:59    77312    ----a-w-    C:\Windows\System32\packager.dll
2014-08-13 04:04:59    67072    ----a-w-    C:\Windows\SysWow64\packager.dll
2014-08-13 04:04:23    826880    ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2014-08-13 04:04:23    23552    ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2014-08-13 04:04:23    1031680    ----a-w-    C:\Windows\System32\rdpcore.dll
2014-08-13 04:01:31    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2014-08-13 04:01:28    99840    ----a-w-    C:\Windows\System32\wudriver.dll
2014-08-13 04:01:22    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2014-08-13 04:01:22    186752    ----a-w-    C:\Windows\System32\wuwebv.dll
2014-08-13 04:01:04    --------    d-----w-    C:\Users\Angry_Robot\AppData\Local\WindowsUpdate
2014-08-13 03:46:32    64856    ----a-w-    C:\Windows\System32\klfphc.dll
2014-08-13 03:46:26    84536    ----a-w-    C:\Windows\System32\drivers\CSCrySec.sys
2014-08-13 03:46:26    66616    ----a-w-    C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
2014-08-13 03:46:20    --------    d-----w-    C:\Windows\ELAMBKUP
2014-08-13 03:46:19    --------    d-----w-    C:\Program Files (x86)\Kaspersky Lab
2014-08-13 03:46:19    --------    d-----w-    C:\Program Files (x86)\Common Files\InfoWatch
2014-08-13 03:46:18    --------    d-----w-    C:\ProgramData\Kaspersky Lab
2014-08-13 03:46:15    92768    ----a-w-    C:\Windows\System32\drivers\klflt.sys
2014-08-13 03:34:39    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-13 03:34:30    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-08-13 03:34:30    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-08-13 03:34:30    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-08-13 03:34:30    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-08-13 03:34:30    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-13 03:34:17    --------    d-----w-    C:\Users\Angry_Robot\AppData\Local\Programs
2014-08-13 01:33:49    20616    ----a-w-    C:\Windows\System32\drivers\iusb3hcs.sys
2014-08-13 01:33:43    786056    ----a-w-    C:\Windows\System32\drivers\iusb3xhc.sys
2014-08-13 01:33:42    366216    ----a-w-    C:\Windows\System32\drivers\iusb3hub.sys
2014-08-13 01:31:33    53248    ----a-r-    C:\Windows\SysWow64\CSVer.dll
2014-08-13 01:30:01    --------    d-----w-    C:\Windows\Chipset
2014-08-13 01:29:47    296320    ----a-w-    C:\Windows\System32\drivers\volsnap.sys
2014-08-13 01:29:21    16344    ----a-r-    C:\Windows\System32\drivers\IntelMEFWVer.dll
2014-08-13 01:29:04    --------    d-sh--w-    C:\Windows\Installer
2014-08-13 01:28:58    --------    d-----w-    C:\Program Files (x86)\Common Files\postureAgent
2014-08-13 01:28:17    --------    d-----w-    C:\Intel
2014-08-13 01:28:06    16896    ----a-w-    C:\Windows\AsTaskSched.dll
2014-08-13 01:26:33    805088    ----a-w-    C:\Windows\System32\drivers\Rt64win7.sys
2014-08-13 01:26:33    74344    ----a-w-    C:\Windows\System32\RtNicProp64.dll
2014-08-13 01:26:33    107552    ----a-w-    C:\Windows\System32\RTNUninst64.dll
2014-08-13 01:26:26    --------    d-----w-    C:\Program Files (x86)\Realtek
.
==================== Find3M  ====================
.
2014-08-13 04:50:06    9728    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-13 04:12:43    458336    ----a-w-    C:\Windows\System32\drivers\kl1.sys
2014-08-13 04:12:43    29792    ----a-w-    C:\Windows\System32\drivers\klim6.sys
2014-08-04 23:20:00    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-07-25 14:02:12    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28    758272    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15    5824512    ----a-w-    C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05    72704    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47    597504    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47    4204032    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29    2087936    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49    2001920    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06    2266624    ----a-w-    C:\Windows\System32\wininet.dll
2014-07-25 10:05:23    1792512    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-07-16 03:25:04    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-07-16 03:23:41    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-07-16 02:46:24    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-07-16 02:46:02    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-07-16 02:12:11    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-07-09 02:03:23    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19    985536    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-06-06 09:44:17    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-06-03 10:02:37    112064    ----a-w-    C:\Windows\System32\consent.exe
2014-06-03 10:02:21    504320    ----a-w-    C:\Windows\System32\msihnd.dll
2014-06-03 10:02:21    3241984    ----a-w-    C:\Windows\System32\msi.dll
2014-06-03 10:02:12    1941504    ----a-w-    C:\Windows\System32\authui.dll
2014-06-03 09:29:50    337408    ----a-w-    C:\Windows\SysWow64\msihnd.dll
2014-06-03 09:29:50    2363392    ----a-w-    C:\Windows\SysWow64\msi.dll
2014-06-03 09:29:40    1805824    ----a-w-    C:\Windows\SysWow64\authui.dll
2014-05-30 08:08:52    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47    340992    ----a-w-    C:\Windows\System32\schannel.dll
2014-05-30 08:08:41    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-05-30 07:52:51    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 18:47:58.22 ===============
 

 

 

Rogue Killer 64bit Scan Report :

 

RogueKiller V9.2.6.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Angry_Robot [Admin rights]
Mode : Scan -- Date : 08/13/2014  18:17:35

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 2 (Driver: LOADED) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Harddisk0\DR0 : \Driver\partmgr @ Unknown (\SystemRoot\system32\DRIVERS\CSCrySec.sys)
[Filter(Kernel.Filter)] \Driver\Disk @ \Device\Harddisk0\DR0 : \Driver\partmgr @ Unknown (\SystemRoot\system32\DRIVERS\CSCrySec.sys)

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD1003FZEX-00MK2A0 ATA Device +++++
--- User ---
[MBR] e0b311f2ffa647e80be15fc3fa5a179b
[BSP] fc0c2205cafbc86d8242ddd499ffea84 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
User = LL1 ... OK
User = LL2 ... OK
 

 

 

 

Thanks again for your assistance with my problem.



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:51 PM

Posted 13 August 2014 - 12:58 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Let me know what problem persists.

#5 Agent_Orange

Agent_Orange
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 13 August 2014 - 09:03 PM

Hi nasdaq, thank you for assisting me with my problem.

Issues that I have noticed .....

 

* Firefox is asking me if I want to allow pages to be automatically re directed (I have it set in options to warn me if websites try to automatically redirect a page) on most web pages that I visit  - something that I have not experienced in the past.

 

* My pc is taking a long time to shut down (5 mins or more).

 

* I visited a website that I wish to purchase a subscription for  - when I had entered my details and pressed enter to submit my information to complete the registration Kaspersky sprung into action and blocked the connection to the website - reason provided =  Phishing URL................I then went and followed the same steps on another pc - no problem whatsoever.

I have complete the scans as requested by yourself and have copy & pasted the results for you here.

I could see some entries that "do not look right" but assumed that you did not want me to remove anything at this point so I have simply run the scans without using the "clean" or "fix" functions for AdwCleaner & FRST64.


AdwCleaner report :

 

# AdwCleaner v3.305 - Report created 14/08/2014 at 11:44:53
# Updated 14/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Angry_Robot - ANGRY_ROBOT-PC
# Running from : C:\Users\Just_some_dude\Desktop\adwcleaner_3.305.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Angry_Robot\AppData\Roaming\Mozilla\Firefox\Profiles\zn2lazw5.default\prefs.js ]


[ File : C:\Users\Just_some_dude\AppData\Roaming\Mozilla\Firefox\Profiles\m4300ihh.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1017 octets] - [14/08/2014 11:44:53]

########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [1077 octets] ##########

 

 

 

