Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pages Hang.. ME and MB turn of and on .. chrome wont start


  • This topic is locked This topic is locked
81 replies to this topic

#1 WenJac

WenJac

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 12 October 2015 - 01:14 AM

ok had the pc less than a month... started in fb pages hang cant close so ctrl alt del to close them  sometimes that wont work either...Microsoft essentials turns on and of  red to green to amber .... malware bytes (full version) also stops...then next min runs ... chrome wont work at all Im on Opera atm I have fill in ..in my profile the most i know what comp is....hope someone can help... here is first page from FRST64 
and ty in advance x
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-10-2015 02
Ran by User (administrator) on USER-PC (12-10-2015 16:51:31)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: Tech Support & User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Trion Worlds Inc.) C:\Program Files (x86)\Glyph\GlyphClient.exe
(Trion Worlds Inc.) C:\Program Files (x86)\Glyph\GlyphCrashHandler.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Farbar) C:\Users\User\Desktop\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-30] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1885530009-3786166672-2374549280-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-21] (Piriform Ltd)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{204C2BD1-7610-4F06-9C03-97673EBDA4F9}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{6D65CB84-21B8-4C8C-BF9E-C3F44339DBB3}: [DhcpNameServer] 10.0.0.138
 
Internet Explorer:
==================
HKU\S-1-5-21-1885530009-3786166672-2374549280-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-au/?ocid=iehp
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @gentek.com/thinclient -> C:\Users\User\AppData\Roaming\gentek\npthinclient.dll [2015-09-16] (Generic Network)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1885530009-3786166672-2374549280-1001: @g2.com/iggweb3dupdater -> C:\Users\User\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll [2012-04-19] (IGG)
FF Plugin HKU\S-1-5-21-1885530009-3786166672-2374549280-1001: @g2.com/joyconnectshell -> C:\Users\User\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll [2012-04-19] (IGG)
FF Plugin HKU\S-1-5-21-1885530009-3786166672-2374549280-1001: @gentek.com/thinclient -> C:\IGG\twclient_us\npthinclient.dll [2012-09-18] (Generic Network)
FF Plugin HKU\S-1-5-21-1885530009-3786166672-2374549280-1001: @my.com/Games -> C:\Users\User\AppData\Local\MyComGames\NPMyComDetector.dll [2015-09-26] (My.com, Inc)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2015-09-16]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-16]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-16]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-16]
CHR Extension: (Crystal Saga) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbadcdoippjkpjckifngelnbjanhcak [2015-09-16]
CHR Extension: (Phantom Seeds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinggomlpbhmhlpjbphbniocljocmdkg [2015-09-16]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-16]
CHR Extension: (Gumtree AU) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkikcapmobbpchilifibnfndebjdeilg [2015-09-16]
CHR Extension: (Full Screen Weather) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2015-09-16]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-16]
CHR Extension: (Arcane Legends) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2015-09-16]
CHR Extension: (The West) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2015-09-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-16]
CHR Extension: (Webcam Toy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-09-16]
CHR Extension: (Drakensang Online) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgloifppaepihckkhiocnodicehjdoof [2015-09-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-16]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-16]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2225808 2014-12-08] (MediaTek Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 O2FJ2RDR; C:\Windows\system32\drivers\O2FJ2w7x64.sys [186784 2013-07-20] (O2Micro )
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows ® Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
S3 ST_Accel; C:\Windows\system32\drivers\ST_Accel.sys [87776 2013-04-11] (STMicroelectronics)
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-12 16:51 - 2015-10-12 16:52 - 00013131 _____ C:\Users\User\Desktop\FRST.txt
2015-10-12 16:50 - 2015-10-12 16:50 - 02195968 _____ (Farbar) C:\Users\User\Downloads\FRST64 (1).exe
2015-10-12 16:50 - 2015-10-12 16:50 - 02195968 _____ (Farbar) C:\Users\User\Desktop\FRST64 (1).exe
2015-10-12 16:49 - 2015-10-12 16:51 - 00000000 ____D C:\FRST
2015-10-12 16:47 - 2015-10-12 16:48 - 02195968 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-10-12 11:02 - 2015-10-12 15:06 - 00001947 _____ C:\Users\User\Desktop\Moonlight.lnk
2015-10-11 22:29 - 2015-10-11 22:29 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-11 17:51 - 2015-10-11 19:08 - 00000000 ____D C:\AdwCleaner
2015-10-11 14:45 - 2015-10-11 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2015-10-11 14:45 - 2015-10-11 14:45 - 00000000 ____D C:\Program Files\Reason
2015-10-11 14:36 - 2015-10-11 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-10-11 14:36 - 2015-10-11 21:40 - 00000000 ____D C:\Program Files\Speccy
2015-10-11 14:34 - 2015-10-12 01:20 - 00000000 ____D C:\Users\User\Desktop\Games
2015-10-11 11:02 - 2015-10-11 11:02 - 02460609 _____ C:\Users\User\Downloads\Windows6.1-KB3092627-x64.msu
2015-10-11 01:34 - 2015-10-11 01:34 - 00000000 ____D C:\RegBackup
2015-10-11 01:22 - 2015-10-11 01:22 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-10-09 07:25 - 2015-10-09 07:25 - 00000890 _____ C:\nsinst.log
2015-10-09 07:25 - 2015-10-09 07:25 - 00000000 ____D C:\Program Files (x86)\NetRatingsNetSight
2015-10-08 17:32 - 2015-10-10 14:46 - 00000000 ____D C:\Windows\Minidump
2015-10-05 14:23 - 2015-10-11 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2015-10-05 14:19 - 2015-10-05 14:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Guild Wars 2
2015-10-04 18:30 - 2015-10-04 18:30 - 00003148 _____ C:\Windows\System32\Tasks\{17E2AA83-63E7-4565-9531-2E4990878DAB}
2015-10-04 10:50 - 2015-10-12 09:02 - 00000224 _____ C:\Windows\setupact.log
2015-10-04 10:50 - 2015-10-04 10:50 - 00000000 _____ C:\Windows\setuperr.log
2015-10-02 21:06 - 2015-10-11 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-10-02 15:53 - 2015-10-11 21:07 - 00000000 ____D C:\Users\User\Documents\Fax
2015-10-02 15:40 - 2015-10-11 21:41 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-10-02 14:15 - 2015-10-02 14:15 - 00000000 ____D C:\Users\User\AppData\Local\CEF
2015-10-01 20:21 - 2015-10-02 03:02 - 00000000 ____D C:\Users\User\Tracing
2015-10-01 16:58 - 2015-10-01 16:58 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-10-01 16:56 - 2015-10-03 15:43 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live
2015-09-28 01:11 - 2015-09-28 01:11 - 03071032 _____ (Blizzard Entertainment) C:\Users\User\Downloads\Diablo-III-Setup-enUS (2).exe
2015-09-26 17:52 - 2015-09-26 17:52 - 01190104 _____ (Adobe Systems Incorporated) C:\Users\User\Downloads\flashplayer19pp_da_install.exe
2015-09-26 10:27 - 2015-09-26 10:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com
2015-09-26 00:13 - 2015-10-11 21:41 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2015-09-26 00:11 - 2015-10-11 21:41 - 00000000 ____D C:\Users\User\AppData\Local\MyComGames
2015-09-26 00:11 - 2015-09-26 00:11 - 04581872 _____ (MY.COM B.V.) C:\Users\User\Downloads\SkyforgeLoader_en.exe
2015-09-22 17:14 - 2015-10-02 14:45 - 00000000 ____D C:\Users\User\Desktop\Tax Folder
2015-09-21 22:35 - 2015-10-11 21:02 - 00000000 ____D C:\IGG
2015-09-21 22:34 - 2015-10-11 21:07 - 00000000 ____D C:\Users\User\AppData\Roaming\IGG
2015-09-21 22:34 - 2015-09-21 22:34 - 00242752 _____ C:\Users\User\Downloads\Firefox Setup Stub 40.0.3.exe
2015-09-21 22:31 - 2015-09-21 22:31 - 00756928 _____ (IGG, Inc. ) C:\Users\User\Downloads\iggweb3dplayer_1_0_0_38 (1).exe
2015-09-21 22:30 - 2015-09-21 22:30 - 00756928 _____ (IGG, Inc. ) C:\Users\User\Downloads\iggweb3dplayer_1_0_0_38.exe
2015-09-21 22:28 - 2015-10-11 21:07 - 00000000 ____D C:\Users\User\AppData\Roaming\Opera Software
2015-09-21 22:28 - 2015-10-01 22:29 - 00003828 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442834924
2015-09-21 22:28 - 2015-09-21 22:28 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-09-21 22:28 - 2015-09-21 22:28 - 00000000 ____D C:\Users\User\AppData\Local\Opera Software
2015-09-21 22:27 - 2015-10-11 21:41 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-20 16:03 - 2015-09-20 16:03 - 00000000 ____D C:\Users\User\Documents\Diablo III
2015-09-20 14:22 - 2015-10-11 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-09-20 12:56 - 2015-10-11 21:41 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-09-20 11:20 - 2015-09-20 11:20 - 03071032 _____ (Blizzard Entertainment) C:\Users\User\Downloads\Diablo-III-Setup-enUS (1).exe
2015-09-20 11:13 - 2015-10-11 21:41 - 00000000 ____D C:\Users\User\AppData\Roaming\Battle.net
2015-09-20 11:13 - 2015-10-11 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-20 11:13 - 2015-10-07 20:33 - 00000000 ____D C:\Users\User\AppData\Local\Battle.net
2015-09-20 11:13 - 2015-09-20 11:13 - 00000000 ____D C:\Users\User\AppData\Roaming\NVIDIA
2015-09-20 11:13 - 2015-09-20 11:13 - 00000000 ____D C:\Users\User\AppData\Local\Blizzard Entertainment
2015-09-20 11:13 - 2015-09-20 11:13 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-09-20 11:10 - 2015-10-11 21:41 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-20 11:00 - 2015-10-11 21:06 - 00000000 ____D C:\ProgramData\Battle.net
2015-09-20 11:00 - 2015-09-20 11:00 - 03071032 _____ (Blizzard Entertainment) C:\Users\User\Downloads\Diablo-III-Setup-enUS.exe
2015-09-20 00:38 - 2015-09-20 01:15 - 521783366 _____ C:\Users\User\Downloads\sh4_demo.zip
2015-09-19 20:50 - 2015-09-19 20:50 - 00000000 ____D C:\Users\User\AppData\Local\Chromium
2015-09-19 20:45 - 2015-10-11 21:41 - 00000000 ____D C:\Users\User\Desktop\LungCancer Stuff
2015-09-19 20:42 - 2015-10-11 21:43 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-09-19 14:45 - 2015-10-11 21:41 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CABAL2 (US)
2015-09-19 14:45 - 2015-10-11 21:41 - 00000000 ____D C:\Program Files (x86)\CABAL2 (US)
2015-09-19 14:45 - 2015-09-19 14:45 - 00001066 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\CABAL2 (US).lnk
2015-09-18 20:46 - 2015-10-12 16:37 - 00000000 ____D C:\Users\User\Documents\ArcheAge
2015-09-18 20:46 - 2015-09-18 20:46 - 00000000 ____D C:\ArcheAge
2015-09-18 20:43 - 2015-10-11 21:41 - 00000000 ___RD C:\Users\User\OneDrive
2015-09-17 21:00 - 2015-09-17 21:00 - 00000462 _____ C:\Users\User\Desktop\Elements (F) - Shortcut.lnk
2015-09-17 20:58 - 2015-09-26 16:44 - 00000000 ____D C:\Users\User\Desktop\Lyrics
2015-09-17 19:56 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-09-17 19:56 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-09-17 19:56 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-09-17 19:56 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-09-17 19:56 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-09-17 19:56 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-09-17 19:56 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-09-17 19:56 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-09-17 19:56 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-09-17 19:56 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-09-17 19:56 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-09-17 19:56 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-09-17 19:56 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-09-17 19:56 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-09-17 19:56 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-09-17 19:56 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-09-17 19:56 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-09-17 19:56 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-09-17 19:56 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-09-17 19:56 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-09-17 19:56 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-09-17 19:56 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-09-17 19:56 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-09-17 19:56 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-09-17 19:56 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-09-17 19:56 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-09-17 19:56 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-09-17 19:56 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-09-17 19:56 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-09-17 19:56 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-09-17 19:56 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-09-17 19:56 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-09-17 19:56 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-09-17 19:56 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-09-17 19:56 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-09-17 19:56 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-09-17 19:56 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-09-17 19:56 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-09-17 19:56 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-09-17 19:56 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-09-17 19:56 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-09-17 19:56 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-09-17 19:56 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-09-17 19:56 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-09-17 19:56 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-09-17 19:56 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-09-17 19:56 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-09-17 19:56 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-09-17 19:56 - 2008-10-10 05:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-09-17 19:56 - 2008-10-10 05:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-09-17 19:56 - 2008-10-10 05:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-09-17 19:56 - 2008-10-10 05:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-09-17 19:56 - 2008-10-10 05:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-09-17 19:56 - 2008-10-10 05:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-09-17 19:56 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-09-17 19:56 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-09-17 19:56 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-09-17 19:56 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-09-17 19:56 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-09-17 19:56 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-09-17 19:56 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-09-17 19:56 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-09-17 19:56 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-09-17 19:56 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-09-17 19:56 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-09-17 19:56 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-09-17 19:56 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-09-17 19:56 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-09-17 19:56 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-09-17 19:56 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-09-17 19:56 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-09-17 19:56 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-09-17 19:56 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-09-17 19:56 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-09-17 19:56 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-09-17 19:56 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-09-17 19:56 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-09-17 19:56 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-09-17 19:56 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-09-17 19:56 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-09-17 19:56 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-09-17 19:56 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-09-17 19:56 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-09-17 19:56 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-09-17 19:56 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-09-17 19:56 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-09-17 19:56 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-09-17 19:56 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-09-17 19:56 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-09-17 19:56 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-09-17 19:56 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-09-17 19:56 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-09-17 19:56 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-09-17 19:56 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-09-17 19:56 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-09-17 19:56 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-09-17 19:56 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-09-17 19:56 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-09-17 19:56 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-09-17 19:56 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-09-17 19:56 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-09-17 19:56 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-09-17 19:56 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-09-17 19:56 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-09-17 19:56 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-09-17 19:56 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-09-17 19:56 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-09-17 19:56 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-09-17 19:56 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-09-17 19:56 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-09-17 19:56 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-09-17 19:56 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-09-17 19:56 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-09-17 19:56 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-09-17 19:56 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-09-17 19:56 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-09-17 19:56 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-09-17 19:56 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-09-17 19:56 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-09-17 19:56 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-09-17 19:56 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-09-17 19:56 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-09-17 19:56 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-09-17 19:56 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-09-17 19:56 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-09-17 19:56 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-09-17 19:56 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-09-17 19:56 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-09-17 19:56 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-09-17 19:56 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-09-17 19:55 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-09-17 19:55 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-09-17 19:55 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-09-17 19:55 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-09-17 19:55 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-09-17 19:55 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-09-17 19:55 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-09-17 19:55 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-09-17 19:55 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-09-17 19:55 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-09-17 19:55 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-09-17 19:55 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-09-17 19:55 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-09-17 19:55 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-09-17 19:55 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-09-17 19:55 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-09-17 19:55 - 2006-03-31 13:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-09-17 19:55 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-09-17 19:55 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-09-17 19:55 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-09-17 19:55 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-09-17 19:55 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-09-17 19:55 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-09-17 19:55 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-09-17 19:55 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-09-17 19:55 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-09-17 19:55 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-09-17 19:55 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-09-17 19:55 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-09-17 19:55 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-09-17 19:55 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-09-17 19:55 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-09-17 19:55 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-09-17 19:55 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-09-17 19:55 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-09-17 19:55 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-09-17 19:55 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-09-17 19:55 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-09-17 19:50 - 2015-09-19 14:46 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-09-17 19:49 - 2015-10-12 15:50 - 00000000 ____D C:\Users\User\AppData\Local\Glyph
2015-09-17 19:49 - 2015-10-12 15:50 - 00000000 ____D C:\Program Files (x86)\Glyph
2015-09-17 19:49 - 2015-10-11 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2015-09-17 19:49 - 2015-10-11 21:41 - 00000000 ____D C:\ProgramData\Glyph
2015-09-17 14:20 - 2015-09-17 14:20 - 00000000 ____D C:\Users\User\AppData\Local\GWX
2015-09-17 14:17 - 2015-10-12 09:02 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-09-17 14:16 - 2015-10-11 21:41 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-09-17 14:16 - 2015-09-17 14:20 - 00004744 _____ C:\Windows\system32\lvcoinst.log
2015-09-17 12:39 - 2015-10-11 21:42 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2015-09-17 12:39 - 2015-10-11 21:06 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-09-17 12:38 - 2012-03-14 06:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMA5.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkSE.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkID.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkGR.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkFI.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLkTR.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLkTH.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLkNO.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLkKR.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLkDK.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLkAR.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00002048 _____ (Canon Inc.) C:\Windows\system32\CNCFLkTW.DLL
2015-09-17 12:37 - 2009-11-25 16:56 - 00002048 _____ (Canon Inc.) C:\Windows\system32\CNCFLkCN.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkRU.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkPT.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkPL.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkNL.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkIT.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkFR.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkES.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkDE.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLkHU.DLL
2015-09-17 12:37 - 2009-11-25 16:55 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLkCZ.DLL
2015-09-17 12:37 - 2009-10-22 12:33 - 00343552 _____ (Canon Inc.) C:\Windows\system32\CNCF2Lk.DLL
2015-09-17 12:37 - 2009-10-22 12:30 - 00182272 _____ (Canon Inc.) C:\Windows\system32\CNCFMSk.EXE
2015-09-17 12:37 - 2009-10-22 12:30 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLkUS.DLL
2015-09-17 12:37 - 2009-10-22 12:30 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLkJP.DLL
2015-09-17 12:36 - 2011-01-06 14:09 - 01324544 _____ (CANON INC.) C:\Windows\system32\CNC340C.dll
2015-09-17 12:36 - 2011-01-06 14:09 - 00109568 _____ (CANON INC.) C:\Windows\system32\CNC340I.dll
2015-09-17 12:36 - 2011-01-06 14:07 - 00102400 _____ (CANON INC.) C:\Windows\SysWOW64\CNC340U.dll
2015-09-17 12:36 - 2009-10-19 17:30 - 00346624 _____ (CANON INC.) C:\Windows\system32\CNC340L.dll
2015-09-17 12:36 - 2009-10-19 17:29 - 00307200 _____ (CANON INC.) C:\Windows\SysWOW64\CNC340L.dll
2015-09-17 12:36 - 2009-06-23 15:35 - 00014592 _____ C:\Windows\SysWOW64\CNC1741D.TBL
2015-09-17 12:36 - 2009-06-23 15:35 - 00014592 _____ C:\Windows\system32\CNC1741D.TBL
2015-09-17 12:36 - 2008-08-25 19:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-09-17 12:36 - 2008-08-25 19:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-09-17 12:31 - 2015-09-17 12:31 - 00000000 ____D C:\Users\User\AppData\Local\PDFCreator
2015-09-16 17:13 - 2015-09-16 17:13 - 00000000 ____D C:\Users\User\AppData\LocalLow\Adobe
2015-09-16 17:13 - 2015-09-16 17:13 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2015-09-16 16:31 - 2015-10-11 21:07 - 00000000 ____D C:\Users\User\AppData\LocalLow\Sun
2015-09-16 16:30 - 2015-10-12 15:06 - 00001947 _____ C:\Users\Tech Support\Desktop\Moonlight.lnk
2015-09-16 16:30 - 2015-10-11 21:41 - 00000000 ____D C:\Users\User\AppData\Roaming\gentek
2015-09-16 16:30 - 2015-10-11 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moonlight
2015-09-16 16:29 - 2015-10-12 15:06 - 00000000 ____D C:\Program Files (x86)\Moonlight
2015-09-16 16:04 - 2015-07-31 00:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-16 16:04 - 2015-07-31 00:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-16 15:39 - 2015-08-06 04:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-16 15:39 - 2015-08-06 04:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-16 15:39 - 2015-08-06 04:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-16 15:39 - 2015-08-06 04:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-16 15:39 - 2015-07-15 14:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-16 15:39 - 2015-07-15 13:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-16 15:39 - 2015-07-10 04:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-16 15:39 - 2015-07-10 04:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-16 15:39 - 2015-07-10 04:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-16 15:39 - 2015-07-10 04:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-16 15:38 - 2015-08-18 12:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-16 15:38 - 2015-08-18 12:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-16 15:38 - 2015-08-15 17:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-16 15:38 - 2015-08-15 17:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-16 15:38 - 2015-08-15 17:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-16 15:38 - 2015-08-15 17:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-16 15:38 - 2015-08-15 17:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-16 15:38 - 2015-08-15 17:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-16 15:38 - 2015-08-15 17:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-16 15:38 - 2015-08-15 17:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-16 15:38 - 2015-08-15 17:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-16 15:38 - 2015-08-15 17:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-16 15:38 - 2015-08-15 17:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-16 15:38 - 2015-08-15 17:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-16 15:38 - 2015-08-15 17:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-16 15:38 - 2015-08-15 17:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-16 15:38 - 2015-08-15 17:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-16 15:38 - 2015-08-15 17:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-16 15:38 - 2015-08-15 16:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-16 15:38 - 2015-08-15 16:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-16 15:38 - 2015-08-15 16:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-16 15:38 - 2015-08-15 16:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-16 15:38 - 2015-08-15 16:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-16 15:38 - 2015-08-15 16:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-16 15:38 - 2015-08-15 16:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-16 15:38 - 2015-08-15 16:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-16 15:38 - 2015-08-15 16:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-16 15:38 - 2015-08-15 16:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-16 15:38 - 2015-08-15 16:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-16 15:38 - 2015-08-15 16:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-16 15:38 - 2015-08-15 16:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-16 15:38 - 2015-08-15 16:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-16 15:38 - 2015-08-15 16:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-16 15:38 - 2015-08-15 16:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-16 15:38 - 2015-08-15 16:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-16 15:38 - 2015-08-15 16:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-16 15:38 - 2015-08-15 16:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-16 15:38 - 2015-08-15 16:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-16 15:38 - 2015-08-15 16:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-16 15:38 - 2015-08-15 16:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-16 15:38 - 2015-08-15 16:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-16 15:38 - 2015-08-15 16:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-16 15:38 - 2015-08-15 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-16 15:38 - 2015-08-15 16:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-16 15:38 - 2015-08-15 16:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-16 15:38 - 2015-08-15 16:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-16 15:38 - 2015-08-15 16:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-16 15:38 - 2015-08-15 16:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-16 15:38 - 2015-08-15 16:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-16 15:38 - 2015-08-15 16:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-16 15:38 - 2015-08-15 16:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-16 15:38 - 2015-08-15 16:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-16 15:38 - 2015-08-15 15:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-16 15:38 - 2015-08-15 15:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-16 15:38 - 2015-08-15 15:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-16 15:38 - 2015-08-15 15:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-16 15:38 - 2015-08-15 15:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-16 15:37 - 2015-08-15 17:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-16 15:37 - 2015-08-15 17:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-16 15:37 - 2015-08-15 16:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-16 15:27 - 2015-07-23 11:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-16 15:27 - 2015-07-23 11:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-16 15:27 - 2015-07-23 11:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-16 15:27 - 2015-07-23 11:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-16 15:27 - 2015-07-23 11:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-16 15:27 - 2015-07-23 11:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-16 15:27 - 2015-07-23 11:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-16 15:27 - 2015-07-23 11:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-16 15:27 - 2015-07-23 11:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-16 15:27 - 2015-07-23 11:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-16 15:27 - 2015-07-23 11:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-16 15:27 - 2015-07-23 11:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-16 15:27 - 2015-07-23 11:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-16 15:27 - 2015-07-23 11:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-16 15:27 - 2015-07-23 10:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-16 15:27 - 2015-07-23 10:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 10:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-16 15:27 - 2015-07-23 04:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-16 15:27 - 2015-07-23 04:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-16 15:27 - 2015-07-23 04:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-16 15:27 - 2015-07-23 04:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-16 15:27 - 2015-07-23 04:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-16 15:27 - 2015-07-23 04:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-16 15:27 - 2015-07-23 04:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-16 15:27 - 2015-07-23 04:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-16 15:27 - 2015-07-23 04:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-16 15:27 - 2015-07-23 04:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-16 15:27 - 2015-07-23 04:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-16 15:27 - 2015-07-23 04:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-16 15:27 - 2015-07-23 04:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 04:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 03:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-16 15:27 - 2015-07-23 03:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-16 15:27 - 2015-07-23 03:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-16 15:27 - 2015-07-23 03:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-16 15:27 - 2015-07-23 03:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-16 15:27 - 2015-07-23 03:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-16 15:27 - 2015-07-23 03:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 03:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 03:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-16 15:27 - 2015-07-23 03:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-16 15:26 - 2015-08-28 05:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-16 15:26 - 2015-08-28 05:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-16 15:26 - 2015-08-28 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-16 15:26 - 2015-08-28 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-16 15:26 - 2015-08-28 04:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-16 15:26 - 2015-08-28 04:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-16 15:26 - 2015-08-28 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-16 15:26 - 2015-08-28 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-16 15:26 - 2015-08-05 05:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-16 15:26 - 2015-08-05 05:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-16 15:26 - 2015-08-05 04:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-16 15:26 - 2015-08-05 04:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-16 15:26 - 2015-08-05 04:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-16 15:26 - 2015-08-05 04:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-16 15:26 - 2015-08-05 04:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-16 15:26 - 2015-08-05 04:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-16 15:26 - 2015-08-05 03:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-16 15:26 - 2015-06-25 21:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-16 15:26 - 2015-06-25 21:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-16 15:26 - 2015-06-25 21:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-16 15:26 - 2015-06-25 20:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-16 15:20 - 2015-09-02 14:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-16 15:20 - 2015-09-02 14:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-16 15:20 - 2015-09-02 14:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-16 15:20 - 2015-09-02 14:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-16 15:20 - 2015-09-02 13:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-16 15:20 - 2015-09-02 13:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-16 15:20 - 2015-09-02 13:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-16 15:20 - 2015-09-02 13:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-16 15:20 - 2015-09-02 12:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-16 15:20 - 2015-09-02 12:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-16 15:20 - 2015-09-02 12:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-16 15:18 - 2015-08-27 05:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-16 15:18 - 2015-08-27 05:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-16 15:18 - 2015-08-27 05:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-16 15:18 - 2015-08-27 05:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-16 15:18 - 2015-08-27 05:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-16 15:18 - 2015-08-27 05:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-16 15:18 - 2015-08-27 05:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-16 15:18 - 2015-08-27 05:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-16 15:18 - 2015-08-27 05:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-16 15:18 - 2015-08-27 05:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-16 15:18 - 2015-08-27 05:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-16 15:18 - 2015-08-27 04:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-16 15:18 - 2015-08-27 04:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-16 15:18 - 2015-08-27 04:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-16 15:18 - 2015-08-27 04:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-16 15:18 - 2015-08-27 04:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-16 15:02 - 2015-10-12 15:52 - 00000000 ____D C:\Users\User\AppData\Roaming\Windows Live Writer
2015-09-16 15:02 - 2015-09-16 15:02 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live Writer
2015-09-16 14:55 - 2015-07-17 06:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-16 14:55 - 2015-07-17 06:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-09-16 14:55 - 2015-07-17 06:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-16 14:55 - 2015-07-17 06:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-16 14:55 - 2015-07-17 06:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-09-16 14:55 - 2015-07-17 06:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-16 14:55 - 2015-07-12 00:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-09-16 14:53 - 2015-07-29 07:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-16 14:53 - 2015-07-29 07:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-16 14:53 - 2015-07-29 07:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-16 14:53 - 2015-07-29 07:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-16 14:53 - 2015-07-29 07:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-16 14:53 - 2015-07-29 07:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-16 14:53 - 2015-07-29 07:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-16 14:53 - 2015-07-29 06:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-16 14:53 - 2015-06-04 07:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-09-16 14:53 - 2015-06-02 11:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-09-16 14:53 - 2015-06-02 10:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-09-16 14:53 - 2015-04-18 14:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-09-16 14:53 - 2015-04-18 13:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-09-16 14:51 - 2015-07-16 05:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-16 14:51 - 2015-07-16 05:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-16 14:51 - 2015-07-16 05:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-16 14:51 - 2015-04-30 05:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-09-16 14:51 - 2015-04-30 05:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-09-16 14:51 - 2015-04-30 05:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-09-16 14:51 - 2015-04-30 05:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-09-16 14:51 - 2015-04-30 05:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-09-16 14:51 - 2015-04-30 05:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-09-16 14:51 - 2015-04-30 05:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-09-16 14:51 - 2015-04-30 05:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-09-16 14:51 - 2015-04-30 05:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-09-16 14:51 - 2015-04-30 05:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-09-16 14:51 - 2015-04-13 14:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-09-16 14:49 - 2015-09-16 14:49 - 00000000 ____D C:\Users\User\AppData\Roaming\MPC-HC
2015-09-16 14:48 - 2015-05-26 05:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-09-16 14:48 - 2015-05-26 05:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-09-16 14:48 - 2015-05-26 05:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-09-16 14:48 - 2015-05-26 05:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-09-16 14:48 - 2015-05-26 05:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-09-16 14:48 - 2015-05-26 05:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-09-16 14:48 - 2015-05-26 05:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-09-16 14:48 - 2015-05-26 05:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-09-16 14:48 - 2015-05-26 05:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-09-16 14:48 - 2015-05-26 05:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-09-16 14:48 - 2015-05-26 05:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-09-16 14:48 - 2015-05-26 05:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-09-16 14:47 - 2015-06-10 05:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-09-16 14:47 - 2015-06-10 05:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-09-16 14:44 - 2015-07-15 14:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-16 14:40 - 2015-10-11 21:07 - 00000000 ____D C:\Users\User\AppData\Roaming\LibreOffice
2015-09-16 14:38 - 2015-07-05 05:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-09-16 14:38 - 2015-07-05 04:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-09-16 14:38 - 2015-07-02 07:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-16 14:38 - 2015-07-02 07:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-16 14:38 - 2015-07-02 07:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-16 14:38 - 2015-07-02 07:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-16 14:38 - 2015-06-18 04:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-16 14:38 - 2015-06-18 04:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-16 14:38 - 2015-04-28 06:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-09-16 14:38 - 2015-04-28 06:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-09-16 14:38 - 2015-04-28 06:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-09-16 14:38 - 2015-04-28 06:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-09-16 14:38 - 2015-04-28 06:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-09-16 14:38 - 2015-04-28 06:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-09-16 14:38 - 2015-04-28 06:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-09-16 14:38 - 2015-04-28 06:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-09-16 14:38 - 2015-04-25 05:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-09-16 14:38 - 2015-04-25 04:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-09-16 14:35 - 2015-06-16 08:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-09-16 14:35 - 2015-06-16 08:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-09-16 14:35 - 2015-06-16 08:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-09-16 14:35 - 2015-06-16 08:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-09-16 14:35 - 2015-06-16 08:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-09-16 14:35 - 2015-06-16 08:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-09-16 14:35 - 2015-06-16 08:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-09-16 14:35 - 2015-06-16 08:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-09-16 14:34 - 2015-07-31 05:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-16 14:34 - 2015-07-31 05:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-16 14:34 - 2015-07-31 05:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-16 14:34 - 2015-07-31 04:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-16 14:34 - 2015-07-31 04:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-16 14:33 - 2015-07-10 04:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-16 14:33 - 2015-07-10 04:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-16 14:33 - 2015-07-10 04:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-16 14:33 - 2015-02-18 18:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-09-16 14:33 - 2015-02-18 18:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-09-16 14:14 - 2015-09-16 14:14 - 00000476 _____ C:\Users\User\Desktop\Local Disk © - Shortcut.lnk
2015-09-16 14:14 - 2015-09-16 14:14 - 00000462 _____ C:\Users\User\Desktop\TeraByte (E) - Shortcut.lnk
2015-09-16 14:14 - 2015-09-16 14:14 - 00000328 _____ C:\Users\User\Desktop\CD Drive - Shortcut.lnk
2015-09-16 14:13 - 2015-09-16 14:13 - 00000355 _____ C:\Users\User\Desktop\Computer - Shortcut.lnk
2015-09-16 13:42 - 2015-10-11 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-16 13:37 - 2015-10-12 16:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-16 13:37 - 2015-10-12 13:17 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-16 13:37 - 2015-10-12 12:42 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-16 13:37 - 2015-10-11 21:07 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-09-16 13:37 - 2015-10-11 21:03 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-16 13:37 - 2015-09-16 13:37 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 13:37 - 2015-09-16 13:37 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 13:36 - 2015-10-11 21:41 - 00000000 ____D C:\Users\User\AppData\Local\Apps\2.0
2015-09-16 13:36 - 2015-09-16 13:37 - 00000000 ____D C:\Users\User\AppData\Local\Deployment
2015-09-16 13:36 - 2015-04-11 14:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-09-16 13:35 - 2015-03-04 15:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-09-16 13:35 - 2015-03-04 15:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-09-16 13:35 - 2015-03-04 15:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-09-16 13:35 - 2015-03-04 15:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-09-16 13:35 - 2015-03-04 15:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-09-16 13:35 - 2015-03-04 15:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-09-16 13:35 - 2015-03-04 15:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-09-14 20:49 - 2014-05-20 13:32 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-09-14 20:49 - 2014-05-20 13:32 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-09-14 20:49 - 2014-05-20 13:32 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-09-14 19:43 - 2015-07-11 04:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-14 19:43 - 2015-07-11 04:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-14 19:10 - 2015-10-11 21:59 - 00073640 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-14 19:04 - 2015-09-14 19:04 - 00003044 _____ C:\Windows\system32\RaCoInst.log
2015-09-14 19:03 - 2014-12-08 20:26 - 02225808 _____ (MediaTek Inc.) C:\Windows\system32\Drivers\netr28ux.sys
2015-09-14 19:03 - 2014-11-29 03:06 - 00079216 _____ C:\Windows\system32\Drivers\FW_7662.bin
2015-09-14 19:03 - 2014-08-07 03:17 - 00334992 _____ (Mediatek Inc.) C:\Windows\system32\RaCoInstx.dll
2015-09-14 19:03 - 2014-08-07 03:17 - 00016103 _____ C:\Windows\system32\RaCoInst.dat
2015-09-14 19:03 - 2014-07-24 20:08 - 00020626 _____ C:\Windows\system32\Drivers\Patch_7662.bin
2015-09-14 19:03 - 2010-01-07 21:20 - 00448512 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTL8187.sys
2015-09-14 19:02 - 2015-09-14 21:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-14 19:02 - 2015-06-30 09:53 - 00072904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-09-14 19:02 - 2015-06-30 09:53 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-09-14 19:02 - 2015-06-30 07:42 - 06783304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-09-14 19:02 - 2015-06-30 07:42 - 03522192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-09-14 19:02 - 2015-06-30 07:42 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-09-14 19:02 - 2015-06-30 07:42 - 00932040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-09-14 19:02 - 2015-06-30 07:42 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-09-14 19:02 - 2015-06-30 07:42 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-09-14 19:02 - 2015-06-29 22:02 - 04437364 _____ C:\Windows\system32\nvcoproc.bin
2015-09-14 19:00 - 2015-10-11 21:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-14 19:00 - 2015-09-14 19:00 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-14 18:59 - 2015-06-30 09:53 - 31514312 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 24200336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 16128768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 15294280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 13916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 12896400 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-09-14 18:59 - 2015-06-30 09:53 - 11272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 04245832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 03986632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 00945480 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 00907464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 00903496 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 00870032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-09-14 18:59 - 2015-06-30 09:53 - 00026155 _____ C:\Windows\system32\nvinfo.pb
2015-09-14 18:58 - 2015-06-30 09:53 - 22992072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-09-14 18:58 - 2015-06-30 09:53 - 03209736 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-09-14 18:58 - 2015-06-30 09:53 - 02823992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-09-14 18:58 - 2015-06-30 09:53 - 01907400 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434174.dll
2015-09-14 18:58 - 2015-06-30 09:53 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434174.dll
2015-09-14 18:57 - 2015-10-11 21:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-09-14 18:57 - 2015-10-11 21:42 - 00000000 ____D C:\Windows\system32\DAX2
2015-09-14 18:57 - 2015-10-11 21:41 - 00000000 ____D C:\Program Files\Realtek
2015-09-14 18:57 - 2015-09-14 18:57 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-14 18:57 - 2009-07-16 21:38 - 00015416 _____ () C:\Windows\system32\Drivers\ASACPI.sys
2015-09-14 18:55 - 2015-07-30 15:05 - 13120760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 12986528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 05777200 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 05408752 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 05289952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 03299824 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 03233472 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 02984208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 02823280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 02630904 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 02492152 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 02423480 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 02190992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01435152 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01395768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01334384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01331336 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01211840 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01164336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 01122648 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00998032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00961016 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00923752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00888480 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00874736 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00749776 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00699072 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00645456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00596120 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00569440 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-09-14 18:55 - 2015-07-30 15:05 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00500560 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00448592 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00362064 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00341160 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00340648 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00327464 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00310432 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00224264 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00195192 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00172584 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00084624 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-09-14 18:55 - 2015-07-30 15:05 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 72121872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-09-14 18:55 - 2015-07-30 15:02 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 04577024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-09-14 18:55 - 2015-07-30 15:02 - 02946304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 02711296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-09-14 18:55 - 2015-07-30 15:02 - 02110600 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 01759488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 00953728 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 00831352 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 00358272 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 00259288 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 00118600 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
2015-09-14 18:55 - 2015-07-30 15:02 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-09-14 18:55 - 2015-07-30 12:53 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-09-14 18:55 - 2015-07-30 12:53 - 03653631 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-09-14 18:55 - 2015-07-30 12:53 - 03200501 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2015-09-14 18:55 - 2014-01-12 20:05 - 00086016 _____ (Nuvoton Technology Corp.) C:\Windows\system32\Drivers\nuvserial.sys
2015-09-14 18:55 - 2014-01-12 20:05 - 00023552 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\nuvserenum.sys
2015-09-14 18:54 - 2013-01-22 03:53 - 00398816 _____ (Marvell) C:\Windows\system32\Drivers\yk62x64.sys
2015-09-14 18:54 - 2012-09-18 01:05 - 00123704 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2015-09-14 18:51 - 2015-09-14 18:51 - 00000060 _____ C:\Users\Public\Desktop\Please Leave Us Feedback - Azztech Computers.url
2015-09-14 18:51 - 2014-08-24 13:58 - 00043254 _____ C:\Windows\system32\oemlogo.bmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-12 16:45 - 2009-07-14 15:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-12 16:45 - 2009-07-14 15:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-12 09:12 - 2015-08-27 11:49 - 01829496 _____ C:\Windows\WindowsUpdate.log
2015-10-12 09:10 - 2009-07-14 16:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-12 09:03 - 2009-07-14 16:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-12 01:25 - 2015-04-19 20:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-12 01:25 - 2015-04-19 20:25 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-11 21:55 - 2015-09-11 03:05 - 00000000 ____D C:\Users\Wendy
2015-10-11 21:55 - 2015-04-19 20:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-11 21:55 - 2015-04-19 20:58 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-10-11 21:55 - 2015-04-19 20:57 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-10-11 21:55 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\servicing
2015-10-11 21:49 - 2015-04-18 19:08 - 00000000 ____D C:\Users\Tech Support
2015-10-11 21:49 - 2011-04-12 19:28 - 00000000 ____D C:\Windows\ShellNew
2015-10-11 21:49 - 2009-07-14 16:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-11 21:49 - 2009-07-14 16:32 - 00000000 ____D C:\Windows\Offline Web Pages
2015-10-11 21:49 - 2009-07-14 16:32 - 00000000 ____D C:\Windows\addins
2015-10-11 21:49 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-10-11 21:49 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-10-11 21:49 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-10-11 21:49 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-10-11 21:49 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-10-11 21:49 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 __RSD C:\Windows\Media
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\TAPI
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\sppui
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\Recovery
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\ras
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\icsxml
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\sppui
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\Setup
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\ras
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\oobe
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\migwiz
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\manifeststore
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\icsxml
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\ias
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\com
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\Cursors
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-10-11 21:49 - 2009-07-14 14:20 - 00000000 ____D C:\Program Files\Common Files\Services
2015-10-11 21:48 - 2015-04-19 20:25 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-11 21:48 - 2015-04-19 20:25 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-11 21:48 - 2011-04-12 19:28 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-11 21:48 - 2009-07-14 16:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-10-11 21:48 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-10-11 21:48 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-10-11 21:48 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\bg-BG
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\uk-UA
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\th-TH
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\sl-SI
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\sk-SK
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\ro-RO
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\lv-LV
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\lt-LT
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\hr-HR
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\he-IL
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\et-EE
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\Dism
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\bg-BG
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\ar-SA
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\rescache
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\L2Schemas
2015-10-11 21:48 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\IME
2015-10-11 21:43 - 2011-04-12 19:17 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-10-11 21:43 - 2011-04-12 19:17 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-10-11 21:43 - 2011-04-12 19:17 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-10-11 21:43 - 2011-04-12 19:17 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-10-11 21:43 - 2011-04-12 19:17 - 00000000 ____D C:\Windows\system32\winrm
2015-10-11 21:43 - 2011-04-12 19:17 - 00000000 ____D C:\Windows\system32\WCN
2015-10-11 21:43 - 2011-04-12 19:17 - 00000000 ____D C:\Windows\system32\slmgr
2015-10-11 21:43 - 2009-07-14 16:32 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2015-10-11 21:43 - 2009-07-14 16:32 - 00000000 ____D C:\Windows\system32\WindowsPowerShell
2015-10-11 21:43 - 2009-07-14 16:32 - 00000000 ____D C:\Windows\system32\restore
2015-10-11 21:43 - 2009-07-14 16:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\spp
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\NetworkList
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\Msdtc
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\SysWOW64\IME
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\spp
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\spool
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\Speech
2015-10-11 21:43 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\SMI
2015-10-11 21:42 - 2011-04-12 19:17 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-10-11 21:42 - 2009-07-14 16:32 - 00000000 ____D C:\Windows\Performance
2015-10-11 21:42 - 2009-07-14 15:45 - 00000000 ____D C:\Windows\Setup
2015-10-11 21:42 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\NetworkList
2015-10-11 21:42 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-11 21:42 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\MUI
2015-10-11 21:42 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\IME
2015-10-11 21:42 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\Speech
2015-10-11 21:42 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\security
2015-10-11 21:42 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\schemas
2015-10-11 21:42 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\Resources
2015-10-11 21:42 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\PLA
2015-10-11 21:41 - 2015-08-27 11:58 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-11 21:41 - 2015-08-27 11:58 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-11 21:41 - 2015-04-20 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-10-11 21:41 - 2015-04-20 00:08 - 00000000 ____D C:\Program Files\PDFCreator
2015-10-11 21:41 - 2015-04-19 21:15 - 00000000 ____D C:\Windows\en
2015-10-11 21:41 - 2015-04-19 21:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-10-11 21:41 - 2015-04-19 21:14 - 00000000 ____D C:\Program Files\Windows Live
2015-10-11 21:41 - 2015-04-19 21:14 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-10-11 21:41 - 2015-04-19 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-11 21:41 - 2015-04-19 20:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-10-11 21:41 - 2015-04-19 20:57 - 00000000 ____D C:\Program Files\CDBurnerXP
2015-10-11 21:41 - 2015-04-19 20:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-11 21:41 - 2015-04-19 20:51 - 00000000 ____D C:\ProgramData\Skype
2015-10-11 21:41 - 2015-04-19 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-11 21:41 - 2015-04-19 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-11 21:41 - 2015-04-19 20:50 - 00000000 ____D C:\Program Files\CCleaner
2015-10-11 21:41 - 2015-04-19 20:50 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2015-10-11 21:41 - 2015-04-19 20:50 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-11 21:41 - 2015-04-19 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-11 21:41 - 2015-04-19 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-11 21:41 - 2015-04-19 20:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-11 21:41 - 2015-04-19 20:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-11 21:41 - 2015-04-18 19:53 - 00000000 ____D C:\Program Files\DIFX
2015-10-11 21:41 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-11 21:41 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files\MSBuild
2015-10-11 21:41 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-10-11 21:41 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-11 21:41 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\Help
2015-10-11 21:41 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\Globalization
2015-10-11 21:41 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\Branding
2015-10-11 21:41 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\AppCompat
2015-10-11 21:41 - 2009-07-14 14:20 - 00000000 ____D C:\Program Files\Windows NT
2015-10-11 21:41 - 2009-07-14 14:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-11 21:41 - 2009-07-14 14:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-10-11 21:34 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\registration
2015-10-11 21:21 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\Web
2015-10-11 21:21 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\Vss
2015-10-11 21:07 - 2015-08-27 11:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2015-10-11 21:07 - 2015-08-27 11:58 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2015-10-11 21:07 - 2015-04-19 20:49 - 00000000 ____D C:\ProgramData\Oracle
2015-10-11 21:07 - 2009-07-14 14:20 - 00000000 __RHD C:\Users\Default
2015-10-11 21:06 - 2015-04-19 23:47 - 00000000 ____D C:\ProgramData\Adobe
2015-10-11 21:06 - 2015-04-19 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-11 21:06 - 2015-04-18 19:53 - 00000000 ____D C:\Program Files\STMicroelectronics
2015-10-11 21:05 - 2015-04-19 20:50 - 00000000 ____D C:\Program Files\Java
2015-10-11 21:05 - 2009-07-14 14:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-10-11 21:04 - 2015-04-19 21:14 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-11 21:04 - 2015-04-19 20:56 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2015-10-11 21:04 - 2015-04-19 20:49 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-11 21:04 - 2015-04-19 08:04 - 00000000 ____D C:\Program Files (x86)\Intel
2015-10-11 21:04 - 2009-07-14 16:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-10-11 21:02 - 2015-04-19 23:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-11 20:42 - 2009-07-14 13:38 - 00000000 ____D C:\C
2015-10-11 20:27 - 2015-04-18 19:08 - 00000000 __SHD C:\Recovery
2015-10-08 17:26 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-09-30 17:40 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\Local\EmieUserList
2015-09-30 17:40 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\Local\EmieSiteList
2015-09-30 17:40 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\Local\EmieBrowserModeList
2015-09-18 20:44 - 2015-08-27 11:58 - 00002156 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-09-17 21:20 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieUserList
2015-09-17 21:20 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieSiteList
2015-09-17 21:20 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieBrowserModeList
2015-09-17 16:30 - 2015-04-19 12:36 - 00000000 ____D C:\Windows\Panther
2015-09-17 16:13 - 2015-09-10 17:58 - 00000000 ___HD C:\$Windows.~BT
2015-09-16 21:44 - 2015-04-19 20:50 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-16 20:43 - 2009-07-14 15:45 - 00328232 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-16 20:04 - 2015-04-19 08:40 - 00000000 ____D C:\Windows\system32\MRT
2015-09-16 17:37 - 2015-04-19 23:48 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-09-16 17:35 - 2015-04-19 23:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-09-16 16:02 - 2015-04-19 20:58 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-09-16 16:02 - 2015-04-19 20:58 - 00001945 _____ C:\Windows\epplauncher.mif
2015-09-16 13:35 - 2009-07-14 14:20 - 00000000 __RHD C:\Users\Public\Libraries
 