FRST64 Report (followed by "Additional" report) : 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014 01
Ran by Angry_Robot (administrator) on ANGRY_ROBOT-PC on 14-08-2014 11:48:47
Running from C:\Users\Just_some_dude\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-20] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.ninemsn.com.au/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5802CD03A6B6CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Angry_Robot\AppData\Roaming\Mozilla\Firefox\Profiles\zn2lazw5.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-08-13]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-08-13]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-08-13]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-08-13]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-08-13]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-01-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-07] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-07] (Secunia)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-08-13] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-08-13] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-08-13] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-08-13] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-07] (Secunia)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-14 11:48 - 2014-08-14 11:48 - 00013481 _____ () C:\Users\Just_some_dude\Desktop\FRST.txt
2014-08-14 11:48 - 2014-08-14 11:48 - 00000000 ____D () C:\FRST
2014-08-14 11:47 - 2014-08-14 11:47 - 00001155 _____ () C:\Users\Just_some_dude\Desktop\AdwCleaner[R0].txt
2014-08-14 11:44 - 2014-08-14 11:46 - 00000000 ____D () C:\AdwCleaner
2014-08-14 11:43 - 2014-08-14 11:43 - 02100224 _____ (Farbar) C:\Users\Just_some_dude\Desktop\FRST64.exe
2014-08-14 11:42 - 2014-08-14 11:42 - 01356107 _____ () C:\Users\Just_some_dude\Desktop\adwcleaner_3.305.exe
2014-08-14 11:33 - 2014-08-14 11:46 - 00006807 _____ () C:\Windows\WindowsUpdate.log
2014-08-14 11:31 - 2014-08-14 11:31 - 00003338 _____ () C:\Windows\PFRO.log
2014-08-14 05:15 - 2014-08-13 16:07 - 00000000 ____D () C:\Windows\Panther
2014-08-13 23:30 - 2014-08-14 00:04 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Roaming\vlc
2014-08-13 23:07 - 2014-08-13 23:07 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-13 19:14 - 2014-08-13 23:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-13 19:14 - 2014-08-13 19:14 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-13 19:14 - 2014-08-13 19:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-13 19:14 - 2014-08-13 19:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-13 19:14 - 2014-08-13 19:14 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-08-13 19:14 - 2014-08-13 19:14 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-13 19:14 - 2014-08-13 19:14 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Roaming\Macromedia
2014-08-13 19:14 - 2014-08-13 19:14 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Local\Macromedia
2014-08-13 19:07 - 2014-08-13 19:07 - 00000000 ____D () C:\Users\Just_some_dude\Desktop\Bleeping Computer
2014-08-13 18:48 - 2014-08-13 18:48 - 00002008 _____ () C:\Users\Angry_Robot\Desktop\attach.txt
2014-08-13 18:48 - 2014-08-13 18:47 - 00023044 _____ () C:\Users\Angry_Robot\Desktop\dds.txt
2014-08-13 18:34 - 2014-08-13 18:34 - 00058016 _____ () C:\Users\Just_some_dude\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-13 18:15 - 2014-08-13 18:15 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-08-13 18:15 - 2014-08-13 18:15 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-13 18:12 - 2014-08-13 18:12 - 05392984 _____ () C:\Users\Just_some_dude\Desktop\RogueKillerX64.exe
2014-08-13 17:57 - 2014-08-13 17:57 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Roaming\Mozilla
2014-08-13 17:57 - 2014-08-13 17:57 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Local\Mozilla
2014-08-13 17:56 - 2014-08-13 17:56 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-13 17:56 - 2014-08-13 17:56 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Roaming\Mozilla
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\Mozilla
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-13 17:45 - 2014-08-13 17:45 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\Secunia PSI
2014-08-13 17:45 - 2014-05-08 19:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-08-13 17:45 - 2014-05-08 19:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-08-13 17:37 - 2012-08-24 00:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-08-13 17:37 - 2012-08-24 00:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-08-13 17:37 - 2012-08-24 00:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-08-13 17:37 - 2012-08-24 00:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-08-13 17:37 - 2012-08-23 23:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-08-13 17:37 - 2012-08-23 23:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-08-13 17:37 - 2012-08-23 23:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-08-13 17:37 - 2012-08-23 23:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-08-13 17:37 - 2012-08-23 23:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-08-13 17:37 - 2012-08-23 23:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-08-13 17:37 - 2012-08-23 23:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-08-13 17:37 - 2012-08-23 23:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-08-13 17:37 - 2012-08-23 22:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-13 17:37 - 2012-08-23 21:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-08-13 17:37 - 2012-08-23 21:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-08-13 17:37 - 2012-08-23 21:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-08-13 17:37 - 2012-08-23 21:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-08-13 17:37 - 2012-08-23 20:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-08-13 17:37 - 2012-08-23 20:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-08-13 17:37 - 2012-08-23 20:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-08-13 17:37 - 2012-08-23 20:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-08-13 17:37 - 2012-08-23 18:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-13 17:37 - 2012-08-23 18:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-13 17:34 - 2014-08-14 11:31 - 00000368 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-13 17:21 - 2014-08-13 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-13 17:21 - 2014-08-13 17:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-13 17:21 - 2014-08-13 17:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-13 17:18 - 2014-08-01 09:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 17:18 - 2014-08-01 09:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 17:18 - 2014-07-26 00:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 17:18 - 2014-07-26 00:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 17:18 - 2014-07-26 00:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 17:18 - 2014-07-25 23:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 17:18 - 2014-07-25 23:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 17:18 - 2014-07-25 23:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 17:18 - 2014-07-25 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 17:18 - 2014-07-25 23:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 17:18 - 2014-07-25 23:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 17:18 - 2014-07-25 23:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 17:18 - 2014-07-25 23:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 17:18 - 2014-07-25 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 17:18 - 2014-07-25 23:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 17:18 - 2014-07-25 23:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 17:18 - 2014-07-25 23:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 17:18 - 2014-07-25 22:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 17:18 - 2014-07-25 22:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 17:18 - 2014-07-25 22:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 17:18 - 2014-07-25 22:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 17:18 - 2014-07-25 22:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 17:18 - 2014-07-25 22:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 17:18 - 2014-07-25 22:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 17:18 - 2014-07-25 22:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 17:18 - 2014-07-25 22:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 17:18 - 2014-07-25 22:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 17:18 - 2014-07-25 22:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 17:18 - 2014-07-25 22:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 17:18 - 2014-07-25 22:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 17:18 - 2014-07-25 22:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 17:18 - 2014-07-25 22:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 17:18 - 2014-07-25 22:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 17:18 - 2014-07-25 22:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 17:18 - 2014-07-25 22:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 17:18 - 2014-07-25 22:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 17:18 - 2014-07-25 21:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 17:18 - 2014-07-25 21:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 17:18 - 2014-07-25 21:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 17:18 - 2014-07-25 21:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 17:18 - 2014-07-25 21:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 17:18 - 2014-07-25 21:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 17:18 - 2014-07-25 21:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 17:18 - 2014-07-25 21:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 17:18 - 2014-07-25 21:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 17:18 - 2014-07-25 21:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 17:18 - 2014-07-25 21:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 17:18 - 2014-07-25 21:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 17:18 - 2014-07-25 21:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 17:18 - 2014-07-25 21:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 17:18 - 2014-07-25 20:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 17:18 - 2014-07-25 20:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 17:18 - 2014-07-25 20:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 17:18 - 2014-07-25 20:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 17:18 - 2014-07-25 20:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 17:18 - 2014-07-25 20:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 17:17 - 2013-12-25 09:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-13 17:17 - 2013-12-25 08:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-08-13 17:17 - 2013-11-26 18:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-13 17:17 - 2013-11-24 04:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-08-13 17:17 - 2013-11-24 03:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-08-13 17:17 - 2013-11-23 08:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-13 17:17 - 2012-05-04 21:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-08-13 17:17 - 2012-05-04 19:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-08-13 17:17 - 2011-03-11 16:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-08-13 17:17 - 2011-03-11 16:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-08-13 17:17 - 2011-03-11 16:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-08-13 17:17 - 2011-03-11 16:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-08-13 17:17 - 2011-03-11 16:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-08-13 17:17 - 2011-03-11 16:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-08-13 17:17 - 2011-03-11 16:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-08-13 17:17 - 2011-03-11 15:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-08-13 17:17 - 2011-03-11 15:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-08-13 17:17 - 2011-03-11 14:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-08-13 17:17 - 2011-02-25 16:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-08-13 17:17 - 2011-02-25 15:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-08-13 17:16 - 2014-02-04 12:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-13 17:16 - 2014-02-04 12:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-13 17:16 - 2013-04-10 09:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-08-13 17:16 - 2013-04-03 08:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-08-13 17:16 - 2012-02-11 16:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-08-13 17:16 - 2012-02-11 16:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-08-13 17:07 - 2014-08-13 22:44 - 00001275 _____ () C:\Users\Just_some_dude\Documents\Cooking Recipes.txt
2014-08-13 16:58 - 2014-08-13 16:58 - 00001417 _____ () C:\Users\Just_some_dude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-13 16:58 - 2014-08-13 16:58 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Roaming\Adobe
2014-08-13 16:58 - 2014-08-13 16:58 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Local\NVIDIA
2014-08-13 16:57 - 2014-08-13 16:58 - 00000000 ____D () C:\Users\Just_some_dude
2014-08-13 16:57 - 2014-08-13 16:57 - 00000020 ___SH () C:\Users\Just_some_dude\ntuser.ini
2014-08-13 16:57 - 2014-08-13 16:57 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Local\VirtualStore
2014-08-13 16:57 - 2009-07-14 14:54 - 00000000 ___RD () C:\Users\Just_some_dude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-13 16:57 - 2009-07-14 14:49 - 00000000 ___RD () C:\Users\Just_some_dude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-13 16:01 - 2014-08-13 16:01 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-13 15:58 - 2014-08-13 15:58 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-13 15:58 - 2014-08-13 15:58 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-13 15:58 - 2014-08-13 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-13 15:58 - 2014-08-13 15:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-13 15:57 - 2014-08-13 15:57 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-13 15:57 - 2014-08-13 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-13 15:57 - 2014-08-13 15:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-13 15:56 - 2014-08-13 15:56 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-08-13 15:56 - 2014-08-13 15:56 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-08-13 15:49 - 2014-08-13 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-13 15:48 - 2014-08-13 15:48 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Roaming\Adobe
2014-08-13 15:48 - 2014-08-13 15:48 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\NVIDIA
2014-08-13 15:07 - 2013-05-10 15:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-08-13 15:07 - 2013-05-10 15:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-08-13 15:07 - 2013-05-10 14:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-08-13 15:07 - 2013-05-10 14:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-08-13 15:01 - 2014-08-13 17:20 - 00765280 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-13 14:55 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-13 14:53 - 2014-08-13 14:53 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-13 14:53 - 2014-08-13 14:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-13 14:53 - 2014-08-13 14:53 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-13 14:53 - 2014-08-13 14:53 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-13 14:53 - 2014-08-13 14:53 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-13 14:53 - 2014-08-13 14:53 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-13 14:53 - 2014-08-13 14:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-08-13 14:50 - 2014-08-13 14:50 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-13 14:38 - 2014-08-13 14:52 - 00001224 _____ () C:\Users\Angry_Robot\Documents\Cooking Recipes.txt
2014-08-13 14:36 - 2014-08-13 14:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 14:36 - 2014-07-31 23:41 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 14:21 - 2012-03-01 16:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-08-13 14:21 - 2012-03-01 16:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-08-13 14:21 - 2012-03-01 15:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-08-13 14:19 - 2014-08-14 11:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-13 14:18 - 2014-08-13 14:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-13 14:18 - 2014-08-13 14:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-13 14:18 - 2014-08-13 14:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-13 14:18 - 2014-03-20 23:03 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-08-13 14:18 - 2014-03-20 23:03 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-08-13 14:18 - 2014-03-04 23:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-08-13 14:18 - 2014-03-04 23:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-08-13 14:18 - 2014-03-04 23:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-08-13 14:18 - 2014-03-04 23:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-08-13 14:18 - 2014-03-04 23:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-08-13 14:18 - 2014-03-04 23:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-08-13 14:18 - 2014-03-04 23:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-08-13 14:18 - 2014-03-04 21:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-08-13 14:17 - 2014-08-13 14:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 14:17 - 2014-07-01 08:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 14:17 - 2014-07-01 08:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 14:17 - 2014-06-06 16:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 14:17 - 2014-06-06 16:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 14:17 - 2014-03-10 07:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 14:17 - 2014-03-10 07:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 14:17 - 2014-03-10 07:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 14:17 - 2014-03-10 07:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 14:16 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 14:16 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 14:16 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 14:16 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 14:16 - 2014-07-09 12:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 14:16 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 14:16 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 14:16 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 14:16 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 14:16 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 14:16 - 2014-07-09 08:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 14:16 - 2014-07-09 08:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 14:16 - 2014-06-06 20:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-13 14:16 - 2014-06-06 19:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-13 14:16 - 2014-03-04 19:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-13 14:16 - 2014-03-04 19:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-13 14:16 - 2014-03-04 19:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-13 14:16 - 2014-03-04 19:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-13 14:16 - 2014-03-04 19:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-13 14:16 - 2014-03-04 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-13 14:16 - 2014-03-04 19:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-13 14:16 - 2014-03-04 19:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-13 14:16 - 2014-03-04 19:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-13 14:16 - 2014-03-04 19:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-13 14:16 - 2014-03-04 19:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-13 14:16 - 2014-03-04 19:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-13 14:16 - 2014-03-04 19:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-08-13 14:16 - 2014-03-04 19:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-08-13 14:16 - 2014-03-04 19:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-08-13 14:16 - 2014-03-04 19:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-08-13 14:16 - 2014-03-04 19:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-08-13 14:16 - 2014-03-04 19:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-08-13 14:16 - 2014-03-04 19:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-08-13 14:16 - 2014-03-04 19:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-13 14:16 - 2013-12-04 12:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-08-13 14:16 - 2013-12-04 12:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-08-13 14:16 - 2013-12-04 12:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-08-13 14:16 - 2013-12-04 12:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-08-13 14:16 - 2013-12-04 12:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-08-13 14:16 - 2013-12-04 12:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-08-13 14:16 - 2013-12-04 12:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-08-13 14:16 - 2013-12-04 12:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-08-13 14:16 - 2013-12-04 12:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-13 14:16 - 2013-12-04 12:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-08-13 14:16 - 2013-12-04 12:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-08-13 14:16 - 2013-12-04 12:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-08-13 14:16 - 2013-12-04 12:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-08-13 14:16 - 2013-12-04 12:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-08-13 14:16 - 2013-12-04 11:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-08-13 14:16 - 2013-12-04 11:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-08-13 14:16 - 2013-12-04 11:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-08-13 14:16 - 2013-12-04 11:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-08-13 14:16 - 2013-11-27 11:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-13 14:16 - 2013-11-27 11:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-13 14:16 - 2013-11-27 11:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-08-13 14:16 - 2013-11-27 11:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-13 14:16 - 2013-11-27 11:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-13 14:16 - 2013-10-04 12:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-08-13 14:16 - 2013-10-04 12:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-08-13 14:16 - 2013-10-04 11:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-08-13 14:16 - 2013-10-04 11:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-08-13 14:16 - 2013-08-29 12:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-13 14:16 - 2013-08-29 12:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-13 14:16 - 2013-08-29 12:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-13 14:16 - 2013-08-29 11:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-13 14:16 - 2013-08-29 11:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-08-13 14:16 - 2013-08-29 11:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-08-13 14:16 - 2013-08-05 12:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-08-13 14:16 - 2013-08-02 12:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-08-13 14:16 - 2013-08-02 12:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-08-13 14:16 - 2013-08-02 11:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-08-13 14:16 - 2013-08-02 10:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-13 14:16 - 2013-07-09 15:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-08-13 14:16 - 2013-07-09 14:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-08-13 14:16 - 2013-07-04 22:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-08-13 14:16 - 2013-07-04 21:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-08-13 14:16 - 2013-06-26 08:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-08-13 14:16 - 2013-02-12 14:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-08-13 14:16 - 2012-11-29 08:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-08-13 14:16 - 2012-11-29 08:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-08-13 14:16 - 2012-11-29 08:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-08-13 14:16 - 2012-10-10 04:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-13 14:16 - 2012-10-10 04:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-13 14:16 - 2012-10-10 03:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-13 14:16 - 2012-10-10 03:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-13 14:16 - 2012-10-04 03:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-08-13 14:16 - 2012-10-04 03:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-08-13 14:16 - 2012-10-04 03:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-08-13 14:16 - 2012-10-04 03:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-08-13 14:16 - 2012-10-04 03:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-08-13 14:16 - 2012-10-04 03:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-08-13 14:16 - 2012-10-04 02:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-08-13 14:16 - 2012-10-04 02:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-08-13 14:16 - 2012-10-04 02:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-08-13 14:16 - 2012-10-04 02:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-08-13 14:16 - 2012-07-05 08:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-08-13 14:16 - 2012-07-05 08:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-08-13 14:16 - 2012-07-05 08:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-08-13 14:16 - 2012-07-05 07:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-08-13 14:16 - 2012-07-05 07:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-08-13 14:16 - 2012-04-26 15:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-08-13 14:16 - 2012-04-26 15:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-08-13 14:16 - 2012-04-26 15:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-08-13 14:16 - 2012-01-13 17:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-08-13 14:16 - 2012-01-04 20:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-08-13 14:16 - 2012-01-04 18:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-08-13 14:16 - 2011-10-26 15:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-08-13 14:16 - 2011-10-26 14:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-08-13 14:16 - 2011-07-09 12:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-08-13 14:16 - 2011-06-16 15:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-08-13 14:16 - 2011-06-16 14:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-08-13 14:16 - 2011-05-04 15:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-08-13 14:16 - 2011-05-04 15:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-08-13 14:16 - 2011-05-04 15:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-08-13 14:16 - 2011-05-04 15:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-08-13 14:16 - 2011-05-04 15:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-08-13 14:16 - 2011-05-04 15:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-08-13 14:16 - 2011-05-04 15:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-08-13 14:16 - 2011-05-04 15:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-08-13 14:16 - 2011-05-04 15:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-08-13 14:16 - 2011-05-04 14:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-08-13 14:16 - 2011-05-04 14:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-08-13 14:16 - 2011-05-04 14:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-08-13 14:16 - 2011-05-04 14:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-08-13 14:16 - 2011-05-04 14:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-08-13 14:16 - 2011-05-04 14:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-08-13 14:16 - 2011-05-04 14:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-08-13 14:16 - 2011-05-04 14:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-08-13 14:16 - 2011-05-04 14:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-08-13 14:16 - 2011-04-27 12:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-13 14:16 - 2011-04-27 12:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-13 14:15 - 2014-06-18 12:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-13 14:15 - 2014-06-18 11:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-13 14:15 - 2014-06-06 00:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-13 14:15 - 2014-06-06 00:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-13 14:15 - 2014-06-06 00:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-13 14:15 - 2014-05-30 18:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-13 14:15 - 2014-05-30 18:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-13 14:15 - 2014-05-30 18:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-13 14:15 - 2014-05-30 18:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-13 14:15 - 2014-05-30 18:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-13 14:15 - 2014-05-30 18:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-13 14:15 - 2014-05-30 18:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-13 14:15 - 2014-05-30 17:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-13 14:15 - 2014-05-30 17:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-13 14:15 - 2014-05-30 17:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-13 14:15 - 2014-05-30 17:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-13 14:15 - 2014-05-30 17:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-13 14:15 - 2014-05-30 17:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-13 14:15 - 2014-05-30 17:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-13 14:15 - 2014-04-12 12:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-13 14:15 - 2014-04-12 12:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-13 14:15 - 2014-04-12 12:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-13 14:15 - 2014-04-12 12:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-13 14:15 - 2014-04-12 12:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-13 14:15 - 2014-04-12 12:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-13 14:15 - 2014-03-27 00:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-13 14:15 - 2014-03-27 00:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-13 14:15 - 2014-03-27 00:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-13 14:15 - 2014-03-27 00:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-13 14:15 - 2014-03-27 00:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-13 14:15 - 2014-03-27 00:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-13 14:15 - 2014-03-27 00:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-13 14:15 - 2014-03-27 00:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-13 14:15 - 2013-10-30 12:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-08-13 14:15 - 2013-10-30 12:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-08-13 14:15 - 2013-07-26 12:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-08-13 14:15 - 2013-07-26 11:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-08-13 14:15 - 2013-07-12 20:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-08-13 14:15 - 2013-07-04 22:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-13 14:15 - 2013-07-04 22:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-08-13 14:15 - 2013-07-04 22:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-13 14:15 - 2013-07-04 21:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-13 14:15 - 2013-07-04 21:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-08-13 14:15 - 2013-07-04 20:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-08-13 14:15 - 2013-05-10 15:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-08-13 14:15 - 2013-05-10 13:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-08-13 14:15 - 2013-04-26 15:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-08-13 14:15 - 2013-04-26 14:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-08-13 14:15 - 2012-12-07 23:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-13 14:15 - 2012-12-07 23:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-08-13 14:15 - 2012-12-07 22:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-13 14:15 - 2012-12-07 22:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-08-13 14:15 - 2012-12-07 21:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-08-13 14:15 - 2012-12-07 21:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-08-13 14:15 - 2012-12-07 21:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-08-13 14:15 - 2012-12-07 21:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-08-13 14:15 - 2012-12-07 21:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-08-13 14:15 - 2012-12-07 21:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-08-13 14:15 - 2012-12-07 21:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-08-13 14:15 - 2012-12-07 21:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-08-13 14:15 - 2012-12-07 21:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-08-13 14:15 - 2012-12-07 21:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-08-13 14:15 - 2012-12-07 21:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-08-13 14:15 - 2012-12-07 21:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-08-13 14:15 - 2012-12-07 21:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-08-13 14:15 - 2012-12-07 21:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-08-13 14:15 - 2012-12-07 20:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-08-13 14:15 - 2012-08-22 07:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-08-13 14:15 - 2012-04-28 13:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-08-13 14:15 - 2011-11-17 16:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-08-13 14:15 - 2011-11-17 15:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-08-13 14:15 - 2011-04-29 13:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-08-13 14:15 - 2011-04-29 13:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-08-13 14:15 - 2011-04-29 13:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-08-13 14:15 - 2011-02-18 20:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-08-13 14:15 - 2011-02-18 15:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-08-13 14:14 - 2014-07-16 13:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 14:14 - 2014-07-16 12:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 14:14 - 2014-07-16 12:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 14:14 - 2014-06-25 12:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 14:14 - 2014-06-25 11:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 14:14 - 2014-06-03 20:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 14:14 - 2014-06-03 20:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 14:14 - 2014-06-03 20:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 14:14 - 2014-06-03 20:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 14:14 - 2014-06-03 19:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 14:14 - 2014-06-03 19:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 14:14 - 2014-06-03 19:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 14:14 - 2014-05-30 16:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-13 14:14 - 2014-04-25 12:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-13 14:14 - 2014-04-25 12:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-13 14:14 - 2014-02-04 12:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-13 14:14 - 2014-02-04 12:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-13 14:14 - 2014-02-04 12:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-13 14:14 - 2014-02-04 12:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-13 14:14 - 2014-02-04 12:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-08-13 14:14 - 2014-01-28 12:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-08-13 14:14 - 2013-10-19 12:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-08-13 14:14 - 2013-10-19 11:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-08-13 14:14 - 2013-09-08 12:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-13 14:14 - 2013-09-08 12:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-08-13 14:14 - 2013-07-25 19:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-08-13 14:14 - 2013-07-25 18:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-08-13 14:14 - 2013-07-20 20:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-08-13 14:14 - 2013-07-20 20:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-08-13 14:14 - 2013-07-03 14:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-08-13 14:14 - 2013-07-03 14:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-08-13 14:14 - 2013-06-15 14:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-08-13 14:14 - 2013-06-06 15:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-08-13 14:14 - 2013-06-06 15:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-08-13 14:14 - 2013-06-06 15:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-08-13 14:14 - 2013-06-06 15:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-08-13 14:14 - 2013-06-06 14:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-08-13 14:14 - 2013-06-06 14:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-08-13 14:14 - 2013-06-06 14:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-08-13 14:14 - 2013-06-06 13:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-08-13 14:14 - 2013-06-06 13:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-08-13 14:14 - 2013-06-06 13:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-08-13 14:14 - 2013-04-26 09:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-08-13 14:14 - 2013-04-01 08:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-08-13 14:14 - 2013-03-19 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-08-13 14:14 - 2013-02-27 15:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-13 14:14 - 2013-01-24 16:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-13 14:14 - 2012-11-02 15:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-08-13 14:14 - 2012-11-02 15:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-08-13 14:14 - 2012-08-23 04:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-08-13 14:14 - 2012-07-05 06:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-08-13 14:14 - 2012-05-01 15:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-08-13 14:14 - 2012-03-17 17:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-08-13 14:14 - 2011-08-27 15:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-08-13 14:14 - 2011-08-27 15:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-08-13 14:14 - 2011-08-27 14:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-08-13 14:14 - 2011-08-27 14:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-08-13 14:14 - 2011-08-17 15:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-08-13 14:14 - 2011-08-17 15:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-08-13 14:14 - 2011-08-17 14:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-08-13 14:14 - 2011-08-17 14:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-08-13 14:14 - 2011-06-15 20:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-08-13 14:14 - 2011-06-15 20:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-08-13 14:14 - 2011-06-15 20:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-08-13 14:14 - 2011-06-15 20:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-08-13 14:14 - 2011-06-15 18:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-08-13 14:14 - 2011-06-15 18:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-08-13 14:14 - 2011-06-15 18:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-08-13 14:14 - 2011-06-15 18:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-08-13 14:14 - 2011-06-15 18:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-08-13 14:14 - 2011-04-09 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-08-13 14:14 - 2011-04-09 15:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-08-13 14:14 - 2011-03-11 16:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-08-13 14:14 - 2011-03-11 16:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-08-13 14:14 - 2011-03-11 15:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-08-13 14:14 - 2011-03-11 15:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-08-13 14:14 - 2011-03-03 16:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-08-13 14:14 - 2011-03-03 16:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-08-13 14:14 - 2011-03-03 16:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-08-13 14:14 - 2011-03-03 15:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-08-13 14:14 - 2011-03-03 15:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-08-13 14:14 - 2011-02-23 14:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-08-13 14:14 - 2011-02-12 21:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-08-13 14:14 - 2010-12-23 20:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-08-13 14:14 - 2010-12-23 20:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-08-13 14:14 - 2010-12-23 20:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-08-13 14:14 - 2010-12-23 15:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-08-13 14:14 - 2010-12-23 15:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-08-13 14:14 - 2010-12-23 15:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-08-13 14:13 - 2014-07-16 13:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 14:13 - 2014-07-16 12:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 14:13 - 2014-06-16 12:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 14:13 - 2014-01-24 12:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-13 14:13 - 2013-10-06 06:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-08-13 14:13 - 2013-10-06 05:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-08-13 14:13 - 2013-10-04 12:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-08-13 14:13 - 2013-10-04 11:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-08-13 14:13 - 2013-07-09 15:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-08-13 14:13 - 2013-07-09 15:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-08-13 14:13 - 2013-07-09 14:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-08-13 14:13 - 2013-07-09 14:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-08-13 14:13 - 2013-04-10 16:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-13 14:13 - 2012-11-23 13:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-13 14:13 - 2012-09-26 08:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-08-13 14:13 - 2012-09-26 08:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-08-13 14:13 - 2012-05-14 15:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-13 14:13 - 2011-10-15 16:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-08-13 14:13 - 2011-10-15 15:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-08-13 14:13 - 2011-05-24 21:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-08-13 14:13 - 2011-05-24 20:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-08-13 14:13 - 2011-05-24 20:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-08-13 14:13 - 2011-05-24 20:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-08-13 14:13 - 2011-05-24 20:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-08-13 14:13 - 2011-05-03 15:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-08-13 14:13 - 2011-05-03 14:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-08-13 14:13 - 2011-02-03 21:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-13 14:12 - 2014-04-05 12:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-13 14:12 - 2014-04-05 12:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-13 14:12 - 2014-03-04 19:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-13 14:12 - 2014-03-04 19:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-13 14:12 - 2014-03-04 19:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-13 14:12 - 2014-03-04 19:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-13 14:12 - 2014-03-04 19:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-13 14:12 - 2014-03-04 19:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-13 14:12 - 2014-03-04 19:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-13 14:12 - 2014-03-04 19:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-13 14:12 - 2014-03-04 19:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-13 14:12 - 2014-03-04 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-13 14:12 - 2014-03-04 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-13 14:12 - 2014-01-29 12:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-13 14:12 - 2014-01-29 12:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-13 14:12 - 2013-11-26 21:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-13 14:12 - 2013-08-02 12:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 12:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 11:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-08-13 14:12 - 2013-08-02 10:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 10:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 10:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-13 14:12 - 2013-08-02 10:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-13 14:12 - 2013-05-13 15:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-08-13 14:12 - 2013-05-13 13:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-08-13 14:12 - 2013-05-13 13:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-08-13 14:12 - 2013-05-13 13:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-08-13 14:12 - 2012-06-06 16:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-08-13 14:12 - 2012-06-06 15:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-08-13 14:12 - 2012-05-05 18:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-13 14:12 - 2012-05-05 17:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-13 14:12 - 2011-12-16 18:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-08-13 14:12 - 2011-12-16 17:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-08-13 14:12 - 2011-02-06 03:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-08-13 14:12 - 2011-02-06 03:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-08-13 14:12 - 2011-02-06 03:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-08-13 14:12 - 2011-02-06 03:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-08-13 14:12 - 2011-02-06 03:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-08-13 14:12 - 2011-02-06 03:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-08-13 14:12 - 2011-02-06 03:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-08-13 14:11 - 2013-10-12 12:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-13 14:11 - 2013-10-12 12:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-13 14:11 - 2013-10-12 12:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-08-13 14:11 - 2013-10-12 12:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-13 14:11 - 2013-10-12 11:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-13 14:11 - 2013-10-12 11:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-13 14:11 - 2013-10-12 11:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-08-13 14:11 - 2013-10-12 11:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-08-13 14:11 - 2011-12-30 16:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-08-13 14:11 - 2011-12-30 15:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-08-13 14:07 - 2014-08-07 12:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 14:07 - 2014-08-07 12:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 14:07 - 2014-07-14 12:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 14:07 - 2014-07-14 11:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 14:07 - 2013-10-12 12:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-13 14:07 - 2013-10-12 12:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-13 14:07 - 2013-10-12 12:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-13 14:07 - 2013-10-12 12:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-08-13 14:07 - 2013-10-12 12:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-08-13 14:07 - 2013-08-28 11:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-08-13 14:04 - 2012-02-17 16:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-08-13 14:04 - 2012-02-17 15:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-08-13 14:04 - 2012-02-17 14:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-08-13 14:04 - 2011-11-20 00:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-08-13 14:04 - 2011-11-20 00:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-08-13 14:01 - 2014-08-13 14:01 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\WindowsUpdate
2014-08-13 14:01 - 2012-06-03 08:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-13 14:01 - 2012-06-03 08:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-13 14:01 - 2012-06-03 08:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-13 14:01 - 2012-06-03 08:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-13 14:01 - 2012-06-03 08:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-13 14:01 - 2012-06-03 08:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-13 14:01 - 2012-06-03 08:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-13 14:01 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-13 14:01 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-13 13:46 - 2014-08-14 11:32 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-13 13:46 - 2014-08-13 14:12 - 00628288 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-13 13:46 - 2014-08-13 14:12 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-13 13:46 - 2014-08-13 13:46 - 00001078 _____ () C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2014-08-13 13:46 - 2014-08-13 13:46 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-08-13 13:46 - 2014-08-13 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
2014-08-13 13:46 - 2014-08-13 13:46 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-08-13 13:46 - 2013-11-11 20:40 - 00064856 _____ (Kaspersky Lab) C:\Windows\system32\klfphc.dll
2014-08-13 13:46 - 2011-06-02 14:39 - 00084536 _____ (Infowatch) C:\Windows\system32\Drivers\CSCrySec.sys
2014-08-13 13:46 - 2011-06-02 14:39 - 00066616 _____ (Infowatch) C:\Windows\system32\Drivers\CSVirtualDiskDrv.sys
2014-08-13 13:34 - 2014-08-13 16:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-13 13:34 - 2014-08-13 13:34 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-13 13:34 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-13 13:34 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-13 13:34 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-13 13:30 - 2014-08-13 13:30 - 00244120 _____ () C:\Users\Angry_Robot\Desktop\Firefox Setup Stub 31.0.exe