==================== Files in the root of some directories =======
 
2015-09-14 18:57 - 2015-09-14 18:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-11 18:08
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-10-2015 02
Ran by User (2015-10-12 16:53:43)
Running from C:\Users\User\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-08-27 00:58:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1885530009-3786166672-2374549280-500 - Administrator - Disabled)
Guest (S-1-5-21-1885530009-3786166672-2374549280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1885530009-3786166672-2374549280-1003 - Limited - Enabled)
Tech Support (S-1-5-21-1885530009-3786166672-2374549280-1000 - Administrator - Disabled) => C:\Users\Tech Support
User (S-1-5-21-1885530009-3786166672-2374549280-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Archeage (HKLM-x32\...\Glyph Archeage) (Version: - Trion Worlds, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CABAL2 (US) (HKLM-x32\...\CABAL2US) (Version: - ESTsoft Corp.)
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
IGG Web3D Player version 1.0.0.38 (HKU\S-1-5-21-1885530009-3786166672-2374549280-1001\...\IGG Web3D Player_is1) (Version: 1.0.0.38 - IGG, Inc.)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 18.8 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3372 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.1.0 - )
LibreOffice 4.4.2.2 (HKLM-x32\...\{99A395EF-A310-40BB-B7A3-E3FF07CC38FC}) (Version: 4.4.2.2 - The Document Foundation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1885530009-3786166672-2374549280-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My.com Game Center (HKU\S-1-5-21-1885530009-3786166672-2374549280-1001\...\MyComGames) (Version: 3.145 - My.com B.V.)
NVIDIA Graphics Driver 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.74 - NVIDIA Corporation)
NVIDIA Update 17.12.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 17.12.8 - NVIDIA Corporation)
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.)
skyforge_mycom (HKU\S-1-5-21-1885530009-3786166672-2374549280-1001\...\skyforge_mycom) (Version: 1.38 - My.com B.V.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

11-10-2015 22:11:17 Windows Backup
11-10-2015 22:17:16 Windows Update
11-10-2015 23:20:12 Windows Backup
12-10-2015 00:56:12 JRT Pre-Junkware Removal
12-10-2015 01:00:13 Windows Backup
12-10-2015 01:21:25 Windows Backup
12-10-2015 01:25:29 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 13:34 - 2009-06-11 08:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3BFADB47-9B77-4A7B-BC41-B52A15A9F489} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {47C52733-BB46-4E76-A6E8-A17DF1DFA895} - System32\Tasks\{17E2AA83-63E7-4565-9531-2E4990878DAB} => pcalua.exe -a "C:\Program Files (x86)\Moonlight\system\launcher.exe" -d C:\Users\User\Desktop
Task: {494FA3A7-47C8-46ED-9E1C-AB5FD5B41911} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {A1C91DD3-E4FA-4DA9-83F3-297230353535} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {CEF002FC-F477-4B38-A7CC-19FDB6BB9EB2} - System32\Tasks\Opera scheduled Autoupdate 1442834924 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {E72B0D21-E675-4F28-A4B3-D643E0A7708A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-21] (Piriform Ltd)
Task: {F6CD562E-B0D0-4D92-865A-CC4BC0ACDB2C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1885530009-3786166672-2374549280-1001

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-09-14 19:02 - 2015-06-30 07:42 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-26 05:52 - 2015-09-24 13:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-26 05:52 - 2015-09-24 13:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-10-01 22:29 - 2015-10-01 22:29 - 59639416 _____ () C:\Program Files (x86)\Opera\32.0.1948.69\opera.dll
2015-10-01 22:29 - 2015-10-01 22:29 - 01881208 _____ () C:\Program Files (x86)\Opera\32.0.1948.69\libglesv2.dll
2015-10-01 22:29 - 2015-10-01 22:29 - 00081528 _____ () C:\Program Files (x86)\Opera\32.0.1948.69\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1885530009-3786166672-2374549280-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EA49A65A-1772-4FBD-AB4B-B4506F0CAFB4}] => (Allow) C:\Users\Tech Support\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{36656995-78DE-4DC0-A92C-2464C0BC80D8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{520BAA9C-F068-43D7-8875-A0F559716ED9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6EDFEA1D-DD0D-4081-8431-D08510331856}] => (Allow) LPort=2869
FirewallRules: [{AE3B40CC-FCF3-4920-8388-F464D4B6B811}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{FF5DFB90-6F2D-46CB-9670-98451F4FC940}C:\program files (x86)\cabal2 (us)\c2launcher.exe] => (Allow) C:\program files (x86)\cabal2 (us)\c2launcher.exe
FirewallRules: [UDP Query User{33F84145-6989-4EF6-9D89-441471FAC457}C:\program files (x86)\cabal2 (us)\c2launcher.exe] => (Allow) C:\program files (x86)\cabal2 (us)\c2launcher.exe
FirewallRules: [TCP Query User{1C7CBB07-FB11-4F6F-BCD0-2E7A867200CC}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{4B6E976E-AEF9-4B0F-A2E4-FEDAFC30D465}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{5E32623C-4D77-49BE-B284-E48DA02A5EF1}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{F46737AD-477D-46A7-8BAC-B40BB2AD9E51}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{EDC77401-F4F7-499D-9C56-359B7B068DEC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{26206C63-8587-43AF-90D2-2A7FB5DAB0BC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/12/2015 02:20:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program tw_clients.exe version 0.0.0.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1cbc

Start Time: 01d1049c409b5447

Termination Time: 236

Application Path: C:\Program Files (x86)\Moonlight\system\tw_clients.exe

Report Id: 229dcc1d-7090-11e5-b4ec-0018f3e6c6a4

Error: (10/12/2015 09:15:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/12/2015 09:04:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/12/2015 01:11:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/12/2015 01:08:21 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: The remote procedure call failed. (0x800706BE).

Error: (10/12/2015 01:08:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine IVssAsync::QueryStatus. hr = 0x800706ba, The RPC server is unavailable.
.