2014-08-13 11:33 - 2014-08-13 11:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-08-13 11:33 - 2012-12-21 08:44 - 00786056 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-08-13 11:33 - 2012-12-21 08:44 - 00366216 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-08-13 11:33 - 2012-12-21 08:44 - 00020616 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-08-13 11:31 - 2013-01-28 14:36 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-08-13 11:30 - 2014-08-13 11:30 - 00000000 ____D () C:\Windows\Chipset
2014-08-13 11:29 - 2014-08-13 11:29 - 00000000 ____D () C:\ProgramData\Intel
2014-08-13 11:29 - 2014-08-13 11:29 - 00000000 ____D () C:\Program Files\Intel
2014-08-13 11:29 - 2013-01-23 17:57 - 00016344 ____R (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-08-13 11:29 - 2011-02-25 16:25 - 00296320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-08-13 11:28 - 2014-08-13 11:33 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-13 11:28 - 2014-08-13 11:28 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2014-08-13 11:28 - 2014-08-13 11:28 - 00000000 ____D () C:\Intel
2014-08-13 11:27 - 2014-08-13 11:28 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-08-13 11:27 - 2014-08-13 11:27 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-13 11:27 - 2014-08-13 11:27 - 00000000 ____D () C:\Program Files\Realtek
2014-08-13 11:27 - 2012-11-21 05:58 - 00378949 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-08-13 11:27 - 2012-11-21 05:13 - 04213904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-08-13 11:27 - 2012-11-21 03:32 - 00118928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-08-13 11:27 - 2012-11-21 03:27 - 10619904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-08-13 11:27 - 2012-11-20 04:18 - 02714720 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-08-13 11:27 - 2012-11-14 04:56 - 03673232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-08-13 11:27 - 2012-10-24 02:03 - 09546616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-08-13 11:27 - 2012-10-24 02:03 - 02080120 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-08-13 11:27 - 2012-10-23 05:48 - 01269904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-08-13 11:27 - 2012-10-04 03:56 - 00772224 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-08-13 11:27 - 2012-10-03 00:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-08-13 11:27 - 2012-10-03 00:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-08-13 11:27 - 2012-10-03 00:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-08-13 11:27 - 2012-09-21 08:44 - 01460600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-08-13 11:27 - 2012-09-20 10:59 - 00869752 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-13 11:27 - 2012-09-12 19:51 - 02743440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-08-13 11:27 - 2012-09-10 00:34 - 02028920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-08-13 11:27 - 2012-09-01 05:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-08-13 11:27 - 2012-09-01 05:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-08-13 11:27 - 2012-09-01 05:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-08-13 11:27 - 2012-09-01 05:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-08-13 11:27 - 2012-09-01 05:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-08-13 11:27 - 2012-08-22 00:51 - 00881808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-08-13 11:27 - 2012-08-14 04:06 - 01561744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-08-13 11:27 - 2012-08-04 04:18 - 01706640 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-08-13 11:27 - 2012-07-16 07:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-08-13 11:27 - 2012-07-16 07:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-08-13 11:27 - 2012-06-21 03:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-08-13 11:27 - 2012-03-08 21:47 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-08-13 11:27 - 2012-03-08 21:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-08-13 11:27 - 2012-01-30 21:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-08-13 11:27 - 2012-01-10 20:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-08-13 11:27 - 2011-12-21 01:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-08-13 11:27 - 2011-11-23 02:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-08-13 11:27 - 2011-09-03 00:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-08-13 11:27 - 2011-09-03 00:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-08-13 11:27 - 2011-09-03 00:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-08-13 11:27 - 2011-08-24 03:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-08-13 11:27 - 2011-05-31 19:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-08-13 11:27 - 2011-03-17 22:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-08-13 11:27 - 2011-03-08 03:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-08-13 11:27 - 2010-11-08 17:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-08-13 11:27 - 2010-11-08 17:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-08-13 11:27 - 2010-11-08 17:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-08-13 11:27 - 2010-11-08 17:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-08-13 11:27 - 2010-11-08 17:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-08-13 11:27 - 2010-11-08 17:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-08-13 11:27 - 2010-11-04 04:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-08-13 11:27 - 2010-09-27 19:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-08-13 11:27 - 2010-07-23 02:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-08-13 11:27 - 2009-11-24 19:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-08-13 11:27 - 2009-11-24 19:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-08-13 11:27 - 2009-11-24 19:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-08-13 11:27 - 2009-11-24 19:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-08-13 11:26 - 2014-08-13 11:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-13 11:26 - 2014-08-13 11:27 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-08-13 11:26 - 2014-08-13 11:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2014-08-13 11:26 - 2012-12-27 11:26 - 00805088 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-08-13 11:26 - 2012-12-27 11:26 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-08-13 11:26 - 2012-12-27 11:26 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-08-13 11:25 - 2014-08-13 11:33 - 00039872 _____ () C:\Windows\Ascd_tmp.ini
2014-08-13 11:25 - 2014-08-13 11:33 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-08-13 11:25 - 2014-08-13 11:25 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_user_01_11_00.Wdf
2014-08-13 11:25 - 2014-08-13 11:25 - 00000000 ____D () C:\Program Files\ASUS
2014-08-13 11:25 - 2014-08-13 11:25 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-08-13 11:25 - 2012-08-22 04:54 - 00015232 ____R () C:\Windows\SysWOW64\Drivers\AsIO.sys
2014-08-13 11:25 - 2012-08-17 12:57 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2014-08-13 11:25 - 2012-07-26 13:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-08-13 11:25 - 2012-07-26 13:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-13 11:25 - 2012-07-26 13:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-13 11:25 - 2012-07-26 13:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-13 11:25 - 2012-07-26 13:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-08-13 11:25 - 2012-07-26 12:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-13 11:25 - 2012-07-26 12:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-13 11:25 - 2012-06-03 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-08-13 11:25 - 2010-06-29 02:41 - 00028672 ____R (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2014-08-13 11:24 - 2014-08-13 15:48 - 00001417 _____ () C:\Users\Angry_Robot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-13 11:24 - 2014-08-13 11:24 - 00000020 ___SH () C:\Users\Angry_Robot\ntuser.ini
2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 __SHD () C:\Recovery
2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\VirtualStore
2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 ____D () C:\Users\Angry_Robot
2014-08-13 11:24 - 2009-07-14 14:54 - 00000000 ___RD () C:\Users\Angry_Robot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-13 11:24 - 2009-07-14 14:49 - 00000000 ___RD () C:\Users\Angry_Robot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-13 11:18 - 2014-08-13 11:18 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-08-13 11:18 - 2014-08-13 11:18 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-14 11:48 - 2014-08-14 11:48 - 00013481 _____ () C:\Users\Just_some_dude\Desktop\FRST.txt
2014-08-14 11:48 - 2014-08-14 11:48 - 00000000 ____D () C:\FRST
2014-08-14 11:47 - 2014-08-14 11:47 - 00001155 _____ () C:\Users\Just_some_dude\Desktop\AdwCleaner[R0].txt
2014-08-14 11:46 - 2014-08-14 11:44 - 00000000 ____D () C:\AdwCleaner
2014-08-14 11:46 - 2014-08-14 11:33 - 00006807 _____ () C:\Windows\WindowsUpdate.log
2014-08-14 11:43 - 2014-08-14 11:43 - 02100224 _____ (Farbar) C:\Users\Just_some_dude\Desktop\FRST64.exe
2014-08-14 11:42 - 2014-08-14 11:42 - 01356107 _____ () C:\Users\Just_some_dude\Desktop\adwcleaner_3.305.exe
2014-08-14 11:35 - 2009-07-14 15:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-14 11:32 - 2014-08-13 13:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-14 11:31 - 2014-08-14 11:31 - 00003338 _____ () C:\Windows\PFRO.log
2014-08-14 11:31 - 2014-08-13 17:34 - 00000368 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-14 11:31 - 2014-08-13 14:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-14 11:31 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-14 05:15 - 2009-07-14 15:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-08-14 05:15 - 2009-07-14 15:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-08-14 00:06 - 2009-07-14 14:45 - 00021056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-14 00:06 - 2009-07-14 14:45 - 00021056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-14 00:04 - 2014-08-13 23:30 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Roaming\vlc
2014-08-13 23:18 - 2014-08-13 19:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-13 23:07 - 2014-08-13 23:07 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-13 22:44 - 2014-08-13 17:07 - 00001275 _____ () C:\Users\Just_some_dude\Documents\Cooking Recipes.txt
2014-08-13 19:14 - 2014-08-13 19:14 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-13 19:14 - 2014-08-13 19:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-13 19:14 - 2014-08-13 19:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-13 19:14 - 2014-08-13 19:14 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-08-13 19:14 - 2014-08-13 19:14 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-13 19:14 - 2014-08-13 19:14 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Roaming\Macromedia
2014-08-13 19:14 - 2014-08-13 19:14 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Local\Macromedia
2014-08-13 19:07 - 2014-08-13 19:07 - 00000000 ____D () C:\Users\Just_some_dude\Desktop\Bleeping Computer
2014-08-13 18:48 - 2014-08-13 18:48 - 00002008 _____ () C:\Users\Angry_Robot\Desktop\attach.txt
2014-08-13 18:47 - 2014-08-13 18:48 - 00023044 _____ () C:\Users\Angry_Robot\Desktop\dds.txt
2014-08-13 18:34 - 2014-08-13 18:34 - 00058016 _____ () C:\Users\Just_some_dude\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-13 18:15 - 2014-08-13 18:15 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-08-13 18:15 - 2014-08-13 18:15 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-13 18:12 - 2014-08-13 18:12 - 05392984 _____ () C:\Users\Just_some_dude\Desktop\RogueKillerX64.exe
2014-08-13 17:57 - 2014-08-13 17:57 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Roaming\Mozilla
2014-08-13 17:57 - 2014-08-13 17:57 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Local\Mozilla
2014-08-13 17:56 - 2014-08-13 17:56 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-13 17:56 - 2014-08-13 17:56 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Roaming\Mozilla
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\Mozilla
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-13 17:56 - 2014-08-13 17:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-13 17:45 - 2014-08-13 17:45 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\Secunia PSI
2014-08-13 17:41 - 2009-07-14 13:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-13 17:37 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 17:21 - 2014-08-13 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-13 17:21 - 2014-08-13 17:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-13 17:21 - 2014-08-13 17:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-13 17:20 - 2014-08-13 15:01 - 00765280 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-13 16:58 - 2014-08-13 16:58 - 00001417 _____ () C:\Users\Just_some_dude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-13 16:58 - 2014-08-13 16:58 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Roaming\Adobe
2014-08-13 16:58 - 2014-08-13 16:58 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Local\NVIDIA
2014-08-13 16:58 - 2014-08-13 16:57 - 00000000 ____D () C:\Users\Just_some_dude
2014-08-13 16:57 - 2014-08-13 16:57 - 00000020 ___SH () C:\Users\Just_some_dude\ntuser.ini
2014-08-13 16:57 - 2014-08-13 16:57 - 00000000 ____D () C:\Users\Just_some_dude\AppData\Local\VirtualStore
2014-08-13 16:22 - 2014-08-13 13:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-13 16:07 - 2014-08-14 05:15 - 00000000 ____D () C:\Windows\Panther
2014-08-13 16:01 - 2014-08-13 16:01 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-13 16:00 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Angry_Robot\Desktop\TDSSKiller.exe
2014-08-13 15:58 - 2014-08-13 15:58 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-13 15:58 - 2014-08-13 15:58 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-13 15:58 - 2014-08-13 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-13 15:58 - 2014-08-13 15:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-13 15:57 - 2014-08-13 15:57 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-13 15:57 - 2014-08-13 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-13 15:57 - 2014-08-13 15:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-13 15:56 - 2014-08-13 15:56 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-08-13 15:56 - 2014-08-13 15:56 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-08-13 15:49 - 2014-08-13 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-13 15:48 - 2014-08-13 15:48 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Roaming\Adobe
2014-08-13 15:48 - 2014-08-13 15:48 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\NVIDIA
2014-08-13 15:48 - 2014-08-13 11:24 - 00001417 _____ () C:\Users\Angry_Robot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-13 15:33 - 2011-04-12 18:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-13 15:33 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-13 15:33 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-13 15:33 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-08-13 15:33 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-08-13 15:33 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-13 15:33 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-08-13 15:33 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-08-13 15:33 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-13 15:33 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-13 14:53 - 2014-08-13 14:53 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-13 14:53 - 2014-08-13 14:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-13 14:53 - 2014-08-13 14:53 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-13 14:53 - 2014-08-13 14:53 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-13 14:53 - 2014-08-13 14:53 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-13 14:53 - 2014-08-13 14:53 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-13 14:53 - 2014-08-13 14:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-13 14:53 - 2014-08-13 14:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-13 14:53 - 2014-08-13 14:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-08-13 14:52 - 2014-08-13 14:38 - 00001224 _____ () C:\Users\Angry_Robot\Documents\Cooking Recipes.txt
2014-08-13 14:50 - 2014-08-13 14:50 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-13 14:50 - 2014-08-13 14:50 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-13 14:37 - 2014-08-13 14:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 14:19 - 2014-08-13 14:18 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-13 14:19 - 2014-08-13 14:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-13 14:19 - 2014-08-13 14:18 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-13 14:18 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Help
2014-08-13 14:17 - 2014-08-13 14:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 14:12 - 2014-08-13 13:46 - 00628288 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-13 14:12 - 2014-08-13 13:46 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-13 14:12 - 2013-11-11 20:40 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-08-13 14:12 - 2012-08-02 15:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2014-08-13 14:01 - 2014-08-13 14:01 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\WindowsUpdate
2014-08-13 13:46 - 2014-08-13 13:46 - 00001078 _____ () C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2014-08-13 13:46 - 2014-08-13 13:46 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-08-13 13:46 - 2014-08-13 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
2014-08-13 13:46 - 2014-08-13 13:46 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-08-13 13:34 - 2014-08-13 13:34 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-13 13:34 - 2009-07-14 13:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-13 13:30 - 2014-08-13 13:30 - 00244120 _____ () C:\Users\Angry_Robot\Desktop\Firefox Setup Stub 31.0.exe
2014-08-13 11:33 - 2014-08-13 11:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-08-13 11:33 - 2014-08-13 11:28 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-13 11:33 - 2014-08-13 11:25 - 00039872 _____ () C:\Windows\Ascd_tmp.ini
2014-08-13 11:33 - 2014-08-13 11:25 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-08-13 11:30 - 2014-08-13 11:30 - 00000000 ____D () C:\Windows\Chipset
2014-08-13 11:29 - 2014-08-13 11:29 - 00000000 ____D () C:\ProgramData\Intel
2014-08-13 11:29 - 2014-08-13 11:29 - 00000000 ____D () C:\Program Files\Intel
2014-08-13 11:29 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-13 11:28 - 2014-08-13 11:28 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2014-08-13 11:28 - 2014-08-13 11:28 - 00000000 ____D () C:\Intel
2014-08-13 11:28 - 2014-08-13 11:27 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-08-13 11:27 - 2014-08-13 11:27 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-13 11:27 - 2014-08-13 11:27 - 00000000 ____D () C:\Program Files\Realtek
2014-08-13 11:27 - 2014-08-13 11:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-13 11:27 - 2014-08-13 11:26 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-08-13 11:26 - 2014-08-13 11:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2014-08-13 11:26 - 2009-07-14 15:32 - 00000000 ____D () C:\Windows\system32\restore
2014-08-13 11:25 - 2014-08-13 11:25 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_user_01_11_00.Wdf
2014-08-13 11:25 - 2014-08-13 11:25 - 00000000 ____D () C:\Program Files\ASUS
2014-08-13 11:25 - 2014-08-13 11:25 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-08-13 11:24 - 2014-08-13 11:24 - 00000020 ___SH () C:\Users\Angry_Robot\ntuser.ini
2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 __SHD () C:\Recovery
2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 ____D () C:\Users\Angry_Robot\AppData\Local\VirtualStore
2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 ____D () C:\Users\Angry_Robot
2014-08-13 11:23 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2014-08-13 11:18 - 2014-08-13 11:18 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-08-13 11:18 - 2014-08-13 11:18 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-08-13 11:18 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-13 11:18 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-07 12:06 - 2014-08-13 14:07 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 12:01 - 2014-08-13 14:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 09:20 - 2010-11-21 13:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-01 09:41 - 2014-08-13 17:18 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 09:16 - 2014-08-13 17:18 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 23:41 - 2014-08-13 14:36 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-26 00:52 - 2014-08-13 17:18 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-26 00:02 - 2014-08-13 17:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-26 00:01 - 2014-08-13 17:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 23:51 - 2014-08-13 17:18 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 23:30 - 2014-08-13 17:18 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 23:28 - 2014-08-13 17:18 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 23:28 - 2014-08-13 17:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 23:25 - 2014-08-13 17:18 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 23:25 - 2014-08-13 17:18 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 23:11 - 2014-08-13 17:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 23:10 - 2014-08-13 17:18 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 23:04 - 2014-08-13 17:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 23:03 - 2014-08-13 17:18 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 23:00 - 2014-08-13 17:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 23:00 - 2014-08-13 17:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 22:59 - 2014-08-13 17:18 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 22:47 - 2014-08-13 17:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 22:40 - 2014-08-13 17:18 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 22:34 - 2014-08-13 17:18 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 22:34 - 2014-08-13 17:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 22:33 - 2014-08-13 17:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 22:30 - 2014-08-13 17:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 22:28 - 2014-08-13 17:18 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 22:28 - 2014-08-13 17:18 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 22:21 - 2014-08-13 17:18 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 22:19 - 2014-08-13 17:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 22:18 - 2014-08-13 17:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 22:17 - 2014-08-13 17:18 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 22:17 - 2014-08-13 17:18 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 22:12 - 2014-08-13 17:18 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 22:10 - 2014-08-13 17:18 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 22:10 - 2014-08-13 17:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 22:08 - 2014-08-13 17:18 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 22:06 - 2014-08-13 17:18 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 21:52 - 2014-08-13 17:18 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 21:47 - 2014-08-13 17:18 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 21:43 - 2014-08-13 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 21:42 - 2014-08-13 17:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 21:39 - 2014-08-13 17:18 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 21:39 - 2014-08-13 17:18 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 21:36 - 2014-08-13 17:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 21:34 - 2014-08-13 17:18 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 21:29 - 2014-08-13 17:18 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 21:23 - 2014-08-13 17:18 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 21:13 - 2014-08-13 17:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 21:07 - 2014-08-13 17:18 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 21:07 - 2014-08-13 17:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 21:03 - 2014-08-13 17:18 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 20:52 - 2014-08-13 17:18 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 20:26 - 2014-08-13 17:18 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 20:17 - 2014-08-13 17:18 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 20:09 - 2014-08-13 17:18 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 20:05 - 2014-08-13 17:18 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 20:00 - 2014-08-13 17:18 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-16 13:25 - 2014-08-13 14:14 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-16 13:23 - 2014-08-13 14:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-16 12:46 - 2014-08-13 14:14 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-16 12:46 - 2014-08-13 14:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-07-16 12:12 - 2014-08-13 14:14 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-13 20:18