Operation:
BackupComplete Event
Executing Asynchronous Operation

Context:
Current State: BackupComplete

Error: (10/11/2015 11:14:28 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: The system cannot find the file specified. (0x80070002).

Error: (10/11/2015 11:14:23 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: NT AUTHORITY)
Description: The backup operation that started at '2015-10-11T11:11:17.474925300Z' has failed with following error code '2147942402' (%%2147942402). Please review the event details for a solution, and then rerun the backup operation once the issue is resolved.

Error: (10/11/2015 10:31:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/11/2015 10:30:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


System errors:
=============
Error: (10/12/2015 04:39:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 4 time(s).

Error: (10/12/2015 04:39:59 PM) (Source: Microsoft Antimalware) (EventID: 5008) (User: )
Description: %%860 engine has been terminated due to an unexpected error.

Failure Type: %%830

Exception code: 0xc0000005

Resource: file:C:\Program Files (x86)\Glyph\Games\ArcheAge\Live\game_pak

Error: (10/12/2015 04:39:59 PM) (Source: Microsoft Antimalware) (EventID: 5008) (User: )
Description: %%860 engine has been terminated due to an unexpected error.

Failure Type: %%830

Exception code: 0xc0000005

Resource: file:C:\Program Files (x86)\Glyph\Games\ArcheAge\Live\game_pak

Error: (10/12/2015 04:39:59 PM) (Source: Microsoft Antimalware) (EventID: 5008) (User: )
Description: %%860 engine has been terminated due to an unexpected error.

Failure Type: %%831

Exception code:

Resource: file:C:\Program Files (x86)\Glyph\Games\ArcheAge\Live\game_pak

Error: (10/12/2015 04:36:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 3 time(s).

Error: (10/12/2015 04:36:43 PM) (Source: Microsoft Antimalware) (EventID: 5008) (User: )
Description: %%860 engine has been terminated due to an unexpected error.

Failure Type: %%830

Exception code: 0xc0000005

Resource: file:C:\Program Files (x86)\Glyph\Games\ArcheAge\Live\game_pak

Error: (10/12/2015 04:36:43 PM) (Source: Microsoft Antimalware) (EventID: 5008) (User: )
Description: %%860 engine has been terminated due to an unexpected error.

Failure Type: %%831

Exception code:

Resource: file:C:\Program Files (x86)\Glyph\Games\ArcheAge\Live\game_pak

Error: (10/12/2015 04:33:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s).

Error: (10/12/2015 04:33:27 PM) (Source: Microsoft Antimalware) (EventID: 5008) (User: )
Description: %%860 engine has been terminated due to an unexpected error.

Failure Type: %%831

Exception code:

Resource: file:C:\Program Files (x86)\Glyph\Games\ArcheAge\Live\game_pak

Error: (10/12/2015 04:01:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Run the configured recovery program.


==================== Memory info ===========================

Processor: Intel® Core™2 CPU 6600 @ 2.40GHz
Percentage of memory in use: 55%
Total physical RAM: 3199.12 MB
Available physical RAM: 1415.36 MB
Total Virtual: 6396.44 MB
Available Virtual: 4085.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.89 GB) (Free:129.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9FAAF6E0)
Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 14 October 2015 - 09:12 PM.


BC AdBot (Login to Remove)

 


#2 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 12 October 2015 - 02:42 AM

ok trying to un- install chrome but wont let me saying to close open pages yet Im not using chrome !!

 :(



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,049 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:34 AM

Posted 14 October 2015 - 09:21 PM

Greetings WenJac and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

If we needed to uninstall Archeage would you have the ability to reinstall it?

Please do this. If necessary, perform the steps in Safe Mode with Networking.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2015-10-04 18:30 - 2015-10-04 18:30 - 00003148 _____ C:\Windows\System32\Tasks\{17E2AA83-63E7-4565-9531-2E4990878DAB}
2015-09-14 18:57 - 2015-09-14 18:57 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-30 17:40 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\Local\EmieUserList
2015-09-30 17:40 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\Local\EmieSiteList
2015-09-30 17:40 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\Local\EmieBrowserModeList
2015-09-17 21:20 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieUserList
2015-09-17 21:20 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieSiteList
2015-09-17 21:20 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieBrowserModeList
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Run TDSSKiller by Kaspersky

--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

tdss1.png

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

tdss2.png

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

tdss4.png

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply even if no threats are found.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

===================================================

aswMBR

--------------------
  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.

aswMBR1.png

  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.

aswMBR2.png

  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

===================================================

Run Combofix in Vista/7

--------------------

Combofix is a very powerful tool and special attention must be taken to allow it to work properly. Please pay careful attention to the following instructions.
  • Please download ComboFix from one of these locations:

BleepingComputer
ForoSpyware

  • Save Combofix.exe to your Desktop <-- Important!!!
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Note: If after disabling Combofix warns you an Antivirus program is still running ignore the warning and run Combofix.
  • Double click on Combofix.exe and follow the prompts. It is important you do not mouseclick while the program is running or it may stall.
Note #1: Often times it may appear as if ComboFix has stopped working. To verify it is still running please do one of the following below. If, based on the below, you have concluded ComboFix has stopped running please stop and advise me.
  • Check your computer clock. If it is still running then so is ComboFix
  • Open Task Manager and select the Applications Tab. If the status of AutoScan is Running, then ComboFix is running
  • Open Task Manager and select the Processes Tab. Under Image Name look for files ending in .3xe. If there are fluctuating numbers under CPU and Mem Usage then ComboFix is running
Note #2: If you receive the following error "Illegal operation attempted on a registery key that has been marked for deletion" please just restart your computer to resolve this issue

If Combofix fails to run properly using the above instructions please attempt the following:
  • Right click on the Combofix icon on your desktop and select Delete
  • Download a new copy but rename it to freshcopy.exe first, then save it to your desktop
  • Now download RKill.exe (or RKill renamed as iExplore.exe if the first one doesn't work properly) and save it to your desktop
  • Restart your computer in Safe Mode
  • Right click on RKill (or iExplore) and select Run as Administrator. If you are using Windows XP simply double click the icon
  • A black DOS screen should flash and disappear. If not, try to launch the program with the second file. If neither works please stop and let me know
  • When RKill is finished running you will be presented with a text file and a copy will be saved on your desktop. Copy and paste the contents of this report in your reply
  • Do not reboot your computer
  • Double click the freshcopy.exe icon (renamed Combofix file)
  • When finished, it will produce a log. Please copy and paste the C:\Combofix.txt log information in your next reply
  • If you disabled your antivirus please enable it again. If you uninstalled it please wait for instructions to reinstall it
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • TDSSKiller report
  • aswmbr log
  • Combofix report
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 15 October 2015 - 01:04 AM

Hiya Gary

If AA needs to be un installed thats ok... I can re install.....and thank you :) 

 

First file : 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:14-10-2015 01
Ran by User (2015-10-15 17:01:41) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: Tech Support & User)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2015-10-04 18:30 - 2015-10-04 18:30 - 00003148 _____ C:\Windows\System32\Tasks\{17E2AA83-63E7-4565-9531-2E4990878DAB}
2015-09-14 18:57 - 2015-09-14 18:57 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-30 17:40 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\Local\EmieUserList
2015-09-30 17:40 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\Local\EmieSiteList
2015-09-30 17:40 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\Local\EmieBrowserModeList
2015-09-17 21:20 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieUserList
2015-09-17 21:20 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieSiteList
2015-09-17 21:20 - 2015-08-27 11:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieBrowserModeList
*****************
 
xhunter1 => service removed successfully
C:\Windows\System32\Tasks\{17E2AA83-63E7-4565-9531-2E4990878DAB} => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\User\AppData\Local\EmieUserList => moved successfully
C:\Users\User\AppData\Local\EmieSiteList => moved successfully
C:\Users\User\AppData\Local\EmieBrowserModeList => moved successfully
C:\Users\User\AppData\LocalLow\EmieUserList => moved successfully
C:\Users\User\AppData\LocalLow\EmieSiteList => moved successfully
C:\Users\User\AppData\LocalLow\EmieBrowserModeList => moved successfully
 
==== End of Fixlog 17:01:41 ====


#5 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 15 October 2015 - 01:15 AM

TDS File:

 