==================== End Of Log ============================

 

 

 

FSRT64 Additonal Report :

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-08-2014 01
Ran by Angry_Robot at 2014-08-14 11:49:11
Running from C:\Users\Just_some_dude\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {8D12E854-2632-43C8-952C-70C10D84D8D4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-13] (Adobe Systems Incorporated)
Task: {FCEF324D-F182-4210-B1A1-83EEACF29ACB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-08-13 11:25 - 2012-10-29 17:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2014-08-13 14:18 - 2014-03-04 23:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-13 11:25 - 2014-08-14 11:31 - 00024576 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2014-08-13 11:25 - 2012-05-08 02:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-08-13 11:28 - 2013-01-23 17:57 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-08-13 17:56 - 2014-07-17 15:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38236229.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\38236229.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/14/2014 11:33:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2014 11:09:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (08/14/2014 11:33:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2014 11:09:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 14%
Total physical RAM: 16323.35 MB
Available physical RAM: 14030.87 MB
Total Pagefile: 32644.88 MB
Available Pagefile: 30256.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:887.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 53EAC2C4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

Thanks again nasdaq for any assistance that you can provide.

 


Edited by Agent_Orange, 14 August 2014 - 02:06 AM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:51 PM

Posted 14 August 2014 - 08:43 AM

Run the AdwCleaner tool and clean this item.

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

===

Let me check further.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#7 Agent_Orange

Agent_Orange
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 14 August 2014 - 08:53 AM

Hin asdaq - bare with me please whilst I switch pc's  - iI will be offline for about 10 mins and then will get to the tasks you have set for me.



#8 Agent_Orange

Agent_Orange
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 14 August 2014 - 09:15 AM

Her is the report from the Adwcleaner scan after selecting to clean HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

It seems as though I have a new Firefox browser.

I shall have the other reports for you shortly.

 

# AdwCleaner v3.305 - Report created 15/08/2014 at 00:10:11
# Updated 14/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Angry_Robot - ANGRY_ROBOT-PC
# Running from : C:\Users\Just_some_dude\Desktop\adwcleaner_3.305.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Angry_Robot\AppData\Roaming\Mozilla\Firefox\Profiles\zn2lazw5.default\prefs.js ]


[ File : C:\Users\Just_some_dude\AppData\Roaming\Mozilla\Firefox\Profiles\m4300ihh.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1155 octets] - [14/08/2014 11:44:53]
AdwCleaner[R1].txt - [1215 octets] - [14/08/2014 23:57:39]
AdwCleaner[R2].txt - [1019 octets] - [15/08/2014 00:10:11]
AdwCleaner[S0].txt - [1284 octets] - [15/08/2014 00:05:49]

########## EOF - \AdwCleaner\AdwCleaner[R2].txt - [1139 octets] ##########
 



#9 Agent_Orange

Agent_Orange
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 14 August 2014 - 09:23 AM

Here is the report from the TDSSKiller scan - it found adwcleaner to be an usigned file  - I left the action for that as "skip"

Also - I selected "Detect TDLFS File System" & "Verify Digital Signatures" as options in the scan parameters - not sure iof that was the correct thing to do or not?