17:07:12.0099 0x06d0  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:07:21.0931 0x06d0  ============================================================
17:07:21.0931 0x06d0  Current date / time: 2015/10/15 17:07:21.0931
17:07:21.0931 0x06d0  SystemInfo:
17:07:21.0931 0x06d0  
17:07:21.0931 0x06d0  OS Version: 6.1.7601 ServicePack: 1.0
17:07:21.0931 0x06d0  Product type: Workstation
17:07:21.0931 0x06d0  ComputerName: USER-PC
17:07:21.0931 0x06d0  UserName: User
17:07:21.0931 0x06d0  Windows directory: C:\Windows
17:07:21.0931 0x06d0  System windows directory: C:\Windows
17:07:21.0931 0x06d0  Running under WOW64
17:07:21.0931 0x06d0  Processor architecture: Intel x64
17:07:21.0931 0x06d0  Number of processors: 2
17:07:21.0931 0x06d0  Page size: 0x1000
17:07:21.0931 0x06d0  Boot type: Normal boot
17:07:21.0931 0x06d0  ============================================================
17:07:24.0311 0x06d0  KLMD registered as C:\Windows\system32\drivers\07092145.sys
17:07:25.0598 0x06d0  System UUID: {2C0B6209-6271-3CA9-4AB4-2E36F79F2933}
17:07:26.0780 0x06d0  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:07:27.0201 0x06d0  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 ( 1863.01 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:07:27.0201 0x06d0  ============================================================
17:07:27.0201 0x06d0  \Device\Harddisk0\DR0:
17:07:27.0217 0x06d0  MBR partitions:
17:07:27.0217 0x06d0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6579A
17:07:27.0217 0x06d0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x65FA0, BlocksNum 0x253C8B10
17:07:27.0217 0x06d0  \Device\Harddisk1\DR1:
17:07:27.0217 0x06d0  MBR partitions:
17:07:27.0217 0x06d0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
17:07:27.0217 0x06d0  ============================================================
17:07:27.0295 0x06d0  C: <-> \Device\Harddisk0\DR0\Partition2
17:07:27.0311 0x06d0  E: <-> \Device\Harddisk1\DR1\Partition1
17:07:27.0311 0x06d0  ============================================================
17:07:27.0311 0x06d0  Initialize success
17:07:27.0311 0x06d0  ============================================================
17:08:25.0970 0x04c8  ============================================================
17:08:25.0970 0x04c8  Scan started
17:08:25.0970 0x04c8  Mode: Manual; 
17:08:25.0970 0x04c8  ============================================================
17:08:25.0970 0x04c8  KSN ping started
17:08:28.0961 0x04c8  KSN ping finished: true
17:08:30.0365 0x04c8  ================ Scan system memory ========================
17:08:30.0365 0x04c8  System memory - ok
17:08:30.0365 0x04c8  ================ Scan services =============================
17:08:30.0619 0x04c8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:08:30.0635 0x04c8  1394ohci - ok
17:08:30.0666 0x04c8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:08:30.0666 0x04c8  ACPI - ok
17:08:30.0681 0x04c8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:08:30.0681 0x04c8  AcpiPmi - ok
17:08:30.0791 0x04c8  [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:08:30.0837 0x04c8  AdobeARMservice - ok
17:08:30.0869 0x04c8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:08:30.0884 0x04c8  adp94xx - ok
17:08:30.0915 0x04c8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:08:30.0931 0x04c8  adpahci - ok
17:08:30.0947 0x04c8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:08:30.0947 0x04c8  adpu320 - ok
17:08:30.0978 0x04c8  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:08:30.0978 0x04c8  AeLookupSvc - ok
17:08:31.0009 0x04c8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:08:31.0025 0x04c8  AFD - ok
17:08:31.0040 0x04c8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:08:31.0040 0x04c8  agp440 - ok
17:08:31.0040 0x04c8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:08:31.0056 0x04c8  ALG - ok
17:08:31.0071 0x04c8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:08:31.0071 0x04c8  aliide - ok
17:08:31.0071 0x04c8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:08:31.0071 0x04c8  amdide - ok
17:08:31.0103 0x04c8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:08:31.0103 0x04c8  AmdK8 - ok
17:08:31.0118 0x04c8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:08:31.0118 0x04c8  AmdPPM - ok
17:08:31.0134 0x04c8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:08:31.0149 0x04c8  amdsata - ok
17:08:31.0165 0x04c8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:08:31.0165 0x04c8  amdsbs - ok
17:08:31.0181 0x04c8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:08:31.0212 0x04c8  amdxata - ok
17:08:31.0274 0x04c8  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
17:08:31.0274 0x04c8  AppID - ok
17:08:31.0290 0x04c8  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:08:31.0290 0x04c8  AppIDSvc - ok
17:08:31.0305 0x04c8  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
17:08:31.0305 0x04c8  Appinfo - ok
17:08:31.0305 0x04c8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
17:08:31.0321 0x04c8  arc - ok
17:08:31.0321 0x04c8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:08:31.0337 0x04c8  arcsas - ok
17:08:31.0415 0x04c8  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:08:31.0430 0x04c8  aspnet_state - ok
17:08:31.0461 0x04c8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:08:31.0461 0x04c8  AsyncMac - ok
17:08:31.0477 0x04c8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:08:31.0477 0x04c8  atapi - ok
17:08:31.0539 0x04c8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:08:31.0555 0x04c8  AudioEndpointBuilder - ok
17:08:31.0571 0x04c8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:08:31.0586 0x04c8  AudioSrv - ok
17:08:31.0633 0x04c8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:08:31.0633 0x04c8  AxInstSV - ok
17:08:31.0680 0x04c8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:08:31.0680 0x04c8  b06bdrv - ok
17:08:31.0711 0x04c8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:08:31.0711 0x04c8  b57nd60a - ok
17:08:31.0742 0x04c8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:08:31.0742 0x04c8  BDESVC - ok
17:08:31.0773 0x04c8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:08:31.0773 0x04c8  Beep - ok
17:08:31.0820 0x04c8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:08:31.0836 0x04c8  BFE - ok
17:08:31.0883 0x04c8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:08:31.0914 0x04c8  BITS - ok
17:08:31.0945 0x04c8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:08:31.0945 0x04c8  blbdrive - ok
17:08:31.0976 0x04c8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:08:31.0976 0x04c8  bowser - ok
17:08:31.0992 0x04c8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:08:31.0992 0x04c8  BrFiltLo - ok
17:08:32.0007 0x04c8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:08:32.0007 0x04c8  BrFiltUp - ok
17:08:32.0036 0x04c8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:08:32.0040 0x04c8  Browser - ok
17:08:32.0064 0x04c8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:08:32.0071 0x04c8  Brserid - ok
17:08:32.0087 0x04c8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:08:32.0089 0x04c8  BrSerWdm - ok
17:08:32.0103 0x04c8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:08:32.0105 0x04c8  BrUsbMdm - ok
17:08:32.0115 0x04c8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:08:32.0116 0x04c8  BrUsbSer - ok
17:08:32.0133 0x04c8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:08:32.0136 0x04c8  BTHMODEM - ok
17:08:32.0156 0x04c8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:08:32.0159 0x04c8  bthserv - ok
17:08:32.0176 0x04c8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:08:32.0179 0x04c8  cdfs - ok
17:08:32.0200 0x04c8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:08:32.0204 0x04c8  cdrom - ok
17:08:32.0224 0x04c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:08:32.0228 0x04c8  CertPropSvc - ok
17:08:32.0251 0x04c8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:08:32.0253 0x04c8  circlass - ok
17:08:32.0274 0x04c8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
17:08:32.0284 0x04c8  CLFS - ok
17:08:32.0334 0x04c8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:08:32.0338 0x04c8  clr_optimization_v2.0.50727_32 - ok
17:08:32.0368 0x04c8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:08:32.0372 0x04c8  clr_optimization_v2.0.50727_64 - ok
17:08:32.0425 0x04c8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:08:32.0429 0x04c8  clr_optimization_v4.0.30319_32 - ok
17:08:32.0448 0x04c8  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:08:32.0452 0x04c8  clr_optimization_v4.0.30319_64 - ok
17:08:32.0473 0x04c8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:08:32.0475 0x04c8  CmBatt - ok
17:08:32.0507 0x04c8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:08:32.0509 0x04c8  cmdide - ok
17:08:32.0569 0x04c8  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:08:32.0580 0x04c8  CNG - ok
17:08:32.0597 0x04c8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:08:32.0598 0x04c8  Compbatt - ok
17:08:32.0618 0x04c8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:08:32.0620 0x04c8  CompositeBus - ok
17:08:32.0633 0x04c8  COMSysApp - ok
17:08:32.0722 0x04c8  [ 620D32545DACFEE5C3FE9D9F10CC80F7, 170C9E1743E84F9CD2219F6142B9AB1EE4B23B2505DA8E7FADC712A9789DE4F5 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:08:32.0878 0x04c8  cphs - ok
17:08:32.0956 0x04c8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:08:32.0956 0x04c8  crcdisk - ok
17:08:32.0988 0x04c8  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:08:32.0988 0x04c8  CryptSvc - ok
17:08:33.0019 0x04c8  [ 7826702AF015D62A885139D66A268470, 7636CC2AB9F8FD2B31BC910838BEFD408ED555D55A9C73BFA02EF4EE3D77CE78 ] cvusbdrv        C:\Windows\system32\Drivers\cvusbdrv.sys
17:08:33.0019 0x04c8  cvusbdrv - ok
17:08:33.0081 0x04c8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:08:33.0099 0x04c8  DcomLaunch - ok
17:08:33.0125 0x04c8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:08:33.0141 0x04c8  defragsvc - ok
17:08:33.0157 0x04c8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:08:33.0157 0x04c8  DfsC - ok
17:08:33.0188 0x04c8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:08:33.0203 0x04c8  Dhcp - ok
17:08:33.0281 0x04c8  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
17:08:33.0328 0x04c8  DiagTrack - ok
17:08:33.0344 0x04c8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:08:33.0344 0x04c8  discache - ok
17:08:33.0391 0x04c8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
17:08:33.0391 0x04c8  Disk - ok
17:08:33.0406 0x04c8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:08:33.0406 0x04c8  Dnscache - ok
17:08:33.0422 0x04c8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:08:33.0437 0x04c8  dot3svc - ok
17:08:33.0469 0x04c8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:08:33.0469 0x04c8  DPS - ok
17:08:33.0500 0x04c8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:08:33.0500 0x04c8  drmkaud - ok
17:08:33.0562 0x04c8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:08:33.0578 0x04c8  DXGKrnl - ok
17:08:33.0625 0x04c8  [ 1BEF2C2E229452EC49FFE5A27283341D, 7010273570BD38E578FCF1DD2EB00C21E8FA3504CE2342AEE3755F6EFC4581E9 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
17:08:33.0625 0x04c8  e1cexpress - ok
17:08:33.0671 0x04c8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:08:33.0671 0x04c8  EapHost - ok
17:08:33.0796 0x04c8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:08:33.0905 0x04c8  ebdrv - ok
17:08:33.0952 0x04c8  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS             C:\Windows\System32\lsass.exe
17:08:33.0952 0x04c8  EFS - ok
17:08:34.0015 0x04c8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:08:34.0030 0x04c8  ehRecvr - ok
17:08:34.0077 0x04c8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:08:34.0077 0x04c8  ehSched - ok
17:08:34.0139 0x04c8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:08:34.0139 0x04c8  elxstor - ok
17:08:34.0186 0x04c8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:08:34.0186 0x04c8  ErrDev - ok
17:08:34.0233 0x04c8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:08:34.0249 0x04c8  EventSystem - ok
17:08:34.0264 0x04c8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:08:34.0280 0x04c8  exfat - ok
17:08:34.0295 0x04c8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:08:34.0311 0x04c8  fastfat - ok
17:08:34.0358 0x04c8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:08:34.0373 0x04c8  Fax - ok
17:08:34.0389 0x04c8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:08:34.0389 0x04c8  fdc - ok
17:08:34.0420 0x04c8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:08:34.0420 0x04c8  fdPHost - ok
17:08:34.0436 0x04c8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:08:34.0436 0x04c8  FDResPub - ok
17:08:34.0451 0x04c8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:08:34.0451 0x04c8  FileInfo - ok
17:08:34.0467 0x04c8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:08:34.0467 0x04c8  Filetrace - ok
17:08:34.0483 0x04c8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:08:34.0498 0x04c8  flpydisk - ok
17:08:34.0514 0x04c8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:08:34.0514 0x04c8  FltMgr - ok
17:08:34.0720 0x04c8  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
17:08:34.0766 0x04c8  FontCache - ok
17:08:34.0829 0x04c8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:08:34.0829 0x04c8  FontCache3.0.0.0 - ok
17:08:34.0860 0x04c8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:08:34.0860 0x04c8  FsDepends - ok
17:08:34.0860 0x04c8  [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
17:08:34.0876 0x04c8  fssfltr - ok
17:08:35.0000 0x04c8  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:08:35.0063 0x04c8  fsssvc - ok
17:08:35.0078 0x04c8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:08:35.0078 0x04c8  Fs_Rec - ok
17:08:35.0110 0x04c8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:08:35.0110 0x04c8  fvevol - ok
17:08:35.0125 0x04c8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:08:35.0125 0x04c8  gagp30kx - ok
17:08:35.0172 0x04c8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:08:35.0203 0x04c8  gpsvc - ok
17:08:35.0219 0x04c8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:08:35.0219 0x04c8  hcw85cir - ok
17:08:35.0266 0x04c8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:08:35.0281 0x04c8  HdAudAddService - ok
17:08:35.0312 0x04c8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:08:35.0312 0x04c8  HDAudBus - ok
17:08:35.0312 0x04c8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:08:35.0312 0x04c8  HidBatt - ok
17:08:35.0344 0x04c8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:08:35.0344 0x04c8  HidBth - ok
17:08:35.0344 0x04c8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:08:35.0359 0x04c8  HidIr - ok
17:08:35.0390 0x04c8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:08:35.0390 0x04c8  hidserv - ok
17:08:35.0406 0x04c8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:08:35.0406 0x04c8  HidUsb - ok
17:08:35.0437 0x04c8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:08:35.0437 0x04c8  hkmsvc - ok
17:08:35.0468 0x04c8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:08:35.0468 0x04c8  HomeGroupListener - ok
17:08:35.0500 0x04c8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:08:35.0515 0x04c8  HomeGroupProvider - ok
17:08:35.0532 0x04c8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:08:35.0535 0x04c8  HpSAMD - ok
17:08:35.0582 0x04c8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:08:35.0599 0x04c8  HTTP - ok
17:08:35.0612 0x04c8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:08:35.0612 0x04c8  hwpolicy - ok
17:08:35.0635 0x04c8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:08:35.0639 0x04c8  i8042prt - ok
17:08:35.0678 0x04c8  [ 8BE099617DA18FE085A40D47FC156B1B, A5F7AB41D32DF8A12F1945C263EE954CE15069C3CFD7131C74A8A3F4EC3AC122 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
17:08:35.0693 0x04c8  iaStorA - ok
17:08:35.0711 0x04c8  [ 005C0887D8B57A19883E3ADEF5478F05, E4D53F6197F128C5A753DBA0592619893D93F87575678E9708830B04C4CE1553 ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
17:08:35.0712 0x04c8  iaStorF - ok
17:08:35.0735 0x04c8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:08:35.0746 0x04c8  iaStorV - ok
17:08:35.0824 0x04c8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:08:35.0859 0x04c8  idsvc - ok
17:08:35.0862 0x04c8  IEEtwCollectorService - ok
17:08:36.0033 0x04c8  [ 79DB4631AA247E791C7F0F085822B6C3, F4F6B7221987E9CC6F1FDA7FF47BD95916866334963CE5DE836493A3A5717451 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:08:36.0205 0x04c8  igfx - ok
17:08:36.0267 0x04c8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:08:36.0267 0x04c8  iirsp - ok
17:08:36.0330 0x04c8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:08:36.0345 0x04c8  IKEEXT - ok
17:08:36.0517 0x04c8  [ F4685811CB6D43B8DDFD570AEB37CDB3, 612ED62AA1216CA4E9BE5D7D9684D6AB20C5DB4F26267E7056E8BC96EDCAAC05 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:08:36.0641 0x04c8  IntcAzAudAddService - ok
17:08:36.0704 0x04c8  [ EC80E6B9E27DC3E22ED5B2E0E75A39C0, 8EEC89F88AE79DA256BB651983397773F6B25139006C8A7C8F77960F47774CF5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
17:08:36.0704 0x04c8  IntcDAud - ok
17:08:36.0719 0x04c8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:08:36.0719 0x04c8  intelide - ok
17:08:36.0751 0x04c8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:08:36.0751 0x04c8  intelppm - ok
17:08:36.0766 0x04c8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:08:36.0766 0x04c8  IPBusEnum - ok
17:08:36.0797 0x04c8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:08:36.0797 0x04c8  IpFilterDriver - ok
17:08:36.0829 0x04c8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:08:36.0844 0x04c8  iphlpsvc - ok