00:16:21.0677 0x073c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
00:16:24.0968 0x073c  ============================================================
00:16:24.0968 0x073c  Current date / time: 2014/08/15 00:16:24.0968
00:16:24.0968 0x073c  SystemInfo:
00:16:24.0968 0x073c  
00:16:24.0968 0x073c  OS Version: 6.1.7601 ServicePack: 1.0
00:16:24.0968 0x073c  Product type: Workstation
00:16:24.0968 0x073c  ComputerName: ANGRY_ROBOT-PC
00:16:24.0968 0x073c  UserName: Angry_Robot
00:16:24.0968 0x073c  Windows directory: C:\Windows
00:16:24.0968 0x073c  System windows directory: C:\Windows
00:16:24.0968 0x073c  Running under WOW64
00:16:24.0968 0x073c  Processor architecture: Intel x64
00:16:24.0968 0x073c  Number of processors: 8
00:16:24.0968 0x073c  Page size: 0x1000
00:16:24.0968 0x073c  Boot type: Normal boot
00:16:24.0968 0x073c  ============================================================
00:16:27.0386 0x073c  KLMD registered as C:\Windows\system32\drivers\05302094.sys
00:16:27.0807 0x073c  System UUID: {FF4E17CB-44C7-584C-E170-7E871B5A3A98}
00:16:28.0532 0x073c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:16:28.0532 0x073c  ============================================================
00:16:28.0532 0x073c  \Device\Harddisk0\DR0:
00:16:28.0532 0x073c  MBR partitions:
00:16:28.0532 0x073c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:16:28.0532 0x073c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
00:16:28.0532 0x073c  ============================================================
00:16:28.0552 0x073c  C: <-> \Device\Harddisk0\DR0\Partition2
00:16:28.0552 0x073c  ============================================================
00:16:28.0552 0x073c  Initialize success
00:16:28.0552 0x073c  ============================================================
00:18:35.0309 0x0738  ============================================================
00:18:35.0309 0x0738  Scan started
00:18:35.0309 0x0738  Mode: Manual; SigCheck; TDLFS;
00:18:35.0309 0x0738  ============================================================
00:18:35.0309 0x0738  KSN ping started
00:18:38.0180 0x0738  KSN ping finished: true
00:18:38.0928 0x0738  ================ Scan system memory ========================
00:18:38.0928 0x0738  System memory - ok
00:18:38.0928 0x0738  ================ Scan services =============================
00:18:39.0069 0x0738  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
00:18:39.0116 0x0738  1394ohci - ok
00:18:39.0116 0x0738  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
00:18:39.0131 0x0738  ACPI - ok
00:18:39.0147 0x0738  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
00:18:39.0178 0x0738  AcpiPmi - ok
00:18:39.0256 0x0738  [ F4BF3ADDDDC1AD372604F13C2B0C1F65, FA37ED5014336A72F778C485226B61BEFECEB861AB754862738795C167F0BAB7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:18:39.0256 0x0738  AdobeFlashPlayerUpdateSvc - ok
00:18:39.0287 0x0738  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:18:39.0303 0x0738  adp94xx - ok
00:18:39.0318 0x0738  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:18:39.0334 0x0738  adpahci - ok
00:18:39.0334 0x0738  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:18:39.0334 0x0738  adpu320 - ok
00:18:39.0365 0x0738  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:18:39.0428 0x0738  AeLookupSvc - ok
00:18:39.0474 0x0738  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
00:18:39.0490 0x0738  AFD - ok
00:18:39.0506 0x0738  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
00:18:39.0506 0x0738  agp440 - ok
00:18:39.0506 0x0738  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
00:18:39.0537 0x0738  ALG - ok
00:18:39.0552 0x0738  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:18:39.0568 0x0738  aliide - ok
00:18:39.0584 0x0738  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
00:18:39.0584 0x0738  amdide - ok
00:18:39.0584 0x0738  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
00:18:39.0599 0x0738  AmdK8 - ok
00:18:39.0599 0x0738  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
00:18:39.0615 0x0738  AmdPPM - ok
00:18:39.0646 0x0738  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:18:39.0646 0x0738  amdsata - ok
00:18:39.0646 0x0738  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
00:18:39.0662 0x0738  amdsbs - ok
00:18:39.0662 0x0738  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:18:39.0677 0x0738  amdxata - ok
00:18:39.0677 0x0738  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
00:18:39.0740 0x0738  AppID - ok
00:18:39.0755 0x0738  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:18:39.0786 0x0738  AppIDSvc - ok
00:18:39.0802 0x0738  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
00:18:39.0818 0x0738  Appinfo - ok
00:18:39.0818 0x0738  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
00:18:39.0818 0x0738  arc - ok
00:18:39.0833 0x0738  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:18:39.0849 0x0738  arcsas - ok
00:18:39.0911 0x0738  [ 1A7A2CAC3B5AFABD6636B25DFE33CBAD, 0677FD0A6548E93320EF45B7EBD96F2FEA406790C68AA1F41623A1BFF8A1282E ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
00:18:39.0942 0x0738  asComSvc - ok
00:18:39.0974 0x0738  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
00:18:39.0989 0x0738  AsIO - ok
00:18:40.0067 0x0738  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:18:40.0067 0x0738  aspnet_state - ok
00:18:40.0083 0x0738  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:18:40.0114 0x0738  AsyncMac - ok
00:18:40.0130 0x0738  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
00:18:40.0130 0x0738  atapi - ok
00:18:40.0161 0x0738  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:18:40.0192 0x0738  AudioEndpointBuilder - ok
00:18:40.0208 0x0738  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:18:40.0239 0x0738  AudioSrv - ok
00:18:40.0270 0x0738  [ 7E91655B4947EC1B18B3BC1645839145, 4425326D019A7A6380B71D6710AD94D58A11E1BC5BA42159DD4A17437A296C48 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
00:18:40.0286 0x0738  AVP - ok
00:18:40.0286 0x0738  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:18:40.0317 0x0738  AxInstSV - ok
00:18:40.0332 0x0738  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
00:18:40.0348 0x0738  b06bdrv - ok
00:18:40.0379 0x0738  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:18:40.0395 0x0738  b57nd60a - ok
00:18:40.0410 0x0738  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:18:40.0457 0x0738  BDESVC - ok
00:18:40.0457 0x0738  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:18:40.0488 0x0738  Beep - ok
00:18:40.0520 0x0738  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
00:18:40.0551 0x0738  BFE - ok
00:18:40.0582 0x0738  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
00:18:40.0613 0x0738  BITS - ok
00:18:40.0629 0x0738  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
00:18:40.0629 0x0738  blbdrive - ok
00:18:40.0660 0x0738  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:18:40.0660 0x0738  bowser - ok
00:18:40.0676 0x0738  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
00:18:40.0691 0x0738  BrFiltLo - ok
00:18:40.0691 0x0738  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
00:18:40.0707 0x0738  BrFiltUp - ok
00:18:40.0722 0x0738  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
00:18:40.0738 0x0738  Browser - ok
00:18:40.0738 0x0738  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
00:18:40.0769 0x0738  Brserid - ok
00:18:40.0769 0x0738  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:18:40.0785 0x0738  BrSerWdm - ok
00:18:40.0800 0x0738  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:18:40.0800 0x0738  BrUsbMdm - ok
00:18:40.0800 0x0738  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
00:18:40.0816 0x0738  BrUsbSer - ok
00:18:40.0816 0x0738  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:18:40.0832 0x0738  BTHMODEM - ok
00:18:40.0847 0x0738  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
00:18:40.0863 0x0738  bthserv - ok
00:18:40.0863 0x0738  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:18:40.0894 0x0738  cdfs - ok
00:18:40.0894 0x0738  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:18:40.0925 0x0738  cdrom - ok
00:18:40.0925 0x0738  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
00:18:40.0941 0x0738  CertPropSvc - ok
00:18:40.0956 0x0738  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
00:18:40.0972 0x0738  circlass - ok
00:18:40.0972 0x0738  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
00:18:40.0988 0x0738  CLFS - ok
00:18:41.0034 0x0738  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:18:41.0034 0x0738  clr_optimization_v2.0.50727_32 - ok
00:18:41.0034 0x0738  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:18:41.0050 0x0738  clr_optimization_v2.0.50727_64 - ok
00:18:41.0097 0x0738  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:18:41.0097 0x0738  clr_optimization_v4.0.30319_32 - ok
00:18:41.0112 0x0738  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:18:41.0128 0x0738  clr_optimization_v4.0.30319_64 - ok
00:18:41.0144 0x0738  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
00:18:41.0159 0x0738  CmBatt - ok
00:18:41.0159 0x0738  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:18:41.0175 0x0738  cmdide - ok
00:18:41.0190 0x0738  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
00:18:41.0206 0x0738  CNG - ok
00:18:41.0222 0x0738  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
00:18:41.0222 0x0738  Compbatt - ok
00:18:41.0237 0x0738  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
00:18:41.0237 0x0738  CompositeBus - ok
00:18:41.0237 0x0738  COMSysApp - ok
00:18:41.0253 0x0738  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:18:41.0253 0x0738  crcdisk - ok
00:18:41.0284 0x0738  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:18:41.0300 0x0738  CryptSvc - ok
00:18:41.0315 0x0738  [ 04199CA5C4A6F6E935906A74EAFCA8E7, F02E807E04DA16117E9E4D183186DF9425E9E1AD7CBC34AEED63A38F7D1E75E6 ] CSCrySec        C:\Windows\system32\DRIVERS\CSCrySec.sys
00:18:41.0331 0x0738  CSCrySec - ok
00:18:41.0378 0x0738  [ 0B7E221689F370C87F640C6D2EED7D3F, 2EBA565DAC2DC7182C43174BAAA373610C7083B57279CAD5EA5765E25EA27BCF ] CSObjectsSrv    C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
00:18:41.0393 0x0738  CSObjectsSrv - ok
00:18:41.0424 0x0738  [ 7D7F90460F1309B5205BF8CDFAD63E42, 885B9EA530E7B6D51DC24A5009F37A2D4CCACAFCA0A7CB693F4320E110AFFA4F ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
00:18:41.0424 0x0738  CSVirtualDiskDrv - ok
00:18:41.0456 0x0738  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:18:41.0487 0x0738  DcomLaunch - ok
00:18:41.0502 0x0738  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
00:18:41.0534 0x0738  defragsvc - ok
00:18:41.0549 0x0738  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:18:41.0580 0x0738  DfsC - ok
00:18:41.0596 0x0738  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:18:41.0612 0x0738  Dhcp - ok
00:18:41.0627 0x0738  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
00:18:41.0643 0x0738  discache - ok
00:18:41.0658 0x0738  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
00:18:41.0658 0x0738  Disk - ok
00:18:41.0690 0x0738  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:18:41.0705 0x0738  Dnscache - ok
00:18:41.0736 0x0738  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:18:41.0768 0x0738  dot3svc - ok
00:18:41.0768 0x0738  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
00:18:41.0799 0x0738  DPS - ok
00:18:41.0830 0x0738  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:18:41.0846 0x0738  drmkaud - ok
00:18:41.0892 0x0738  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:18:41.0908 0x0738  DXGKrnl - ok
00:18:41.0924 0x0738  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
00:18:41.0939 0x0738  EapHost - ok
00:18:42.0002 0x0738  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
00:18:42.0064 0x0738  ebdrv - ok
00:18:42.0080 0x0738  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
00:18:42.0095 0x0738  EFS - ok
00:18:42.0142 0x0738  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:18:42.0189 0x0738  ehRecvr - ok
00:18:42.0189 0x0738  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
00:18:42.0204 0x0738  ehSched - ok
00:18:42.0220 0x0738  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:18:42.0220 0x0738  elxstor - ok
00:18:42.0236 0x0738  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:18:42.0251 0x0738  ErrDev - ok
00:18:42.0282 0x0738  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
00:18:42.0298 0x0738  EventSystem - ok
00:18:42.0314 0x0738  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
00:18:42.0329 0x0738  exfat - ok
00:18:42.0329 0x0738  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:18:42.0360 0x0738  fastfat - ok
00:18:42.0376 0x0738  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
00:18:42.0392 0x0738  Fax - ok
00:18:42.0407 0x0738  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
00:18:42.0423 0x0738  fdc - ok
00:18:42.0423 0x0738  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
00:18:42.0438 0x0738  fdPHost - ok
00:18:42.0454 0x0738  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:18:42.0470 0x0738  FDResPub - ok
00:18:42.0470 0x0738  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:18:42.0485 0x0738  FileInfo - ok
00:18:42.0501 0x0738  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:18:42.0516 0x0738  Filetrace - ok
00:18:42.0516 0x0738  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
00:18:42.0532 0x0738  flpydisk - ok
00:18:42.0532 0x0738  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:18:42.0548 0x0738  FltMgr - ok
00:18:42.0579 0x0738  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
00:18:42.0610 0x0738  FontCache - ok
00:18:42.0641 0x0738  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:18:42.0657 0x0738  FontCache3.0.0.0 - ok
00:18:42.0657 0x0738  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:18:42.0657 0x0738  FsDepends - ok
00:18:42.0672 0x0738  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:18:42.0672 0x0738  Fs_Rec - ok
00:18:42.0704 0x0738  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:18:42.0719 0x0738  fvevol - ok
00:18:42.0719 0x0738  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:18:42.0719 0x0738  gagp30kx - ok
00:18:42.0735 0x0738  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:18:42.0766 0x0738  gpsvc - ok
00:18:42.0766 0x0738  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:18:42.0797 0x0738  hcw85cir - ok
00:18:42.0828 0x0738  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:18:42.0844 0x0738  HdAudAddService - ok
00:18:42.0860 0x0738  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:18:42.0875 0x0738  HDAudBus - ok
00:18:42.0875 0x0738  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
00:18:42.0875 0x0738  HidBatt - ok
00:18:42.0875 0x0738  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:18:42.0891 0x0738  HidBth - ok
00:18:42.0906 0x0738  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:18:42.0906 0x0738  HidIr - ok
00:18:42.0922 0x0738  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
00:18:42.0938 0x0738  hidserv - ok
00:18:42.0953 0x0738  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
00:18:42.0969 0x0738  HidUsb - ok
00:18:42.0984 0x0738  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:18:43.0000 0x0738  hkmsvc - ok
00:18:43.0031 0x0738  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:18:43.0047 0x0738  HomeGroupListener - ok
00:18:43.0062 0x0738  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:18:43.0078 0x0738  HomeGroupProvider - ok
00:18:43.0078 0x0738  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:18:43.0094 0x0738  HpSAMD - ok
00:18:43.0125 0x0738  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:18:43.0156 0x0738  HTTP - ok
00:18:43.0172 0x0738  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:18:43.0187 0x0738  hwpolicy - ok
00:18:43.0187 0x0738  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
00:18:43.0187 0x0738  i8042prt - ok
00:18:43.0218 0x0738  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:18:43.0234 0x0738  iaStorV - ok
00:18:43.0281 0x0738  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:18:43.0312 0x0738  idsvc - ok
00:18:43.0328 0x0738  IEEtwCollectorService - ok
00:18:43.0328 0x0738  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:18:43.0328 0x0738  iirsp - ok
00:18:43.0359 0x0738  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
00:18:43.0374 0x0738  IKEEXT - ok
00:18:43.0484 0x0738  [ E4FD2A81EF844C01E3BA6FBED1644A23, 022419EDDA4694536FD677EB3C6BA79A0B318982F0F7644918FD828D1FF64758 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:18:43.0546 0x0738  IntcAzAudAddService - ok
00:18:43.0608 0x0738  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
00:18:43.0640 0x0738  Intel® Capability Licensing Service TCP IP Interface - ok
00:18:43.0655 0x0738  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
00:18:43.0655 0x0738  intelide - ok
00:18:43.0671 0x0738  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:18:43.0686 0x0738  intelppm - ok
00:18:43.0702 0x0738  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:18:43.0733 0x0738  IPBusEnum - ok
00:18:43.0733 0x0738  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:18:43.0764 0x0738  IpFilterDriver - ok
00:18:43.0780 0x0738  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:18:43.0796 0x0738  iphlpsvc - ok
00:18:43.0811 0x0738  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
00:18:43.0811 0x0738  IPMIDRV - ok
00:18:43.0827 0x0738  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:18:43.0858 0x0738  IPNAT - ok
00:18:43.0874 0x0738  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:18:43.0874 0x0738  IRENUM - ok
00:18:43.0874 0x0738  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:18:43.0889 0x0738  isapnp - ok
00:18:43.0905 0x0738  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
00:18:43.0905 0x0738  iScsiPrt - ok
00:18:43.0936 0x0738  [ 897B93573F07C9CB1140516DAC44BC7E, C80665FEA4913DDC72F2140EC92CD4FA5D693BD8D0E4029A99DB96D63172E3D1 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
00:18:43.0952 0x0738  iusb3hcs - ok
00:18:43.0967 0x0738  [ 2D15CEDF619796002E8640F73A4BF920, FCC0137CB5AE32266A550EE46106B80F431F0B55342599951B9D032F8EA10649 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
00:18:43.0967 0x0738  iusb3hub - ok
00:18:43.0983 0x0738  [ F1E93FE111924D0BC853155AADF8048B, 2DFD5B3D042286A0FD5E482C81FAE339E4F05C0A6DFF43061D8502C4551125F7 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
00:18:43.0998 0x0738  iusb3xhc - ok
00:18:44.0076 0x0738  [ 924019BC58FEDDE04A08C45EC1CF1847, F18C581FE5C25C5BE4514185AD44C561EB715B98AFBE81EF0D673E103EA8E8EE ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
00:18:44.0076 0x0738  jhi_service - ok
00:18:44.0092 0x0738  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:18:44.0108 0x0738  kbdclass - ok
00:18:44.0108 0x0738  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
00:18:44.0123 0x0738  kbdhid - ok
00:18:44.0123 0x0738  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
00:18:44.0139 0x0738  KeyIso - ok
00:18:44.0170 0x0738  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
00:18:44.0186 0x0738  kl1 - ok
00:18:44.0201 0x0738  [ 70D959CB6DC1F2AC6AFF3AC20891939D, 22EECAD6C8DD9C2691D707950FFCD5DBA929942450B7E2E69F5DDE9DD4E7DBFE ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
00:18:44.0201 0x0738  KLIF - ok
00:18:44.0217 0x0738  [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
00:18:44.0232 0x0738  KLIM6 - ok
00:18:44.0232 0x0738  [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
00:18:44.0232 0x0738  klkbdflt - ok
00:18:44.0248 0x0738  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
00:18:44.0248 0x0738  klmouflt - ok
00:18:44.0248 0x0738  [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
00:18:44.0264 0x0738  kltdi - ok
00:18:44.0279 0x0738  [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
00:18:44.0279 0x0738  kneps - ok
00:18:44.0310 0x0738  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:18:44.0310 0x0738  KSecDD - ok
00:18:44.0310 0x0738  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:18:44.0326 0x0738  KSecPkg - ok
00:18:44.0326 0x0738  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:18:44.0357 0x0738  ksthunk - ok
00:18:44.0373 0x0738  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:18:44.0420 0x0738  KtmRm - ok
00:18:44.0435 0x0738  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:18:44.0482 0x0738  LanmanServer - ok
00:18:44.0498 0x0738  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:18:44.0529 0x0738  LanmanWorkstation - ok
00:18:44.0544 0x0738  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:18:44.0576 0x0738  lltdio - ok
00:18:44.0576 0x0738  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:18:44.0607 0x0738  lltdsvc - ok
00:18:44.0622 0x0738  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:18:44.0654 0x0738  lmhosts - ok
00:18:44.0685 0x0738  [ DF9ADD70659EA4F2A17075524E043FD8, E7A44B010C3E4D7C5738F143043B032092168AD4FAE611164E661BFFEB7196C6 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:18:44.0685 0x0738  LMS - ok
00:18:44.0700 0x0738  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:18:44.0700 0x0738  LSI_FC - ok
00:18:44.0716 0x0738  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:18:44.0716 0x0738  LSI_SAS - ok
00:18:44.0716 0x0738  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
00:18:44.0732 0x0738  LSI_SAS2 - ok
00:18:44.0732 0x0738  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:18:44.0732 0x0738  LSI_SCSI - ok
00:18:44.0747 0x0738  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
00:18:44.0763 0x0738  luafv - ok
00:18:44.0778 0x0738  [ 9D9ED48F841EA37AA5310D54B9E5D3C7, 147DBEBE08A49486F91B30DE3606AC3B7D765DA751DF6880FA5A2D8FBAA2E2A2 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
00:18:44.0794 0x0738  mbamchameleon - ok
00:18:44.0794 0x0738  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
00:18:44.0810 0x0738  MBAMProtector - ok
00:18:44.0841 0x0738  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
00:18:44.0872 0x0738  MBAMScheduler - ok
00:18:44.0919 0x0738  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
00:18:44.0934 0x0738  MBAMService - ok
00:18:44.0934 0x0738  [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
00:18:44.0934 0x0738  MBAMWebAccessControl - ok
00:18:44.0950 0x0738  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:18:44.0966 0x0738  Mcx2Svc - ok
00:18:44.0981 0x0738  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
00:18:44.0981 0x0738  megasas - ok
00:18:44.0981 0x0738  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
00:18:44.0997 0x0738  MegaSR - ok
00:18:45.0012 0x0738  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
00:18:45.0012 0x0738  MEIx64 - ok
00:18:45.0028 0x0738  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
00:18:45.0044 0x0738  MMCSS - ok
00:18:45.0044 0x0738  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
00:18:45.0075 0x0738  Modem - ok
00:18:45.0090 0x0738  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:18:45.0106 0x0738  monitor - ok
00:18:45.0122 0x0738  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:18:45.0122 0x0738  mouclass - ok
00:18:45.0122 0x0738  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:18:45.0137 0x0738  mouhid - ok
00:18:45.0137 0x0738  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:18:45.0153 0x0738  mountmgr - ok
00:18:45.0184 0x0738  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:18:45.0184 0x0738  MozillaMaintenance - ok
00:18:45.0200 0x0738  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:18:45.0215 0x0738  mpio - ok
00:18:45.0215 0x0738  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:18:45.0231 0x0738  mpsdrv - ok
00:18:45.0246 0x0738  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:18:45.0278 0x0738  MpsSvc - ok
00:18:45.0309 0x0738  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:18:45.0309 0x0738  MRxDAV - ok
00:18:45.0324 0x0738  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:18:45.0340 0x0738  mrxsmb - ok
00:18:45.0356 0x0738  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:18:45.0356 0x0738  mrxsmb10 - ok
00:18:45.0371 0x0738  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:18:45.0387 0x0738  mrxsmb20 - ok
00:18:45.0402 0x0738  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:18:45.0402 0x0738  msahci - ok
00:18:45.0402 0x0738  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:18:45.0418 0x0738  msdsm - ok
00:18:45.0434 0x0738  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
00:18:45.0434 0x0738  MSDTC - ok
00:18:45.0449 0x0738  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:18:45.0465 0x0738  Msfs - ok
00:18:45.0480 0x0738  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:18:45.0496 0x0738  mshidkmdf - ok
00:18:45.0512 0x0738  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:18:45.0512 0x0738  msisadrv - ok
00:18:45.0527 0x0738  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:18:45.0558 0x0738  MSiSCSI - ok
00:18:45.0558 0x0738  msiserver - ok
00:18:45.0574 0x0738  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:18:45.0590 0x0738  MSKSSRV - ok
00:18:45.0590 0x0738  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:18:45.0621 0x0738  MSPCLOCK - ok
00:18:45.0621 0x0738  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:18:45.0652 0x0738  MSPQM - ok
00:18:45.0652 0x0738  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:18:45.0668 0x0738  MsRPC - ok
00:18:45.0668 0x0738  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:18:45.0668 0x0738  mssmbios - ok
00:18:45.0683 0x0738  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:18:45.0714 0x0738  MSTEE - ok
00:18:45.0714 0x0738  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
00:18:45.0730 0x0738  MTConfig - ok