17:08:36.0844 0x04c8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:08:36.0844 0x04c8  IPMIDRV - ok
17:08:36.0875 0x04c8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:08:36.0875 0x04c8  IPNAT - ok
17:08:36.0927 0x04c8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:08:36.0927 0x04c8  IRENUM - ok
17:08:36.0958 0x04c8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:08:36.0958 0x04c8  isapnp - ok
17:08:36.0973 0x04c8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:08:36.0973 0x04c8  iScsiPrt - ok
17:08:37.0005 0x04c8  [ 753D39B1052BF731B6A0B72BD84D59D9, 662147EECDFE819A748B278AD6F4F4BA39763BFCF2CA9FD33719E44D6509986D ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
17:08:37.0005 0x04c8  JRAID - ok
17:08:37.0020 0x04c8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:08:37.0020 0x04c8  kbdclass - ok
17:08:37.0036 0x04c8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:08:37.0036 0x04c8  kbdhid - ok
17:08:37.0051 0x04c8  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso          C:\Windows\system32\lsass.exe
17:08:37.0051 0x04c8  KeyIso - ok
17:08:37.0083 0x04c8  [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:08:37.0098 0x04c8  KSecDD - ok
17:08:37.0114 0x04c8  [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:08:37.0114 0x04c8  KSecPkg - ok
17:08:37.0145 0x04c8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:08:37.0145 0x04c8  ksthunk - ok
17:08:37.0192 0x04c8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:08:37.0192 0x04c8  KtmRm - ok
17:08:37.0254 0x04c8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:08:37.0254 0x04c8  LanmanServer - ok
17:08:37.0285 0x04c8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:08:37.0301 0x04c8  LanmanWorkstation - ok
17:08:37.0317 0x04c8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:08:37.0332 0x04c8  lltdio - ok
17:08:37.0363 0x04c8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:08:37.0363 0x04c8  lltdsvc - ok
17:08:37.0395 0x04c8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:08:37.0395 0x04c8  lmhosts - ok
17:08:37.0410 0x04c8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:08:37.0410 0x04c8  LSI_FC - ok
17:08:37.0441 0x04c8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:08:37.0441 0x04c8  LSI_SAS - ok
17:08:37.0441 0x04c8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:08:37.0457 0x04c8  LSI_SAS2 - ok
17:08:37.0473 0x04c8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:08:37.0473 0x04c8  LSI_SCSI - ok
17:08:37.0488 0x04c8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:08:37.0504 0x04c8  luafv - ok
17:08:37.0660 0x04c8  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
17:08:37.0816 0x04c8  LVUVC64 - ok
17:08:37.0863 0x04c8  [ 1653BBFB74A9288B5D35D067EAB0FF5D, 9C5C5FB88D8235546B60213B6E00C5ACF06719A9CCF32290CD710EE4AD6CE8E4 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:08:37.0863 0x04c8  MBAMProtector - ok
17:08:37.0941 0x04c8  [ FCD44DA5D9292CCCE1BA5497A201E7E2, 0F33298915AED08E1968A229645979C6916F2FD640915C9946D43D042A4F1F23 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
17:08:37.0987 0x04c8  MBAMScheduler - ok
17:08:38.0034 0x04c8  [ 6A7F3A608A77728DEAFE3FED33860AA0, 719FAA862E3B5701AF64959B63C0F8642741631130A1787344731DD9DF7FFBF6 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
17:08:38.0081 0x04c8  MBAMService - ok
17:08:38.0112 0x04c8  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
17:08:38.0112 0x04c8  MBAMSwissArmy - ok
17:08:38.0128 0x04c8  [ BD361695F9C7CE5A41FE3DA64E03E366, DE291807D4C590C52356A61BE525693FCA50090DF457A206C5770D1F5B5110CE ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:08:38.0128 0x04c8  MBAMWebAccessControl - ok
17:08:38.0175 0x04c8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:08:38.0175 0x04c8  Mcx2Svc - ok
17:08:38.0206 0x04c8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:08:38.0206 0x04c8  megasas - ok
17:08:38.0221 0x04c8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:08:38.0237 0x04c8  MegaSR - ok
17:08:38.0253 0x04c8  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
17:08:38.0253 0x04c8  MEIx64 - ok
17:08:38.0284 0x04c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:08:38.0284 0x04c8  MMCSS - ok
17:08:38.0315 0x04c8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:08:38.0315 0x04c8  Modem - ok
17:08:38.0346 0x04c8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:08:38.0346 0x04c8  monitor - ok
17:08:38.0362 0x04c8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:08:38.0362 0x04c8  mouclass - ok
17:08:38.0393 0x04c8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:08:38.0393 0x04c8  mouhid - ok
17:08:38.0409 0x04c8  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:08:38.0409 0x04c8  mountmgr - ok
17:08:38.0424 0x04c8  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
17:08:38.0440 0x04c8  MpFilter - ok
17:08:38.0455 0x04c8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:08:38.0455 0x04c8  mpio - ok
17:08:38.0471 0x04c8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:08:38.0471 0x04c8  mpsdrv - ok
17:08:38.0518 0x04c8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:08:38.0533 0x04c8  MpsSvc - ok
17:08:38.0549 0x04c8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:08:38.0549 0x04c8  MRxDAV - ok
17:08:38.0580 0x04c8  [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:08:38.0599 0x04c8  mrxsmb - ok
17:08:38.0647 0x04c8  [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:08:38.0647 0x04c8  mrxsmb10 - ok
17:08:38.0678 0x04c8  [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:08:38.0678 0x04c8  mrxsmb20 - ok
17:08:38.0709 0x04c8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:08:38.0709 0x04c8  msahci - ok
17:08:38.0725 0x04c8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:08:38.0725 0x04c8  msdsm - ok
17:08:38.0756 0x04c8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:08:38.0756 0x04c8  MSDTC - ok
17:08:38.0787 0x04c8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:08:38.0787 0x04c8  Msfs - ok
17:08:38.0803 0x04c8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:08:38.0803 0x04c8  mshidkmdf - ok
17:08:38.0803 0x04c8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:08:38.0803 0x04c8  msisadrv - ok
17:08:38.0849 0x04c8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:08:38.0849 0x04c8  MSiSCSI - ok
17:08:38.0849 0x04c8  msiserver - ok
17:08:38.0881 0x04c8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:08:38.0881 0x04c8  MSKSSRV - ok
17:08:38.0974 0x04c8  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:08:38.0974 0x04c8  MsMpSvc - ok
17:08:39.0005 0x04c8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:08:39.0005 0x04c8  MSPCLOCK - ok
17:08:39.0021 0x04c8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:08:39.0021 0x04c8  MSPQM - ok
17:08:39.0052 0x04c8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:08:39.0068 0x04c8  MsRPC - ok
17:08:39.0083 0x04c8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:08:39.0083 0x04c8  mssmbios - ok
17:08:39.0115 0x04c8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:08:39.0115 0x04c8  MSTEE - ok
17:08:39.0130 0x04c8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:08:39.0130 0x04c8  MTConfig - ok
17:08:39.0193 0x04c8  [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
17:08:39.0193 0x04c8  MTsensor - ok
17:08:39.0208 0x04c8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:08:39.0208 0x04c8  Mup - ok
17:08:39.0239 0x04c8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:08:39.0255 0x04c8  napagent - ok
17:08:39.0286 0x04c8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:08:39.0286 0x04c8  NativeWifiP - ok
17:08:39.0333 0x04c8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:08:39.0349 0x04c8  NDIS - ok
17:08:39.0380 0x04c8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:08:39.0395 0x04c8  NdisCap - ok
17:08:39.0427 0x04c8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:08:39.0427 0x04c8  NdisTapi - ok
17:08:39.0442 0x04c8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:08:39.0442 0x04c8  Ndisuio - ok
17:08:39.0458 0x04c8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:08:39.0458 0x04c8  NdisWan - ok
17:08:39.0473 0x04c8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:08:39.0473 0x04c8  NDProxy - ok
17:08:39.0489 0x04c8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:08:39.0489 0x04c8  NetBIOS - ok
17:08:39.0505 0x04c8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:08:39.0520 0x04c8  NetBT - ok
17:08:39.0536 0x04c8  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon        C:\Windows\system32\lsass.exe
17:08:39.0536 0x04c8  Netlogon - ok
17:08:39.0583 0x04c8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:08:39.0583 0x04c8  Netman - ok
17:08:39.0629 0x04c8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:08:39.0629 0x04c8  NetMsmqActivator - ok
17:08:39.0645 0x04c8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:08:39.0645 0x04c8  NetPipeActivator - ok
17:08:39.0676 0x04c8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:08:39.0676 0x04c8  netprofm - ok
17:08:39.0801 0x04c8  [ 6CC3ECA56D266D571A1FB3BBC3F2D904, 76B11CDFB770C0920A1C3FADB8FB3700F3B3B6356D575288EF0081205DF4F3E9 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
17:08:39.0879 0x04c8  netr28ux - ok
17:08:39.0895 0x04c8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:08:39.0910 0x04c8  NetTcpActivator - ok
17:08:39.0910 0x04c8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:08:39.0910 0x04c8  NetTcpPortSharing - ok
17:08:40.0347 0x04c8  [ 36B581497249F2548C853A0A2A5E8108, 90274946034BC9875B2C8F083EF8C5BB75DBFBEDEE9026CA57D188F71639920B ] NETwNs64        C:\Windows\system32\DRIVERS\NETwsw00.sys
17:08:40.0748 0x04c8  NETwNs64 - ok
17:08:40.0795 0x04c8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:08:40.0795 0x04c8  nfrd960 - ok
17:08:40.0826 0x04c8  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:08:40.0826 0x04c8  NisDrv - ok
17:08:40.0858 0x04c8  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
17:08:40.0873 0x04c8  NisSrv - ok
17:08:40.0904 0x04c8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:08:40.0904 0x04c8  NlaSvc - ok
17:08:40.0920 0x04c8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:08:40.0920 0x04c8  Npfs - ok
17:08:40.0936 0x04c8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:08:40.0936 0x04c8  nsi - ok
17:08:40.0951 0x04c8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:08:40.0951 0x04c8  nsiproxy - ok
17:08:41.0014 0x04c8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:08:41.0060 0x04c8  Ntfs - ok
17:08:41.0076 0x04c8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:08:41.0076 0x04c8  Null - ok
17:08:41.0107 0x04c8  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
17:08:41.0107 0x04c8  NVHDA - ok
17:08:41.0497 0x04c8  [ C22FADC26662FC182ACB89D082B6999A, D91AF8F8125701AA1FA03499AD5CC199832EB13E06D445EE766DE3773CF7BF7B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:08:41.0872 0x04c8  nvlddmkm - ok
17:08:41.0918 0x04c8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:08:41.0918 0x04c8  nvraid - ok
17:08:41.0934 0x04c8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:08:41.0950 0x04c8  nvstor - ok
17:08:41.0996 0x04c8  [ D689693D53364774001860941EDBA80F, 839B34E00826655BBE2B331E612501810BF4BB40167B7D65C69DC93F4A4CB06A ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:08:42.0137 0x04c8  nvsvc - ok
17:08:42.0152 0x04c8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:08:42.0168 0x04c8  nv_agp - ok
17:08:42.0215 0x04c8  [ 3764991DD334A7318BFD36C6CCD366A8, 558ABB4807B13C35BA751E1097E9C92EDBCBB82895933196D21B46C43B3B573E ] O2FJ2RDR        C:\Windows\system32\drivers\O2FJ2w7x64.sys
17:08:42.0215 0x04c8  O2FJ2RDR - ok
17:08:42.0246 0x04c8  [ 4E37455DB16AEC75862B1D0BC35B589E, F60FCE0C3E6C1559B0A8E0A032AFD30216E1DE2142E8E4C181C43DB6C4B5A443 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
17:08:42.0246 0x04c8  O2FLASH - ok
17:08:42.0246 0x04c8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:08:42.0262 0x04c8  ohci1394 - ok
17:08:42.0293 0x04c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:08:42.0293 0x04c8  p2pimsvc - ok
17:08:42.0324 0x04c8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:08:42.0324 0x04c8  p2psvc - ok
17:08:42.0340 0x04c8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
17:08:42.0340 0x04c8  Parport - ok
17:08:42.0355 0x04c8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:08:42.0355 0x04c8  partmgr - ok
17:08:42.0371 0x04c8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:08:42.0386 0x04c8  PcaSvc - ok
17:08:42.0402 0x04c8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:08:42.0402 0x04c8  pci - ok
17:08:42.0418 0x04c8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:08:42.0418 0x04c8  pciide - ok
17:08:42.0418 0x04c8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:08:42.0433 0x04c8  pcmcia - ok
17:08:42.0449 0x04c8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:08:42.0449 0x04c8  pcw - ok
17:08:42.0480 0x04c8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:08:42.0496 0x04c8  PEAUTH - ok
17:08:42.0558 0x04c8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:08:42.0558 0x04c8  PerfHost - ok
17:08:42.0686 0x04c8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:08:42.0733 0x04c8  pla - ok
17:08:42.0779 0x04c8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:08:42.0795 0x04c8  PlugPlay - ok
17:08:42.0811 0x04c8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:08:42.0811 0x04c8  PNRPAutoReg - ok
17:08:42.0826 0x04c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:08:42.0842 0x04c8  PNRPsvc - ok
17:08:42.0873 0x04c8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:08:42.0889 0x04c8  PolicyAgent - ok
17:08:42.0904 0x04c8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:08:42.0904 0x04c8  Power - ok
17:08:42.0967 0x04c8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:08:42.0967 0x04c8  PptpMiniport - ok
17:08:42.0998 0x04c8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
17:08:42.0998 0x04c8  Processor - ok
17:08:43.0029 0x04c8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:08:43.0045 0x04c8  ProfSvc - ok
17:08:43.0076 0x04c8  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:08:43.0076 0x04c8  ProtectedStorage - ok
17:08:43.0091 0x04c8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:08:43.0091 0x04c8  Psched - ok
17:08:43.0154 0x04c8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:08:43.0201 0x04c8  ql2300 - ok
17:08:43.0232 0x04c8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:08:43.0232 0x04c8  ql40xx - ok
17:08:43.0263 0x04c8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:08:43.0263 0x04c8  QWAVE - ok
17:08:43.0294 0x04c8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:08:43.0294 0x04c8  QWAVEdrv - ok
17:08:43.0310 0x04c8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:08:43.0310 0x04c8  RasAcd - ok
17:08:43.0357 0x04c8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:08:43.0357 0x04c8  RasAgileVpn - ok
17:08:43.0372 0x04c8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:08:43.0372 0x04c8  RasAuto - ok
17:08:43.0388 0x04c8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:08:43.0403 0x04c8  Rasl2tp - ok
17:08:43.0419 0x04c8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:08:43.0435 0x04c8  RasMan - ok
17:08:43.0450 0x04c8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:08:43.0450 0x04c8  RasPppoe - ok
17:08:43.0481 0x04c8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:08:43.0481 0x04c8  RasSstp - ok
17:08:43.0513 0x04c8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:08:43.0513 0x04c8  rdbss - ok
17:08:43.0513 0x04c8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
17:08:43.0528 0x04c8  rdpbus - ok
17:08:43.0528 0x04c8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:08:43.0528 0x04c8  RDPCDD - ok
17:08:43.0559 0x04c8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:08:43.0559 0x04c8  RDPENCDD - ok
17:08:43.0575 0x04c8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:08:43.0575 0x04c8  RDPREFMP - ok
17:08:43.0637 0x04c8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:08:43.0637 0x04c8  RdpVideoMiniport - ok
17:08:43.0669 0x04c8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:08:43.0684 0x04c8  RDPWD - ok
17:08:43.0715 0x04c8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:08:43.0715 0x04c8  rdyboost - ok
17:08:43.0747 0x04c8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:08:43.0762 0x04c8  RemoteAccess - ok
17:08:43.0809 0x04c8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:08:43.0809 0x04c8  RemoteRegistry - ok
17:08:43.0840 0x04c8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:08:43.0840 0x04c8  RpcEptMapper - ok
17:08:43.0856 0x04c8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:08:43.0856 0x04c8  RpcLocator - ok
17:08:43.0887 0x04c8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:08:43.0903 0x04c8  RpcSs - ok
17:08:43.0918 0x04c8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:08:43.0934 0x04c8  rspndr - ok
17:08:43.0965 0x04c8  [ 333224D4D25F9BCCA488E08345083E1C, 368CA50C6791849A029F0E55036D0F2952922D5D17BE3C35D1195C6AFED0D94F ] RTL8187         C:\Windows\system32\DRIVERS\rtl8187.sys
17:08:43.0965 0x04c8  RTL8187 - ok
17:08:43.0981 0x04c8  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs           C:\Windows\system32\lsass.exe
17:08:43.0981 0x04c8  SamSs - ok
17:08:43.0996 0x04c8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:08:44.0012 0x04c8  sbp2port - ok
17:08:44.0043 0x04c8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:08:44.0043 0x04c8  SCardSvr - ok
17:08:44.0074 0x04c8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:08:44.0074 0x04c8  scfilter - ok
17:08:44.0137 0x04c8  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