00:18:45.0730 0x0738  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
00:18:45.0730 0x0738  Mup - ok
00:18:45.0746 0x0738  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
00:18:45.0777 0x0738  napagent - ok
00:18:45.0792 0x0738  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:18:45.0808 0x0738  NativeWifiP - ok
00:18:45.0839 0x0738  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:18:45.0855 0x0738  NDIS - ok
00:18:45.0855 0x0738  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:18:45.0886 0x0738  NdisCap - ok
00:18:45.0902 0x0738  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:18:45.0917 0x0738  NdisTapi - ok
00:18:45.0933 0x0738  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:18:45.0948 0x0738  Ndisuio - ok
00:18:45.0948 0x0738  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:18:45.0980 0x0738  NdisWan - ok
00:18:45.0980 0x0738  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:18:45.0995 0x0738  NDProxy - ok
00:18:45.0995 0x0738  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:18:46.0026 0x0738  NetBIOS - ok
00:18:46.0026 0x0738  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:18:46.0042 0x0738  NetBT - ok
00:18:46.0058 0x0738  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
00:18:46.0058 0x0738  Netlogon - ok
00:18:46.0073 0x0738  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
00:18:46.0104 0x0738  Netman - ok
00:18:46.0120 0x0738  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:18:46.0136 0x0738  NetMsmqActivator - ok
00:18:46.0136 0x0738  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:18:46.0151 0x0738  NetPipeActivator - ok
00:18:46.0167 0x0738  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
00:18:46.0198 0x0738  netprofm - ok
00:18:46.0198 0x0738  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:18:46.0214 0x0738  NetTcpActivator - ok
00:18:46.0214 0x0738  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:18:46.0229 0x0738  NetTcpPortSharing - ok
00:18:46.0229 0x0738  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:18:46.0245 0x0738  nfrd960 - ok
00:18:46.0260 0x0738  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:18:46.0260 0x0738  NlaSvc - ok
00:18:46.0276 0x0738  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:18:46.0292 0x0738  Npfs - ok
00:18:46.0292 0x0738  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
00:18:46.0323 0x0738  nsi - ok
00:18:46.0323 0x0738  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:18:46.0354 0x0738  nsiproxy - ok
00:18:46.0385 0x0738  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:18:46.0416 0x0738  Ntfs - ok
00:18:46.0416 0x0738  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
00:18:46.0448 0x0738  Null - ok
00:18:46.0463 0x0738  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
00:18:46.0479 0x0738  NVHDA - ok
00:18:46.0697 0x0738  [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:18:46.0853 0x0738  nvlddmkm - ok
00:18:46.0884 0x0738  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:18:46.0900 0x0738  nvraid - ok
00:18:46.0916 0x0738  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:18:46.0916 0x0738  nvstor - ok
00:18:46.0947 0x0738  [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc           C:\Windows\system32\nvvsvc.exe
00:18:46.0962 0x0738  nvsvc - ok
00:18:46.0978 0x0738  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:18:46.0994 0x0738  nv_agp - ok
00:18:46.0994 0x0738  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:18:47.0009 0x0738  ohci1394 - ok
00:18:47.0025 0x0738  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:18:47.0040 0x0738  p2pimsvc - ok
00:18:47.0056 0x0738  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
00:18:47.0072 0x0738  p2psvc - ok
00:18:47.0087 0x0738  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
00:18:47.0087 0x0738  Parport - ok
00:18:47.0103 0x0738  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:18:47.0118 0x0738  partmgr - ok
00:18:47.0134 0x0738  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:18:47.0150 0x0738  PcaSvc - ok
00:18:47.0150 0x0738  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
00:18:47.0165 0x0738  pci - ok
00:18:47.0181 0x0738  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
00:18:47.0181 0x0738  pciide - ok
00:18:47.0196 0x0738  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:18:47.0196 0x0738  pcmcia - ok
00:18:47.0196 0x0738  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:18:47.0212 0x0738  pcw - ok
00:18:47.0212 0x0738  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:18:47.0243 0x0738  PEAUTH - ok
00:18:47.0306 0x0738  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:18:47.0321 0x0738  PerfHost - ok
00:18:47.0352 0x0738  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
00:18:47.0399 0x0738  pla - ok
00:18:47.0430 0x0738  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:18:47.0446 0x0738  PlugPlay - ok
00:18:47.0446 0x0738  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:18:47.0462 0x0738  PNRPAutoReg - ok
00:18:47.0477 0x0738  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:18:47.0493 0x0738  PNRPsvc - ok
00:18:47.0508 0x0738  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:18:47.0540 0x0738  PolicyAgent - ok
00:18:47.0555 0x0738  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
00:18:47.0602 0x0738  Power - ok
00:18:47.0602 0x0738  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:18:47.0633 0x0738  PptpMiniport - ok
00:18:47.0649 0x0738  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
00:18:47.0649 0x0738  Processor - ok
00:18:47.0680 0x0738  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:18:47.0696 0x0738  ProfSvc - ok
00:18:47.0711 0x0738  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:18:47.0711 0x0738  ProtectedStorage - ok
00:18:47.0727 0x0738  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:18:47.0742 0x0738  Psched - ok
00:18:47.0789 0x0738  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
00:18:47.0789 0x0738  PSI - ok
00:18:47.0820 0x0738  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:18:47.0852 0x0738  ql2300 - ok
00:18:47.0852 0x0738  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:18:47.0867 0x0738  ql40xx - ok
00:18:47.0883 0x0738  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
00:18:47.0898 0x0738  QWAVE - ok
00:18:47.0898 0x0738  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:18:47.0898 0x0738  QWAVEdrv - ok
00:18:47.0914 0x0738  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:18:47.0930 0x0738  RasAcd - ok
00:18:47.0945 0x0738  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:18:47.0961 0x0738  RasAgileVpn - ok
00:18:47.0976 0x0738  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
00:18:47.0992 0x0738  RasAuto - ok
00:18:48.0008 0x0738  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:18:48.0023 0x0738  Rasl2tp - ok
00:18:48.0039 0x0738  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
00:18:48.0070 0x0738  RasMan - ok
00:18:48.0070 0x0738  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:18:48.0101 0x0738  RasPppoe - ok
00:18:48.0101 0x0738  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:18:48.0117 0x0738  RasSstp - ok
00:18:48.0117 0x0738  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:18:48.0148 0x0738  rdbss - ok
00:18:48.0148 0x0738  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
00:18:48.0164 0x0738  rdpbus - ok
00:18:48.0179 0x0738  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:18:48.0195 0x0738  RDPCDD - ok
00:18:48.0195 0x0738  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:18:48.0226 0x0738  RDPENCDD - ok
00:18:48.0226 0x0738  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:18:48.0257 0x0738  RDPREFMP - ok
00:18:48.0288 0x0738  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:18:48.0304 0x0738  RdpVideoMiniport - ok
00:18:48.0320 0x0738  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:18:48.0335 0x0738  RDPWD - ok
00:18:48.0335 0x0738  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:18:48.0351 0x0738  rdyboost - ok
00:18:48.0351 0x0738  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:18:48.0382 0x0738  RemoteAccess - ok
00:18:48.0382 0x0738  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:18:48.0413 0x0738  RemoteRegistry - ok
00:18:48.0429 0x0738  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:18:48.0444 0x0738  RpcEptMapper - ok
00:18:48.0460 0x0738  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
00:18:48.0460 0x0738  RpcLocator - ok
00:18:48.0476 0x0738  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
00:18:48.0507 0x0738  RpcSs - ok
00:18:48.0507 0x0738  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:18:48.0538 0x0738  rspndr - ok
00:18:48.0554 0x0738  [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
00:18:48.0569 0x0738  RTL8167 - ok
00:18:48.0585 0x0738  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
00:18:48.0600 0x0738  SamSs - ok
00:18:48.0600 0x0738  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:18:48.0600 0x0738  sbp2port - ok
00:18:48.0616 0x0738  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:18:48.0647 0x0738  SCardSvr - ok
00:18:48.0647 0x0738  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:18:48.0678 0x0738  scfilter - ok
00:18:48.0694 0x0738  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
00:18:48.0725 0x0738  Schedule - ok
00:18:48.0756 0x0738  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:18:48.0772 0x0738  SCPolicySvc - ok
00:18:48.0788 0x0738  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:18:48.0803 0x0738  SDRSVC - ok
00:18:48.0803 0x0738  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:18:48.0819 0x0738  secdrv - ok
00:18:48.0834 0x0738  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
00:18:48.0850 0x0738  seclogon - ok
00:18:48.0897 0x0738  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
00:18:48.0912 0x0738  Secunia PSI Agent - ok
00:18:48.0928 0x0738  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
00:18:48.0944 0x0738  Secunia Update Agent - ok
00:18:48.0959 0x0738  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
00:18:48.0990 0x0738  SENS - ok
00:18:48.0990 0x0738  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:18:49.0022 0x0738  SensrSvc - ok
00:18:49.0022 0x0738  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:18:49.0037 0x0738  Serenum - ok
00:18:49.0053 0x0738  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
00:18:49.0068 0x0738  Serial - ok
00:18:49.0084 0x0738  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:18:49.0100 0x0738  sermouse - ok
00:18:49.0100 0x0738  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
00:18:49.0131 0x0738  SessionEnv - ok
00:18:49.0146 0x0738  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:18:49.0162 0x0738  sffdisk - ok
00:18:49.0178 0x0738  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:18:49.0178 0x0738  sffp_mmc - ok
00:18:49.0178 0x0738  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:18:49.0209 0x0738  sffp_sd - ok
00:18:49.0224 0x0738  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:18:49.0224 0x0738  sfloppy - ok
00:18:49.0256 0x0738  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:18:49.0271 0x0738  SharedAccess - ok
00:18:49.0287 0x0738  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:18:49.0318 0x0738  ShellHWDetection - ok
00:18:49.0318 0x0738  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
00:18:49.0318 0x0738  SiSRaid2 - ok
00:18:49.0334 0x0738  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:18:49.0334 0x0738  SiSRaid4 - ok
00:18:49.0334 0x0738  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:18:49.0365 0x0738  Smb - ok
00:18:49.0365 0x0738  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:18:49.0396 0x0738  SNMPTRAP - ok
00:18:49.0396 0x0738  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:18:49.0396 0x0738  spldr - ok
00:18:49.0427 0x0738  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
00:18:49.0443 0x0738  Spooler - ok
00:18:49.0505 0x0738  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
00:18:49.0583 0x0738  sppsvc - ok
00:18:49.0583 0x0738  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:18:49.0614 0x0738  sppuinotify - ok
00:18:49.0630 0x0738  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:18:49.0646 0x0738  srv - ok
00:18:49.0661 0x0738  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:18:49.0677 0x0738  srv2 - ok
00:18:49.0677 0x0738  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:18:49.0692 0x0738  srvnet - ok
00:18:49.0708 0x0738  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:18:49.0724 0x0738  SSDPSRV - ok
00:18:49.0739 0x0738  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:18:49.0770 0x0738  SstpSvc - ok
00:18:49.0802 0x0738  [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:18:49.0817 0x0738  Stereo Service - ok
00:18:49.0848 0x0738  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
00:18:49.0848 0x0738  stexstor - ok
00:18:49.0880 0x0738  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
00:18:49.0895 0x0738  stisvc - ok
00:18:49.0911 0x0738  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:18:49.0911 0x0738  swenum - ok
00:18:49.0926 0x0738  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
00:18:49.0958 0x0738  swprv - ok
00:18:50.0004 0x0738  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
00:18:50.0051 0x0738  SysMain - ok
00:18:50.0051 0x0738  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:18:50.0067 0x0738  TabletInputService - ok
00:18:50.0082 0x0738  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:18:50.0114 0x0738  TapiSrv - ok
00:18:50.0129 0x0738  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
00:18:50.0145 0x0738  TBS - ok
00:18:50.0192 0x0738  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:18:50.0223 0x0738  Tcpip - ok
00:18:50.0254 0x0738  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:18:50.0285 0x0738  TCPIP6 - ok
00:18:50.0301 0x0738  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:18:50.0316 0x0738  tcpipreg - ok
00:18:50.0316 0x0738  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:18:50.0332 0x0738  TDPIPE - ok
00:18:50.0348 0x0738  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:18:50.0363 0x0738  TDTCP - ok
00:18:50.0363 0x0738  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:18:50.0379 0x0738  tdx - ok
00:18:50.0379 0x0738  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:18:50.0394 0x0738  TermDD - ok
00:18:50.0410 0x0738  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
00:18:50.0441 0x0738  TermService - ok
00:18:50.0441 0x0738  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
00:18:50.0457 0x0738  Themes - ok
00:18:50.0457 0x0738  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
00:18:50.0488 0x0738  THREADORDER - ok
00:18:50.0488 0x0738  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
00:18:50.0519 0x0738  TrkWks - ok
00:18:50.0566 0x0738  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:18:50.0597 0x0738  TrustedInstaller - ok
00:18:50.0613 0x0738  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:18:50.0613 0x0738  tssecsrv - ok
00:18:50.0644 0x0738  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:18:50.0660 0x0738  TsUsbFlt - ok
00:18:50.0675 0x0738  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
00:18:50.0691 0x0738  TsUsbGD - ok
00:18:50.0706 0x0738  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:18:50.0738 0x0738  tunnel - ok
00:18:50.0738 0x0738  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:18:50.0753 0x0738  uagp35 - ok
00:18:50.0753 0x0738  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:18:50.0784 0x0738  udfs - ok
00:18:50.0784 0x0738  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:18:50.0784 0x0738  UI0Detect - ok
00:18:50.0800 0x0738  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:18:50.0800 0x0738  uliagpkx - ok
00:18:50.0800 0x0738  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:18:50.0816 0x0738  umbus - ok
00:18:50.0831 0x0738  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
00:18:50.0847 0x0738  UmPass - ok
00:18:50.0862 0x0738  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
00:18:50.0894 0x0738  upnphost - ok
00:18:50.0925 0x0738  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:18:50.0925 0x0738  usbccgp - ok
00:18:50.0940 0x0738  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:18:50.0956 0x0738  usbcir - ok
00:18:50.0956 0x0738  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
00:18:50.0956 0x0738  usbehci - ok
00:18:50.0972 0x0738  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:18:50.0987 0x0738  usbhub - ok
00:18:50.0987 0x0738  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:18:50.0987 0x0738  usbohci - ok
00:18:50.0987 0x0738  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
00:18:51.0018 0x0738  usbprint - ok
00:18:51.0034 0x0738  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
00:18:51.0034 0x0738  USBSTOR - ok
00:18:51.0034 0x0738  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:18:51.0050 0x0738  usbuhci - ok
00:18:51.0050 0x0738  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
00:18:51.0065 0x0738  UxSms - ok
00:18:51.0081 0x0738  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
00:18:51.0096 0x0738  VaultSvc - ok
00:18:51.0096 0x0738  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:18:51.0096 0x0738  vdrvroot - ok
00:18:51.0112 0x0738  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
00:18:51.0143 0x0738  vds - ok
00:18:51.0143 0x0738  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:18:51.0159 0x0738  vga - ok
00:18:51.0159 0x0738  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:18:51.0190 0x0738  VgaSave - ok
00:18:51.0190 0x0738  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:18:51.0206 0x0738  vhdmp - ok
00:18:51.0206 0x0738  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:18:51.0206 0x0738  viaide - ok
00:18:51.0206 0x0738  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:18:51.0221 0x0738  volmgr - ok
00:18:51.0221 0x0738  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:18:51.0237 0x0738  volmgrx - ok
00:18:51.0268 0x0738  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:18:51.0284 0x0738  volsnap - ok
00:18:51.0284 0x0738  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:18:51.0299 0x0738  vsmraid - ok
00:18:51.0346 0x0738  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
00:18:51.0393 0x0738  VSS - ok
00:18:51.0393 0x0738  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
00:18:51.0408 0x0738  vwifibus - ok
00:18:51.0408 0x0738  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
00:18:51.0440 0x0738  W32Time - ok
00:18:51.0440 0x0738  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:18:51.0455 0x0738  WacomPen - ok
00:18:51.0455 0x0738  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:18:51.0471 0x0738  WANARP - ok
00:18:51.0471 0x0738  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:18:51.0486 0x0738  Wanarpv6 - ok
00:18:51.0533 0x0738  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
00:18:51.0564 0x0738  WatAdminSvc - ok
00:18:51.0596 0x0738  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
00:18:51.0627 0x0738  wbengine - ok
00:18:51.0642 0x0738  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:18:51.0658 0x0738  WbioSrvc - ok
00:18:51.0658 0x0738  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:18:51.0674 0x0738  wcncsvc - ok
00:18:51.0689 0x0738  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:18:51.0705 0x0738  WcsPlugInService - ok
00:18:51.0705 0x0738  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
00:18:51.0705 0x0738  Wd - ok
00:18:51.0736 0x0738  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:18:51.0752 0x0738  Wdf01000 - ok
00:18:51.0767 0x0738  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:18:51.0783 0x0738  WdiServiceHost - ok
00:18:51.0783 0x0738  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:18:51.0798 0x0738  WdiSystemHost - ok
00:18:51.0814 0x0738  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
00:18:51.0830 0x0738  WebClient - ok
00:18:51.0845 0x0738  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:18:51.0861 0x0738  Wecsvc - ok
00:18:51.0861 0x0738  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:18:51.0892 0x0738  wercplsupport - ok
00:18:51.0892 0x0738  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:18:51.0908 0x0738  WerSvc - ok
00:18:51.0908 0x0738  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:18:51.0939 0x0738  WfpLwf - ok
00:18:51.0939 0x0738  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:18:51.0939 0x0738  WIMMount - ok
00:18:51.0954 0x0738  WinDefend - ok
00:18:51.0970 0x0738  WinHttpAutoProxySvc - ok
00:18:52.0017 0x0738  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:18:52.0032 0x0738  Winmgmt - ok
00:18:52.0079 0x0738  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:18:52.0126 0x0738  WinRM - ok
00:18:52.0142 0x0738  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:18:52.0173 0x0738  Wlansvc - ok
00:18:52.0188 0x0738  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
00:18:52.0204 0x0738  WmiAcpi - ok
00:18:52.0220 0x0738  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:18:52.0235 0x0738  wmiApSrv - ok
00:18:52.0235 0x0738  WMPNetworkSvc - ok
00:18:52.0251 0x0738  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:18:52.0266 0x0738  WPCSvc - ok
00:18:52.0282 0x0738  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:18:52.0282 0x0738  WPDBusEnum - ok
00:18:52.0282 0x0738  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:18:52.0313 0x0738  ws2ifsl - ok
00:18:52.0329 0x0738  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
00:18:52.0344 0x0738  wscsvc - ok
00:18:52.0344 0x0738  WSearch - ok
00:18:52.0407 0x0738  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:18:52.0438 0x0738  wuauserv - ok
00:18:52.0469 0x0738  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:18:52.0485 0x0738  WudfPf - ok
00:18:52.0500 0x0738  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:18:52.0516 0x0738  WUDFRd - ok
00:18:52.0532 0x0738  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:18:52.0547 0x0738  wudfsvc - ok
00:18:52.0563 0x0738  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:18:52.0578 0x0738  WwanSvc - ok
00:18:52.0578 0x0738  ================ Scan global ===============================
00:18:52.0594 0x0738  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:18:52.0610 0x0738  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:18:52.0610 0x0738  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:18:52.0641 0x0738  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:18:52.0641 0x0738  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:18:52.0656 0x0738  [ Global ] - ok
00:18:52.0656 0x0738  ================ Scan MBR ==================================
00:18:52.0656 0x0738  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:18:52.0859 0x0738  \Device\Harddisk0\DR0 - ok
00:18:52.0859 0x0738  ================ Scan VBR ==================================
00:18:52.0859 0x0738  [ 2B225E5C89C272C54AEE1DF3D936D34C ] \Device\Harddisk0\DR0\Partition1
00:18:52.0890 0x0738  \Device\Harddisk0\DR0\Partition1 - ok
00:18:52.0890 0x0738  [ A2A2EF208ECC90DA2888AE0BA00E8103 ] \Device\Harddisk0\DR0\Partition2
00:18:52.0922 0x0738  \Device\Harddisk0\DR0\Partition2 - ok
00:18:52.0922 0x0738  ================ Scan generic autorun ======================
00:18:53.0078 0x0738  [ DB333A5F69B00A6B550901A5C854929F, 7CAB6D0D20CDE3AE41B06826C9045CC3E3438AB94BB3D9D5C0E50EEF3C41101F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
00:18:53.0171 0x0738  RTHDVCPL - ok
00:18:53.0218 0x0738  [ 4F46EA70C7579052F764D0F9B81D23C2, EABE443ABC39AFDA49762A78711FAB4C7367680BE4F0B79F3144362D4A272238 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
00:18:53.0249 0x0738  NvBackend - ok
00:18:53.0296 0x0738  [ 0436F64FD296BE331B3BB0CE446548BF, 53A8F8E58F451A7B030AE61E30DBB9BDFD5342046674177941A838B66D80FD70 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
00:18:53.0312 0x0738  USB3MON - ok
00:18:53.0343 0x0738  [ 7E91655B4947EC1B18B3BC1645839145, 4425326D019A7A6380B71D6710AD94D58A11E1BC5BA42159DD4A17437A296C48 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
00:18:53.0358 0x0738  AVP - ok
00:18:53.0405 0x0738  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:18:53.0452 0x0738  Sidebar - ok
00:18:53.0483 0x0738  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:18:53.0499 0x0738  mctadmin - ok
00:18:53.0514 0x0738  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:18:53.0546 0x0738  Sidebar - ok
00:18:53.0546 0x0738  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:18:53.0561 0x0738  mctadmin - ok
00:18:53.0577 0x0738  [ AC91BC102D407C5F0E91C0B100C01071, 25152391FE8A69D01C5309C09FB43B7E018C4392F634EC2895FAD2C494DBA4A2 ] C:\AdwCleaner\AdwCleaner[S0].txt
00:18:53.0733 0x0738  Report - detected UnsignedFile.Multi.Generic ( 1 )
00:18:56.0775 0x0738  Report ( UnsignedFile.Multi.Generic ) - warning
00:18:59.0817 0x0738  Waiting for KSN requests completion. In queue: 296
00:19:00.0847 0x0738  AV detected via SS2: Kaspersky PURE 3.0, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\wmiav.exe ( 13.0.2.558 ), 0x41000 ( enabled : updated )
00:19:00.0847 0x0738  FW detected via SS2: Kaspersky PURE 3.0, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\wmifw.exe ( 13.0.2.558 ), 0x41010 ( enabled )
00:19:03.0904 0x0738  ============================================================
00:19:03.0904 0x0738  Scan finished
00:19:03.0904 0x0738  ============================================================
00:19:03.0904 0x07bc  Detected object count: 1
00:19:03.0904 0x07bc  Actual detected object count: 1
00:19:13.0077 0x07bc  Report ( UnsignedFile.Multi.Generic ) - skipped by user
00:19:13.0077 0x07bc  Report ( UnsignedFile.Multi.Generic ) - User select action: Skip
 