17:08:44.0168 0x04c8  Schedule - ok
17:08:44.0199 0x04c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:08:44.0199 0x04c8  SCPolicySvc - ok
17:08:44.0230 0x04c8  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
17:08:44.0230 0x04c8  sdbus - ok
17:08:44.0261 0x04c8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:08:44.0277 0x04c8  SDRSVC - ok
17:08:44.0293 0x04c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:08:44.0293 0x04c8  secdrv - ok
17:08:44.0308 0x04c8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:08:44.0308 0x04c8  seclogon - ok
17:08:44.0324 0x04c8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:08:44.0324 0x04c8  SENS - ok
17:08:44.0355 0x04c8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:08:44.0355 0x04c8  SensrSvc - ok
17:08:44.0402 0x04c8  [ 8C4E747CBC6CDFF5F5BB6360348161F1, 2308108454842E4DCF9CFFCF839D003B73C9B3992687346955D02BCF12F47E3B ] Serenum         C:\Windows\system32\DRIVERS\nuvserenum.sys
17:08:44.0402 0x04c8  Serenum - ok
17:08:44.0417 0x04c8  [ 46E579857F593EBC5DD9DE3B16BF234A, FD19840E3A9E8C9D092DE311E6F0B313CAE2D26F9E17EAFD0C1AC45F2AB22AD9 ] Serial          C:\Windows\system32\DRIVERS\nuvserial.sys
17:08:44.0433 0x04c8  Serial - ok
17:08:44.0433 0x04c8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:08:44.0433 0x04c8  sermouse - ok
17:08:44.0464 0x04c8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:08:44.0464 0x04c8  SessionEnv - ok
17:08:44.0495 0x04c8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:08:44.0495 0x04c8  sffdisk - ok
17:08:44.0495 0x04c8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:08:44.0511 0x04c8  sffp_mmc - ok
17:08:44.0511 0x04c8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:08:44.0527 0x04c8  sffp_sd - ok
17:08:44.0527 0x04c8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:08:44.0527 0x04c8  sfloppy - ok
17:08:44.0589 0x04c8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:08:44.0589 0x04c8  SharedAccess - ok
17:08:44.0625 0x04c8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:08:44.0625 0x04c8  ShellHWDetection - ok
17:08:44.0656 0x04c8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:08:44.0656 0x04c8  SiSRaid2 - ok
17:08:44.0672 0x04c8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:08:44.0672 0x04c8  SiSRaid4 - ok
17:08:44.0750 0x04c8  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:08:44.0766 0x04c8  SkypeUpdate - ok
17:08:44.0781 0x04c8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:08:44.0781 0x04c8  Smb - ok
17:08:44.0812 0x04c8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:08:44.0812 0x04c8  SNMPTRAP - ok
17:08:44.0828 0x04c8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:08:44.0828 0x04c8  spldr - ok
17:08:44.0859 0x04c8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:08:44.0875 0x04c8  Spooler - ok
17:08:45.0000 0x04c8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:08:45.0062 0x04c8  sppsvc - ok
17:08:45.0093 0x04c8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:08:45.0109 0x04c8  sppuinotify - ok
17:08:45.0156 0x04c8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:08:45.0156 0x04c8  srv - ok
17:08:45.0171 0x04c8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:08:45.0187 0x04c8  srv2 - ok
17:08:45.0218 0x04c8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:08:45.0218 0x04c8  srvnet - ok
17:08:45.0249 0x04c8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:08:45.0249 0x04c8  SSDPSRV - ok
17:08:45.0265 0x04c8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:08:45.0265 0x04c8  SstpSvc - ok
17:08:45.0296 0x04c8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:08:45.0296 0x04c8  stexstor - ok
17:08:45.0327 0x04c8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:08:45.0343 0x04c8  stisvc - ok
17:08:45.0374 0x04c8  [ 5515D39205E0B59045DED8573A9E2179, 192A12994E44948D970CAA189F45182132C930506C0D40CE98F566BD5CA9B572 ] ST_Accel        C:\Windows\system32\drivers\ST_Accel.sys
17:08:45.0374 0x04c8  ST_Accel - ok
17:08:45.0421 0x04c8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:08:45.0421 0x04c8  swenum - ok
17:08:45.0452 0x04c8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:08:45.0468 0x04c8  swprv - ok
17:08:45.0546 0x04c8  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
17:08:45.0608 0x04c8  SysMain - ok
17:08:45.0655 0x04c8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:08:45.0655 0x04c8  TabletInputService - ok
17:08:45.0670 0x04c8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:08:45.0686 0x04c8  TapiSrv - ok
17:08:45.0717 0x04c8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:08:45.0717 0x04c8  TBS - ok
17:08:45.0780 0x04c8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:08:45.0842 0x04c8  Tcpip - ok
17:08:45.0920 0x04c8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:08:45.0998 0x04c8  TCPIP6 - ok
17:08:46.0014 0x04c8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:08:46.0014 0x04c8  tcpipreg - ok
17:08:46.0060 0x04c8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:08:46.0060 0x04c8  TDPIPE - ok
17:08:46.0107 0x04c8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:08:46.0107 0x04c8  TDTCP - ok
17:08:46.0154 0x04c8  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:08:46.0154 0x04c8  tdx - ok
17:08:46.0170 0x04c8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:08:46.0170 0x04c8  TermDD - ok
17:08:46.0201 0x04c8  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
17:08:46.0201 0x04c8  terminpt - ok
17:08:46.0263 0x04c8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:08:46.0294 0x04c8  TermService - ok
17:08:46.0310 0x04c8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:08:46.0326 0x04c8  Themes - ok
17:08:46.0341 0x04c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:08:46.0357 0x04c8  THREADORDER - ok
17:08:46.0357 0x04c8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:08:46.0372 0x04c8  TrkWks - ok
17:08:46.0419 0x04c8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:08:46.0419 0x04c8  TrustedInstaller - ok
17:08:46.0435 0x04c8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:08:46.0435 0x04c8  tssecsrv - ok
17:08:46.0466 0x04c8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:08:46.0482 0x04c8  TsUsbFlt - ok
17:08:46.0497 0x04c8  [ D34789988234DCC8FA55FA9A485AF0EC, 5C1A77EFA23261F5F9C971A12145CA6AC701723A94B6A8AE9BE95EEDD3C02919 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:08:46.0497 0x04c8  TsUsbGD - ok
17:08:46.0544 0x04c8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:08:46.0544 0x04c8  tunnel - ok
17:08:46.0560 0x04c8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:08:46.0560 0x04c8  uagp35 - ok
17:08:46.0591 0x04c8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:08:46.0607 0x04c8  udfs - ok
17:08:46.0626 0x04c8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:08:46.0626 0x04c8  UI0Detect - ok
17:08:46.0642 0x04c8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:08:46.0657 0x04c8  uliagpkx - ok
17:08:46.0657 0x04c8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:08:46.0657 0x04c8  umbus - ok
17:08:46.0688 0x04c8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:08:46.0688 0x04c8  UmPass - ok
17:08:46.0735 0x04c8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:08:46.0735 0x04c8  upnphost - ok
17:08:46.0751 0x04c8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:08:46.0751 0x04c8  usbaudio - ok
17:08:46.0766 0x04c8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:08:46.0782 0x04c8  usbccgp - ok
17:08:46.0798 0x04c8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:08:46.0798 0x04c8  usbcir - ok
17:08:46.0813 0x04c8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:08:46.0813 0x04c8  usbehci - ok
17:08:46.0844 0x04c8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:08:46.0844 0x04c8  usbhub - ok
17:08:46.0876 0x04c8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:08:46.0876 0x04c8  usbohci - ok
17:08:46.0907 0x04c8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:08:46.0907 0x04c8  usbprint - ok
17:08:46.0922 0x04c8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:08:46.0922 0x04c8  usbscan - ok
17:08:46.0938 0x04c8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:08:46.0938 0x04c8  USBSTOR - ok
17:08:46.0954 0x04c8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:08:46.0954 0x04c8  usbuhci - ok
17:08:46.0969 0x04c8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:08:46.0985 0x04c8  usbvideo - ok
17:08:47.0000 0x04c8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:08:47.0016 0x04c8  UxSms - ok
17:08:47.0016 0x04c8  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc        C:\Windows\system32\lsass.exe
17:08:47.0032 0x04c8  VaultSvc - ok
17:08:47.0047 0x04c8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:08:47.0047 0x04c8  vdrvroot - ok
17:08:47.0078 0x04c8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:08:47.0094 0x04c8  vds - ok
17:08:47.0125 0x04c8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:08:47.0125 0x04c8  vga - ok
17:08:47.0125 0x04c8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:08:47.0125 0x04c8  VgaSave - ok
17:08:47.0156 0x04c8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:08:47.0172 0x04c8  vhdmp - ok
17:08:47.0172 0x04c8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:08:47.0172 0x04c8  viaide - ok
17:08:47.0203 0x04c8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:08:47.0203 0x04c8  volmgr - ok
17:08:47.0219 0x04c8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:08:47.0234 0x04c8  volmgrx - ok
17:08:47.0250 0x04c8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:08:47.0266 0x04c8  volsnap - ok
17:08:47.0281 0x04c8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:08:47.0281 0x04c8  vsmraid - ok
17:08:47.0344 0x04c8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:08:47.0390 0x04c8  VSS - ok
17:08:47.0422 0x04c8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:08:47.0437 0x04c8  vwifibus - ok
17:08:47.0437 0x04c8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:08:47.0453 0x04c8  vwififlt - ok
17:08:47.0453 0x04c8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:08:47.0468 0x04c8  W32Time - ok
17:08:47.0500 0x04c8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:08:47.0515 0x04c8  WacomPen - ok
17:08:47.0562 0x04c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:08:47.0562 0x04c8  WANARP - ok
17:08:47.0578 0x04c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:08:47.0578 0x04c8  Wanarpv6 - ok
17:08:47.0656 0x04c8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:08:47.0702 0x04c8  WatAdminSvc - ok
17:08:47.0780 0x04c8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:08:47.0827 0x04c8  wbengine - ok
17:08:47.0874 0x04c8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:08:47.0874 0x04c8  WbioSrvc - ok
17:08:47.0905 0x04c8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:08:47.0921 0x04c8  wcncsvc - ok
17:08:47.0936 0x04c8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:08:47.0936 0x04c8  WcsPlugInService - ok
17:08:47.0968 0x04c8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
17:08:47.0968 0x04c8  Wd - ok
17:08:47.0999 0x04c8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:08:48.0014 0x04c8  Wdf01000 - ok
17:08:48.0030 0x04c8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:08:48.0046 0x04c8  WdiServiceHost - ok
17:08:48.0046 0x04c8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:08:48.0046 0x04c8  WdiSystemHost - ok
17:08:48.0077 0x04c8  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
17:08:48.0092 0x04c8  WebClient - ok
17:08:48.0108 0x04c8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:08:48.0108 0x04c8  Wecsvc - ok
17:08:48.0124 0x04c8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:08:48.0139 0x04c8  wercplsupport - ok
17:08:48.0155 0x04c8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:08:48.0155 0x04c8  WerSvc - ok
17:08:48.0186 0x04c8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:08:48.0186 0x04c8  WfpLwf - ok
17:08:48.0202 0x04c8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:08:48.0202 0x04c8  WIMMount - ok
17:08:48.0217 0x04c8  WinDefend - ok
17:08:48.0233 0x04c8  WinHttpAutoProxySvc - ok
17:08:48.0264 0x04c8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:08:48.0264 0x04c8  Winmgmt - ok
17:08:48.0373 0x04c8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
17:08:48.0436 0x04c8  WinRM - ok
17:08:48.0482 0x04c8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:08:48.0482 0x04c8  WinUsb - ok
17:08:48.0529 0x04c8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:08:48.0560 0x04c8  Wlansvc - ok
17:08:48.0674 0x04c8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:08:48.0752 0x04c8  wlidsvc - ok
17:08:48.0798 0x04c8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:08:48.0798 0x04c8  WmiAcpi - ok
17:08:48.0830 0x04c8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:08:48.0845 0x04c8  wmiApSrv - ok
17:08:48.0861 0x04c8  WMPNetworkSvc - ok
17:08:48.0892 0x04c8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:08:48.0892 0x04c8  WPCSvc - ok
17:08:48.0908 0x04c8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:08:48.0923 0x04c8  WPDBusEnum - ok
17:08:48.0954 0x04c8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:08:48.0970 0x04c8  ws2ifsl - ok
17:08:48.0986 0x04c8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:08:49.0001 0x04c8  wscsvc - ok
17:08:49.0001 0x04c8  WSearch - ok
17:08:49.0110 0x04c8  [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:08:49.0204 0x04c8  wuauserv - ok
17:08:49.0235 0x04c8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:08:49.0235 0x04c8  WudfPf - ok
17:08:49.0251 0x04c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:08:49.0266 0x04c8  WUDFRd - ok
17:08:49.0282 0x04c8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:08:49.0282 0x04c8  wudfsvc - ok
17:08:49.0313 0x04c8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:08:49.0329 0x04c8  WwanSvc - ok
17:08:49.0391 0x04c8  [ 728CA8E15873B345BF82F14AD8B65C91, FCD183A7B8F9B39A3C080ADDE6DAF0A72224B0F7D3FF5582EB06F3082A06ACDC ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
17:08:49.0407 0x04c8  yukonw7 - ok
17:08:49.0407 0x04c8  ================ Scan global ===============================
17:08:49.0469 0x04c8  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
17:08:49.0500 0x04c8  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
17:08:49.0516 0x04c8  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
17:08:49.0547 0x04c8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:08:49.0578 0x04c8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:08:49.0594 0x04c8  [ Global ] - ok
17:08:49.0594 0x04c8  ================ Scan MBR ==================================
17:08:49.0594 0x04c8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:08:49.0688 0x04c8  \Device\Harddisk0\DR0 - ok
17:08:49.0688 0x04c8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:08:49.0688 0x04c8  \Device\Harddisk1\DR1 - ok
17:08:49.0688 0x04c8  ================ Scan VBR ==================================
17:08:49.0703 0x04c8  [ 018FF92A40E26412C786044C5E32CBD6 ] \Device\Harddisk0\DR0\Partition1
17:08:49.0703 0x04c8  \Device\Harddisk0\DR0\Partition1 - ok
17:08:49.0703 0x04c8  [ D7D5598BE24085ABEE67F44DCB0D3AF6 ] \Device\Harddisk0\DR0\Partition2
17:08:49.0703 0x04c8  \Device\Harddisk0\DR0\Partition2 - ok
17:08:49.0703 0x04c8  [ 4F543919E4A42F127B2F429952BC1A9F ] \Device\Harddisk1\DR1\Partition1
17:08:50.0156 0x04c8  \Device\Harddisk1\DR1\Partition1 - ok
17:08:50.0156 0x04c8  ================ Scan generic autorun ======================
17:08:50.0202 0x04c8  [ C320FD6AAC812A0E2F1B297F0155A7C1, 5F1F2AB1082DEC7AC2367B2B86B1CD7C470CB2757EFC0AAB334866BB5C7518C4 ] C:\Windows\system32\igfxtray.exe
17:08:50.0327 0x04c8  IgfxTray - ok
17:08:50.0358 0x04c8  [ F8470C4F1061D34EAF7ADC0CF56D25A0, 0B97C71033A638F6EC234B0BAAB9F1F7287B4D8E83DADC9BD2DF2E55D2CD9965 ] C:\Windows\system32\igfxpers.exe
17:08:50.0452 0x04c8  Persistence - ok
17:08:50.0530 0x04c8  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
17:08:50.0577 0x04c8  MSC - ok
17:08:51.0083 0x04c8  [ A5089CA3FC9785251790C75FC89356F0, 0A4B3294AA1D846B3ECC1EE9CFE2A3A93F327370CBFCDC5CF7B8E99CC139FA3E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:08:51.0551 0x04c8  RTHDVCPL - ok
17:08:51.0667 0x04c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:08:51.0795 0x04c8  Sidebar - ok
17:08:51.0842 0x04c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:08:51.0842 0x04c8  mctadmin - ok
17:08:51.0904 0x04c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:08:51.0920 0x04c8  Sidebar - ok
17:08:51.0935 0x04c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:08:51.0935 0x04c8  mctadmin - ok
17:08:52.0169 0x04c8  [ 14EF06B1EA531D681B5738F37388B99C, AB74735A3569B7995572FD7B0D026919CADA27C43A6AD0503659CE7CA3FF6B84 ] C:\Program Files\CCleaner\CCleaner64.exe
17:08:52.0388 0x04c8  CCleaner Monitoring - ok
17:08:52.0637 0x04c8  [ 14EF06B1EA531D681B5738F37388B99C, AB74735A3569B7995572FD7B0D026919CADA27C43A6AD0503659CE7CA3FF6B84 ] C:\Program Files\CCleaner\CCleaner64.exe
17:08:52.0762 0x04c8  CCleaner Monitoring - ok
17:08:52.0793 0x04c8  Waiting for KSN requests completion. In queue: 28
17:08:53.0806 0x04c8  Waiting for KSN requests completion. In queue: 28
17:08:54.0815 0x04c8  Waiting for KSN requests completion. In queue: 28
17:08:55.0851 0x04c8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
17:08:55.0944 0x04c8  Win FW state via NFP2: enabled ( trusted )
17:08:58.0694 0x04c8  ============================================================
17:08:58.0694 0x04c8  Scan finished
17:08:58.0694 0x04c8  ============================================================
17:08:58.0694 0x050c  Detected object count: 0
17:08:58.0694 0x050c  Actual detected object count: 0
17:09:16.0093 0x0910  Deinitialize success
 