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:51 PM

Posted 14 August 2014 - 09:24 AM

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh

This is an Extension for Chrome From Kaspersky.
Your call if you want to keep it.


Here is the report from the TDSSKiller scan - it found adwcleaner to be an usigned file - I left the action for that as "skip"

Close the AdwCleaner application.
run the TDSSKILLER AGAIN. If it's listed remove it.
===

Waiting for the aswMBR log.

Edited by nasdaq, 14 August 2014 - 09:29 AM.


#11 Agent_Orange

Agent_Orange
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 14 August 2014 - 09:36 AM

Her is the aswMBRlog as requested :

 

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-15 00:26:38
-----------------------------
00:26:38.893    OS Version: Windows x64 6.1.7601 Service Pack 1
00:26:38.893    Number of processors: 8 586 0x3C03
00:26:38.893    ComputerName: ANGRY_ROBOT-PC  UserName: Angry_Robot
00:26:40.328    Initialize success
00:26:40.375    VM: initialized successfully
00:26:40.375    VM: Intel CPU BiosDisabled
00:26:44.743    VM: supported disk I/O ataport.SYS
00:31:41.817    AVAST engine defs: 14081400
00:31:51.442    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:31:51.458    Disk 0 Vendor: WDC_WD1003FZEX-00MK2A0 01.01A01 Size: 953869MB BusType: 11
00:31:51.551    Disk 0 MBR read successfully
00:31:51.551    Disk 0 MBR scan
00:31:51.551    Disk 0 Windows 7 default MBR code
00:31:51.551    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
00:31:51.567    Disk 0 default boot code
00:31:51.567    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       953767 MB offset 206848
00:31:51.582    Disk 0 scanning C:\Windows\system32\drivers
00:31:56.777    Service scanning
00:32:05.591    Modules scanning
00:32:05.591    Disk 0 trace - called modules:
00:32:05.591    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
00:32:05.591    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d7fa790]
00:32:05.591    3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800d16d550]
00:32:06.980    AVAST engine scan C:\Windows
00:32:08.930    AVAST engine scan C:\Windows\system32
00:34:06.351    AVAST engine scan C:\Windows\system32\drivers
00:34:11.483    AVAST engine scan C:\Users\Angry_Robot
00:34:18.269    AVAST engine scan C:\ProgramData
00:34:43.791    Scan finished successfully
00:35:00.389    Disk 0 MBR has been saved successfully to "C:\Users\Just_some_dude\Desktop\MBR.dat"
00:35:00.389    The log file has been saved successfully to "C:\Users\Just_some_dude\Desktop\aswMBR.txt"


Edited by Agent_Orange, 14 August 2014 - 09:37 AM.


#12 Agent_Orange

Agent_Orange
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 14 August 2014 - 09:40 AM

aswMBR dat

Attached Files

  • Attached File  MBR.zip   559bytes   0 downloads


#13 Agent_Orange

Agent_Orange
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 14 August 2014 - 09:44 AM

Ran TDSSKiller again after shutting the adwcleaner application down - it listed it as a suspicious object (unsigned file) again so I have deleted adwcleaner as you instructed.



#14 Agent_Orange

Agent_Orange
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:01:51 PM

Posted 14 August 2014 - 10:40 AM

It is late here - I am heading to bed. I will attend to any tasks that you may set for me during the day and try to be online when you are here during the small window of opportunity I have to do so.

 

Thanks for your help nasdaq, hope you have good day. 



#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:51 PM

Posted 14 August 2014 - 12:24 PM

* Firefox is asking me if I want to allow pages to be automatically re directed (I have it set in options to warn me if websites try to automatically redirect a page) on most web pages that I visit - something that I have not experienced in the past.


Remove that option. It's very annoying.

===
 

My pc is taking a long time to shut down (5 mins or more).

It could be that a running programs is not releasing it's space.

Next time you close you computer close all Windows and programs. (Except the Protection software).

If all is well then by trial and error leave one or two programs running next time.
You may be able to identify the culprit.
===
 

I visited a website that I wish to purchase a subscription for - when I had entered my details and pressed enter to submit my information to complete the registration Kaspersky sprung into action and blocked the connection to the website - reason provided = Phishing URL................I then went and followed the same steps on another pc - no problem whatsoever.


Reset your IP.

Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.bleepingcomputer.com/tutorials/windows-elevated-command-prompt/
<<<>>>

If that fails to remove the Redirects try this.
...

Reset all you Browsers.

Reset Chrome...
Click on "Customize and control Google Chrome":
 
p22003758.gif
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
====

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

Internet Explorer:
Menu > Tools > Internet Options > General Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.

===

How is it now?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users