#6 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 15 October 2015 - 01:26 AM

ok the next one :  aswMBR    wont let me download? says 

 

This webpage is not availableOpera could not load the webpage because public.avast.com took too long to respond. The website may be down, or you may be experiencing issues with your internet connection.Check your internet connection.Check any cables and reboot any routers, modems, or other network devices you may be using.Allow Opera to access the network in your firewall or antivirus settings.If it is already listed as a program allowed to access the network, try removing it from the list and adding it again.If you use a proxy server...Check your proxy settings or contact your network administrator to make sure the proxy server is working. If you don't believe you should be using a proxy server: Go to the Opera menu > Settings > Change proxy settings... > LAN Settings and deselect "Use a proxy server for your LAN".

 

 

Ok I will wait for your reply so they are in order ty x


Edited by WenJac, 15 October 2015 - 01:30 AM.


#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,049 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:34 AM

Posted 15 October 2015 - 12:15 PM

Greetings,

Skip aswMBR and run Combofix.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 15 October 2015 - 04:54 PM

ComboFix 15-10-15.01 - User 16/10/2015   8:24.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.61.1033.18.3199.1922 [GMT 11:00]
Running from: c:\users\User\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tech Support\AppData\Roaming\DRPSu
.
.
(((((((((((((((((((((((((   Files Created from 2015-09-15 to 2015-10-15  )))))))))))))))))))))))))))))))
.
.
2015-10-15 21:32 . 2015-10-15 21:32 -------- d-----w- c:\users\Tech Support\AppData\Local\temp
2015-10-15 21:32 . 2015-10-15 21:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-15 10:37 . 2015-08-31 22:45 11062400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E7B4C05C-9E9A-410D-877C-B05DEBF28097}\mpengine.dll
2015-10-15 10:17 . 2015-08-31 22:45 11062400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-10-14 21:08 . 2015-09-18 19:22 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-14 21:08 . 2015-09-18 19:19 700416 ----a-w- c:\windows\system32\invagent.dll
2015-10-14 21:08 . 2015-09-18 19:19 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-14 21:08 . 2015-09-18 19:19 503808 ----a-w- c:\windows\system32\devinv.dll
2015-10-14 21:08 . 2015-09-18 19:19 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-14 21:08 . 2015-09-18 19:19 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-10-14 21:08 . 2015-09-18 19:09 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-13 22:27 . 2015-09-25 18:07 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-10-13 22:23 . 2015-10-01 18:04 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-13 22:23 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-13 22:23 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-13 22:23 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-13 22:23 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-13 22:23 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-13 22:23 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-13 22:23 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-13 22:23 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-10-12 22:00 . 2015-06-24 04:00 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{982FE533-AEA2-4C95-81C8-243C908E4D68}\gapaengine.dll
2015-10-12 07:55 . 2015-10-12 07:55 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-12 07:55 . 2015-10-12 07:55 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-12 07:55 . 2015-10-12 07:55 -------- d-----w- c:\windows\SysWow64\Macromed
2015-10-12 07:55 . 2015-10-12 07:55 -------- d-----w- c:\windows\system32\Macromed
2015-10-12 05:49 . 2015-10-15 06:01 -------- d-----w- C:\FRST
2015-10-11 11:29 . 2015-10-11 11:29 -------- d-----w- c:\program files (x86)\ESET
2015-10-11 06:51 . 2015-10-11 08:08 -------- d-----w- C:\AdwCleaner
2015-10-11 03:45 . 2015-10-11 03:45 -------- d-----w- c:\program files\Reason
2015-10-11 03:36 . 2015-10-11 10:40 -------- d-----w- c:\program files\Speccy
2015-10-10 15:03 . 2015-10-11 10:39 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2015-10-10 14:34 . 2015-10-10 14:34 -------- d-----w- C:\RegBackup
2015-10-10 14:22 . 2015-10-10 14:22 -------- d-----w- c:\program files (x86)\Tweaking.com
2015-10-08 20:25 . 2015-10-08 20:25 -------- d-----w- c:\program files (x86)\NetRatingsNetSight
2015-10-05 03:19 . 2015-10-05 03:22 -------- d-----w- c:\users\User\AppData\Roaming\Guild Wars 2
2015-10-02 04:40 . 2015-10-11 10:41 -------- d-----w- c:\program files (x86)\World of Warcraft
2015-10-02 03:15 . 2015-10-02 03:15 -------- d-----w- c:\users\User\AppData\Local\CEF
2015-10-01 09:21 . 2015-10-01 16:02 -------- d-----w- c:\users\User\Tracing
2015-10-01 05:56 . 2015-10-13 06:06 -------- d-----w- c:\users\User\AppData\Local\Windows Live
2015-09-25 13:11 . 2015-10-11 10:41 -------- d-----w- c:\users\User\AppData\Local\MyComGames
2015-09-21 11:35 . 2015-10-11 10:02 -------- d-----w- C:\IGG
2015-09-21 11:34 . 2015-10-11 10:07 -------- d-----w- c:\users\User\AppData\Roaming\IGG
2015-09-21 11:28 . 2015-10-11 10:07 -------- d-----w- c:\users\User\AppData\Roaming\Opera Software
2015-09-21 11:28 . 2015-09-21 11:28 -------- d-----w- c:\users\User\AppData\Local\Opera Software
2015-09-21 11:27 . 2015-10-11 10:41 -------- d-----w- c:\program files (x86)\Opera
2015-09-20 01:56 . 2015-10-11 10:41 -------- d-----w- c:\program files (x86)\Diablo III
2015-09-20 00:13 . 2015-09-20 00:13 -------- d-----w- c:\users\User\AppData\Roaming\NVIDIA
2015-09-20 00:13 . 2015-09-20 00:13 -------- d-----w- c:\users\User\AppData\Local\Blizzard Entertainment
2015-09-20 00:13 . 2015-09-20 00:13 -------- d-----w- c:\programdata\Blizzard Entertainment
2015-09-20 00:13 . 2015-10-13 04:26 -------- d-----w- c:\users\User\AppData\Local\Battle.net
2015-09-20 00:13 . 2015-10-11 10:41 -------- d-----w- c:\users\User\AppData\Roaming\Battle.net
2015-09-20 00:10 . 2015-10-13 04:01 -------- d-----w- c:\program files (x86)\Battle.net
2015-09-20 00:00 . 2015-10-11 10:06 -------- d-----w- c:\programdata\Battle.net
2015-09-19 09:50 . 2015-09-19 09:50 -------- d-----w- c:\users\User\AppData\Local\Chromium
2015-09-19 03:45 . 2015-10-11 10:41 -------- d-----w- c:\program files (x86)\CABAL2 (US)
2015-09-18 09:46 . 2015-09-18 09:46 -------- d-----w- C:\ArcheAge
2015-09-18 09:43 . 2015-10-11 10:41 -------- d-----r- c:\users\User\OneDrive
2015-09-17 08:55 . 2006-12-08 02:02 251672 ----a-w- c:\windows\SysWow64\xactengine2_5.dll
2015-09-17 08:49 . 2015-10-15 10:23 -------- d-----w- c:\users\User\AppData\Local\Glyph
2015-09-17 08:49 . 2015-10-15 10:23 -------- d-----w- c:\programdata\Glyph
2015-09-17 08:49 . 2015-10-15 10:13 -------- d-----w- c:\program files (x86)\Glyph
2015-09-17 03:20 . 2015-09-17 03:20 -------- d-----w- c:\users\User\AppData\Local\GWX
2015-09-17 03:16 . 2015-09-17 03:17 -------- d-----w- c:\program files (x86)\Common Files\logishrd
2015-09-17 03:16 . 2015-10-11 10:41 -------- d-----w- c:\program files\Common Files\logishrd
2015-09-17 01:39 . 2015-10-11 10:42 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2015-09-17 01:39 . 2015-10-11 10:06 -------- d--h--w- c:\programdata\CanonBJ
2015-09-17 01:39 . 2012-03-13 19:00 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPA5.DLL
2015-09-17 01:39 . 2012-03-13 19:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDA5.DLL
2015-09-17 01:38 . 2012-03-13 19:00 385024 ----a-w- c:\windows\system32\CNMLMA5.DLL
2015-09-17 01:36 . 2011-01-06 03:07 102400 ----a-w- c:\windows\SysWow64\CNC340U.dll
2015-09-17 01:36 . 2011-01-06 03:09 1324544 ----a-w- c:\windows\system32\CNC340C.dll
2015-09-17 01:36 . 2011-01-06 03:09 109568 ----a-w- c:\windows\system32\CNC340I.dll
2015-09-17 01:36 . 2009-10-19 06:30 346624 ----a-w- c:\windows\system32\CNC340L.dll
2015-09-17 01:36 . 2009-10-19 06:29 307200 ----a-w- c:\windows\SysWow64\CNC340L.dll
2015-09-17 01:36 . 2008-08-25 08:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll
2015-09-17 01:36 . 2008-08-25 08:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2015-09-17 01:35 . 2015-10-11 12:16 -------- d-----w- c:\users\User\AppData\Local\ElevatedDiagnostics
2015-09-17 01:31 . 2015-09-17 01:31 -------- d-----w- c:\users\User\AppData\Local\PDFCreator
2015-09-16 06:13 . 2015-10-12 07:55 -------- d-----w- c:\users\User\AppData\Local\Adobe
2015-09-16 05:30 . 2015-10-11 10:41 -------- d-----w- c:\users\User\AppData\Roaming\gentek
2015-09-16 05:30 . 2013-03-08 09:53 925328 ----a-w- c:\users\User\AppData\Roaming\Microsoft\Windows\Templates\temp_launcher.exe
2015-09-16 05:29 . 2015-10-14 11:07 -------- d-----w- c:\program files (x86)\Moonlight
2015-09-16 05:04 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-09-16 05:04 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-16 04:27 . 2015-07-23 00:02 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2015-09-16 04:27 . 2015-07-22 16:48 41984 ----a-w- c:\windows\system32\UtcResources.dll
2015-09-16 04:27 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\tdh.dll
2015-09-16 04:27 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-09-16 04:27 . 2015-07-22 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-09-16 04:27 . 2015-07-22 17:53 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-09-16 04:26 . 2015-06-25 10:06 115136 ----a-w- c:\windows\system32\consent.exe
2015-09-16 04:26 . 2015-06-25 10:01 1941504 ----a-w- c:\windows\system32\authui.dll
2015-09-16 04:26 . 2015-06-25 09:44 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-09-16 04:26 . 2015-06-25 10:01 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-09-16 04:26 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-09-16 04:26 . 2015-08-27 18:18 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-09-16 04:26 . 2015-08-27 17:58 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-09-16 04:26 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-09-16 04:26 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-09-16 04:26 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-09-16 04:26 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-09-16 04:26 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-09-16 04:20 . 2015-09-02 01:51 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-16 04:20 . 2015-09-02 03:04 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-16 04:20 . 2015-09-02 03:04 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-16 04:20 . 2015-09-02 03:04 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-16 04:20 . 2015-09-02 03:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-16 04:20 . 2015-09-02 02:48 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-16 04:20 . 2015-09-02 02:48 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-16 04:20 . 2015-09-02 01:47 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-16 04:20 . 2015-09-02 01:33 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-09-16 04:20 . 2015-09-02 02:48 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-16 04:20 . 2015-09-02 02:47 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-16 04:02 . 2015-10-12 04:52 -------- d-----w- c:\users\User\AppData\Roaming\Windows Live Writer
2015-09-16 04:02 . 2015-09-16 04:02 -------- d-----w- c:\users\User\AppData\Local\Windows Live Writer
2015-09-16 03:55 . 2015-07-11 13:15 429568 ----a-w- c:\windows\system32\wksprt.exe
2015-09-16 03:55 . 2015-07-16 19:11 7077376 ----a-w- c:\windows\system32\mstscax.dll
2015-09-16 03:55 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-09-16 03:55 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
2015-09-16 03:55 . 2015-07-16 19:11 1057792 ----a-w- c:\windows\system32\rdvidcrl.dll
2015-09-16 03:55 . 2015-07-16 19:12 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll
2015-09-16 03:55 . 2015-07-16 19:11 62976 ----a-w- c:\windows\system32\tsgqec.dll
2015-09-16 03:53 . 2015-06-03 20:16 193536 ----a-w- c:\windows\system32\aepic.dll
2015-09-16 03:53 . 2015-06-02 00:07 254976 ----a-w- c:\windows\system32\cewmdm.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-29 02:58 . 2015-10-13 22:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-08-26 08:37 . 2015-04-18 21:40 134753440 ----a-w- c:\windows\system32\MRT.exe
2015-07-30 04:05 . 2015-09-14 07:55 3299824 ----a-w- c:\windows\system32\YamahaAE2.dll
2015-07-30 04:05 . 2015-09-14 07:55 2190992 ----a-w- c:\windows\system32\YamahaAE.dll
2015-07-30 04:05 . 2015-09-14 07:55 888480 ----a-w- c:\windows\system32\tossaeapo64.dll
2015-07-30 04:05 . 2015-09-14 07:55 873472 ----a-w- c:\windows\system32\tadefxapo264.dll
2015-07-30 04:05 . 2015-09-14 07:55 75544 ----a-w- c:\windows\system32\tepeqapo64.dll
2015-07-30 04:05 . 2015-09-14 07:55 596120 ----a-w- c:\windows\system32\tosasfapo64.dll
2015-07-30 04:05 . 2015-09-14 07:55 532384 ----a-w- c:\windows\system32\SRSTSX64.dll
2015-07-30 04:05 . 2015-09-14 07:55 224264 ----a-w- c:\windows\system32\tossaemaxapo64.dll
2015-07-30 04:05 . 2015-09-14 07:55 221976 ----a-w- c:\windows\system32\SRSTSH64.dll
2015-07-30 04:05 . 2015-09-14 07:55 172584 ----a-w- c:\windows\system32\toseaeapo64.dll
2015-07-30 04:05 . 2015-09-14 07:55 166208 ----a-w- c:\windows\system32\SRSWOW64.dll
2015-07-30 04:05 . 2015-09-14 07:55 158704 ----a-w- c:\windows\system32\tadefxapo.dll
2015-07-30 04:05 . 2015-09-14 07:55 1382240 ----a-w- c:\windows\system32\tosade.dll
2015-07-30 04:05 . 2015-09-14 07:55 749776 ----a-w- c:\windows\system32\sltech64.dll
2015-07-30 04:05 . 2015-09-14 07:55 467168 ----a-w- c:\windows\system32\SRAPO64.dll
2015-07-30 04:05 . 2015-09-14 07:55 381416 ----a-w- c:\windows\system32\SRCOM64.dll
2015-07-30 04:05 . 2015-09-14 07:55 341160 ----a-w- c:\windows\SysWow64\SRCOM.dll
2015-07-30 04:05 . 2015-09-14 07:55 341160 ----a-w- c:\windows\system32\SRCOM.dll
2015-07-30 04:05 . 2015-09-14 07:55 209544 ----a-w- c:\windows\system32\SRSHP64.dll
2015-07-30 04:05 . 2015-09-14 07:55 1435152 ----a-w- c:\windows\system32\SRRPTR64.dll
2015-07-30 04:05 . 2015-09-14 07:55 965032 ----a-w- c:\windows\system32\SFSS_APO.dll
2015-07-30 04:05 . 2015-09-14 07:55 961016 ----a-w- c:\windows\system32\sl3apo64.dll
2015-07-30 04:05 . 2015-09-14 07:55 874736 ----a-w- c:\windows\system32\SEHDRA64.dll
2015-07-30 04:05 . 2015-09-14 07:55 83632 ----a-w- c:\windows\SysWow64\SFCOM.dll
2015-07-30 04:05 . 2015-09-14 07:55 231920 ----a-w- c:\windows\system32\SFNHK64.dll
2015-07-30 04:05 . 2015-09-14 07:55 1122648 ----a-w- c:\windows\system32\slcnt64.dll
2015-07-30 04:05 . 2015-09-14 07:55 699072 ----a-w- c:\windows\system32\SECOMN64.dll
2015-07-30 04:05 . 2015-09-14 07:55 569440 ----a-w- c:\windows\SysWow64\SECOMN32.DLL
2015-07-30 04:05 . 2015-09-14 07:55 448592 ----a-w- c:\windows\system32\SEAPO64.dll
2015-07-30 04:05 . 2015-09-14 07:55 3271912 ----a-w- c:\windows\system32\RtkApi64.dll
2015-07-30 04:05 . 2015-09-14 07:55 90920 ----a-w- c:\windows\system32\SFCOM64.dll
2015-07-30 04:05 . 2015-09-14 07:55 88328 ----a-w- c:\windows\system32\SFAPO64.dll
2015-07-30 04:05 . 2015-09-14 07:55 343712 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2015-07-30 04:05 . 2015-09-14 07:55 88352 ----a-w- c:\windows\system32\RTEEG64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 387320 ----a-w- c:\windows\system32\RTEEP64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 195192 ----a-w- c:\windows\system32\RtkCfg64.dll
2015-07-30 04:05 . 2015-09-14 07:55 110992 ----a-w- c:\windows\system32\RTEEL64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 645456 ----a-w- c:\windows\system32\RtDataProc64.dll
2015-07-30 04:05 . 2015-09-14 07:55 214840 ----a-w- c:\windows\system32\RTEED64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 321720 ----a-w- c:\windows\system32\RP3DHT64.dll
2015-07-30 04:05 . 2015-09-14 07:55 321720 ----a-w- c:\windows\system32\RP3DAA64.dll
2015-07-30 04:05 . 2015-09-14 07:55 2984208 ----a-w- c:\windows\system32\RltkAPO64.dll
2015-07-30 04:05 . 2015-09-14 07:55 2630904 ----a-w- c:\windows\SysWow64\RltkAPO.dll
2015-07-30 04:05 . 2015-09-14 07:55 1331336 ----a-w- c:\windows\system32\RTCOM64.dll
2015-07-30 04:05 . 2015-09-14 07:55 84624 ----a-w- c:\windows\system32\R4EEG64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 447728 ----a-w- c:\windows\system32\R4EED64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 151792 ----a-w- c:\windows\system32\R4EEL64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 134208 ----a-w- c:\windows\system32\R4EEA64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 923752 ----a-w- c:\windows\system32\MISS_APO.dll
2015-07-30 04:05 . 2015-09-14 07:55 5777200 ----a-w- c:\windows\system32\NAHIMICV2apo.dll
2015-07-30 04:05 . 2015-09-14 07:55 5289952 ----a-w- c:\windows\system32\NAHIMICAPOlfx.dll
2015-07-30 04:05 . 2015-09-14 07:55 13120760 ----a-w- c:\windows\system32\MaxxVoiceAPO3064.dll
2015-07-30 04:05 . 2015-09-14 07:55 12986528 ----a-w- c:\windows\system32\MaxxVoiceAPO4064.dll
2015-07-30 04:05 . 2015-09-14 07:55 677680 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
2015-07-30 04:05 . 2015-09-14 07:55 998032 ----a-w- c:\windows\system32\MaxxVoiceAPO2064.dll
2015-07-30 04:05 . 2015-09-14 07:55 1334384 ----a-w- c:\windows\system32\MaxxSpeechAPO64.dll
2015-07-30 04:05 . 2015-09-14 07:55 678192 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2015-07-30 04:05 . 2015-09-14 07:55 330568 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2015-07-30 04:05 . 2015-09-14 07:55 2823280 ----a-w- c:\windows\system32\MaxxAudioAPO7064.dll
2015-07-30 04:05 . 2015-09-14 07:55 1395768 ----a-w- c:\windows\system32\MaxxAudioAPO6064.dll
2015-07-30 04:05 . 2015-09-14 07:55 1211840 ----a-w- c:\windows\system32\MaxxAudioAPO5064.dll
2015-07-30 04:05 . 2015-09-14 07:55 1164336 ----a-w- c:\windows\system32\MaxxAudioAPO4064.dll
2015-07-30 04:05 . 2015-09-14 07:55 618192 ----a-w- c:\windows\system32\KAAPORT64.dll
2015-07-30 04:05 . 2015-09-14 07:55 5408752 ----a-w- c:\windows\system32\IntelSSTAPO.dll
2015-07-30 04:05 . 2015-09-14 07:55 340648 ----a-w- c:\windows\system32\ICEsoundAPO64.dll
2015-07-30 04:05 . 2015-09-14 07:55 727440 ----a-w- c:\windows\system32\DTSSymmetryDLL64.dll
2015-07-30 04:05 . 2015-09-14 07:55 708320 ----a-w- c:\windows\system32\DTSVoiceClarityDLL64.dll
2015-07-30 04:05 . 2015-09-14 07:55 514528 ----a-w- c:\windows\system32\DTSU2PLFX64.dll
2015-07-30 04:05 . 2015-09-14 07:55 504312 ----a-w- c:\windows\system32\DTSNeoPCDLL64.dll
2015-07-30 04:05 . 2015-09-14 07:55 500560 ----a-w- c:\windows\system32\DTSU2PGFX64.dll
2015-07-30 04:05 . 2015-09-14 07:55 445408 ----a-w- c:\windows\system32\DTSLimiterDLL64.dll
2015-07-30 04:05 . 2015-09-14 07:55 428232 ----a-w- c:\windows\system32\DTSU2PREC64.dll
2015-07-30 04:05 . 2015-09-14 07:55 3233472 ----a-w- c:\windows\system32\FMAPO64.dll
2015-07-30 04:05 . 2015-09-14 07:55 253904 ----a-w- c:\windows\system32\DTSGFXAPO64.dll
2015-07-30 04:05 . 2015-09-14 07:55 253872 ----a-w- c:\windows\system32\DTSLFXAPO64.dll
2015-07-30 04:05 . 2015-09-14 07:55 252880 ----a-w- c:\windows\system32\DTSGFXAPONS64.dll
2015-07-30 04:05 . 2015-09-14 07:55 1780624 ----a-w- c:\windows\system32\DTSS2SpeakerDLL64.dll
2015-07-30 04:05 . 2015-09-14 07:55 1591064 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL64.dll
2015-07-30 04:05 . 2015-09-14 07:55 743968 ----a-w- c:\windows\system32\DTSBassEnhancementDLL64.dll
2015-07-30 04:05 . 2015-09-14 07:55 441272 ----a-w- c:\windows\system32\DTSGainCompensatorDLL64.dll
2015-07-30 04:05 . 2015-09-14 07:55 2492152 ----a-w- c:\windows\system32\DolbyDAX2APOv211.dll
2015-07-30 04:05 . 2015-09-14 07:55 2423480 ----a-w- c:\windows\system32\DolbyDAX2APOv201.dll
2015-07-30 04:05 . 2015-09-14 07:55 1508936 ----a-w- c:\windows\system32\DTSBoostDLL64.dll
2015-07-30 04:05 . 2015-09-14 07:55 362064 ----a-w- c:\windows\system32\DDPO64AF3.dll
2015-07-30 04:05 . 2015-09-14 07:55 327464 ----a-w- c:\windows\system32\DDPO64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 1965816 ----a-w- c:\windows\system32\DDPD64A.dll
2015-07-30 04:05 . 2015-09-14 07:55 1959608 ----a-w- c:\windows\system32\DDPD64AF3.dll
2015-07-30 04:05 . 2015-09-14 07:55 574760 ----a-w- c:\windows\system32\AERTAC64.dll
2015-07-30 04:05 . 2015-09-14 07:55 310432 ----a-w- c:\windows\system32\DDPA64F3.dll
2015-07-30 04:05 . 2015-09-14 07:55 272720 ----a-w- c:\windows\system32\DDPA64.dll
2015-07-30 04:05 . 2015-09-14 07:55 1601952 ----a-w- c:\windows\system32\CX64APO.dll
2015-07-30 04:05 . 2015-09-14 07:55 118600 ----a-w- c:\windows\system32\AERTAR64.dll
2015-07-30 04:02 . 2015-09-14 07:55 72121872 ----a-w- c:\windows\system32\RCoRes64.dat
2015-07-30 04:02 . 2015-09-14 07:55 2711296 ----a-w- c:\windows\system32\RTSnMg64.cpl
2015-07-30 04:02 . 2015-09-14 07:55 2110600 ----a-w- c:\windows\system32\WavesGUILib64.dll
2015-07-30 04:02 . 2015-09-14 07:55 259288 ----a-w- c:\windows\system32\slprp64.dll
2015-07-30 04:02 . 2015-09-14 07:55 4577024 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2015-07-30 04:02 . 2015-09-14 07:55 2946304 ----a-w- c:\windows\system32\RtPgEx64.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-09-18 09:43 1587272 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-09-18 09:43 1587272 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-09-18 09:43 1587272 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-09-18 09:43 1587272 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-09-18 09:43 1587272 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys;c:\windows\SYSNATIVE\Drivers\cvusbdrv.sys [x]
R3 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 O2FJ2RDR;O2FJ2RDR;c:\windows\system32\drivers\O2FJ2w7x64.sys;c:\windows\SYSNATIVE\drivers\O2FJ2w7x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ST_Accel;STMicroelectronics Accelerometer Service;c:\windows\system32\drivers\ST_Accel.sys;c:\windows\SYSNATIVE\drivers\ST_Accel.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 LVUVC64;Logitech Webcam 300(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8187.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-09-30 20:47 285880 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contents of the 'Scheduled Tasks' folder
.
2015-10-12 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe [2015-10-12 07:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-09-18 09:43 1638992 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-09-18 09:43 1638992 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-09-18 09:43 1638992 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-09-18 09:43 1638992 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-09-18 09:43 1638992 ----a-w- c:\users\User\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-01-30 174480]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-01-30 445328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-07-30 16165632]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-10-16  08:34:32
ComboFix-quarantined-files.txt  2015-10-15 21:34
.
Pre-Run: 167,517,761,536 bytes free
Post-Run: 167,309,508,608 bytes free
.
- - End Of File - - B288AAA4517EAAA0FCD83B5230786D5D
A36C5E4F47E84449FF07ED3517B43A31


#9 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 15 October 2015 - 05:05 PM

ok cant find the attach thingie ?  :( for summary



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,049 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:34 AM

Posted 15 October 2015 - 05:37 PM

Thanks, I have included instructions below for attaching a file. Boot into Safe Mode with Networking and check your computer performance. In addition, try the aswMBR steps in Safe Mode.

===================================================

How to Attach a File to Your Reply

--------------------
  • If necessary click the More Reply Options button in the lower right hand corner of the Reply to this topic section of the Post
  • In the lower left hand corner you should see a Browse button under Attach Files
  • Click the Browse button and a new window will open
  • Navigate to and double click on the file you want to attach
  • Once the file path is entered into the box click Attach This File
  • If successful, you will see the file name appear above Attach Files with a green check mark to the left
  • When you are ready to post your response hit Reply and the file will be automatically attached to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • How does your computer work in Safe Mode?
  • Were you able to download/run aswMBR?
  • Attached System Summary report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 15 October 2015 - 06:31 PM

Ok Summary1  done.... going to safemode now x


Ok Summary1  done.... going to safemode now x

Attached Files



#12 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 15 October 2015 - 06:51 PM

Hey Gary.. ok pc going good in sf doing (quick) scan now

ok will I fix (if any) as well in  aswMBR  or just save?


Edited by WenJac, 15 October 2015 - 06:59 PM.


#13 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 15 October 2015 - 07:08 PM

Ok file added but I didn't fix  let me know:
 
 
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-10-16 10:39:38
-----------------------------
10:39:38.041    OS Version: Windows x64 6.1.7601 Service Pack 1
10:39:38.041    Number of processors: 2 586 0xF06
10:39:38.041    ComputerName: USER-PC  UserName: User
10:39:40.740    Initialize success
10:48:23.642    AVAST engine defs: 15101500
10:51:26.097    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
10:51:26.097    Disk 0 Vendor: ST3320413AS JC45 Size: 305245MB BusType: 3
10:51:26.206    Disk 0 MBR read successfully
10:51:26.222    Disk 0 MBR scan
10:51:26.222    Disk 0 Windows 7 default MBR code
10:51:26.237    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          202 MB offset 2048
10:51:26.237    Disk 0 default boot code
10:51:26.237    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       305041 MB offset 417696
10:51:26.269    Disk 0 scanning C:\Windows\system32\drivers
10:51:34.490    Service scanning
10:51:50.371    Modules scanning
10:51:50.371    Disk 0 trace - called modules:
10:51:50.417    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
10:51:50.417    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800365b060]
10:51:50.433    3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa800365a750]
10:51:50.433    5 iaStorF.sys[fffff880017eaf84] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa800350c060]
10:52:02.320    AVAST engine scan C:\Windows
10:52:04.364    AVAST engine scan C:\Windows\system32
10:54:34.280    AVAST engine scan C:\Windows\system32\drivers
10:54:43.593    AVAST engine scan C:\Users\User
11:03:23.411    AVAST engine scan C:\ProgramData
11:04:08.028    Disk 0 statistics 4193073/0/0 @ 3.82 MB/s
11:04:08.028    Scan finished successfully
11:05:50.846    Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
11:05:50.846    The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"


#14 WenJac

WenJac
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:34 PM

Posted 15 October 2015 - 07:17 PM

Summary added  new after scan done 

running in safemode was good.. np... it asked to fix I didn't as wasn't specified but if you want can do again then postlag is in last post 

Thanks

x

Attached Files


Edited by WenJac, 15 October 2015 - 07:18 PM.


#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,049 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:34 AM

Posted 15 October 2015 - 07:28 PM

When were you asked to fix something? What did it say?

Are you aware of the program NielsenOnline installed on your computer? It is only bad if you are not aware of it.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users