WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

rvzr-a.akamaihd.net [Solved]

Started by Manbearpig79 , Oct 27 2013 01:50 PM

This topic is locked

23 replies to this topic

#1 Manbearpig79

New Member

Authentic Member
12 posts

Posted 27 October 2013 - 01:50 PM

Hi--my computer is infected with the rvzr-a.akamaihd.net virus and I would like help on how to remove it.

I am getting unwanted pop ups and it seems to be getting worse.

Please help!

I will post the extras report once this has been replied to.

OTL logfile created on: 10/27/2013 12:31:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brandon\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.73 Gb Total Physical Memory | 3.52 Gb Available Physical Memory | 45.56% Memory free
15.48 Gb Paging File | 11.81 Gb Available in Paging File | 76.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 883.84 Gb Total Space | 803.77 Gb Free Space | 90.94% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 22.09 Gb Free Space | 88.36% Space Free | Partition Type: NTFS
Drive E: | 2.35 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BILLYBADASS | User Name: Brandon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Brandon\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe ()
PRC - C:\Program Files (x86)\Desk 365\desk365.exe (337 Technology Limited.)
PRC - C:\Program Files (x86)\Desk 365\deskSvc.exe (337 Technology Limited.)
PRC - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Users\Brandon\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
PRC - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (Conduit)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe (LENOVO INCORPORATED.)
PRC - C:\ProgramData\Search Protection\SearchProtection.exe (Lavasoft)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe ()
PRC - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\log4cplusU.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\465c275dbc64704479d17bc1096a711a\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\6f148949888c20d25b9292ea5b80b9cb\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\347c1cd4d2f491bbf28168f51c3e8da1\SMDiagnostics.ni.dll ()
MOD - C:\Program Files (x86)\Desk 365\edeskcmn.dll ()
MOD - C:\Program Files (x86)\Desk 365\libpng.dll ()
MOD - C:\Program Files (x86)\Desk 365\enotify.dll ()
MOD - C:\Program Files (x86)\Desk 365\mbdet.dll ()
MOD - C:\Program Files (x86)\Desk 365\libpopdlg.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e6b0fac086c9f63921dc57ccb85a0ee4\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\af4e47767c78d7335dc160fbe925558c\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\46b4609a23cd36da267dacc7db3be849\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\d5ec652ee752e275276098614a3b07a6\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\5d9c806d510ce30645b2118d96589486\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\a651a53f70ec4356e530497679d60d59\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\b23c1312ec0a64893e596e2fc2aa875b\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\220f99197372e34d3a6ca5005e7ef1f0\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\9ce38091b2e714845369c9bc3b5b5395\mscorlib.ni.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceManagerStarter.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\DeviceProfile.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (LavasoftAdAwareService11) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe ()
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LSCWinService) -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe ()
SRV:64bit: - (Lenovo System Agent Service) -- C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe (LENOVO INCORPORATED.)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel® Corporation)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (ExpressCache) -- C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (Condusiv Technologies)
SRV:64bit: - (NitroDriverReadSpool8) -- C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe (Nitro PDF Software)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel® Corporation)
SRV - (vToolbarUpdater17.0.12) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe (AVG Secure Search)
SRV - (desksvc) -- C:\Program Files (x86)\Desk 365\deskSvc.exe (337 Technology Limited.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (CltMngSvc) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (Conduit)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (LcUvcUpper) -- C:\Windows\SysNative\drivers\LcUvcUpper.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\drivers\NETwew00.sys (Intel Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (gzflt) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys (BitDefender LLC)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (excsd) -- C:\Windows\SysNative\drivers\excsd.sys (Condusiv Technologies)
DRV:64bit: - (excfs) -- C:\Windows\SysNative\drivers\excfs.sys (Condusiv Technologies)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Motorola Solutions, Inc.)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys ("CyberLink)
DRV - (X5XSEx_Pr148) -- C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.sys (Exent Technologies Ltd.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {98D17D5A-7B9D-4103-B66C-CEFDE6EBEC3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{98D17D5A-7B9D-4103-B66C-CEFDE6EBEC3A}: "URL" = http://www.bing.com/...}...R&pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {56066EC6-3189-4819-B959-1CA8E403FD17}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{98D17D5A-7B9D-4103-B66C-CEFDE6EBEC3A}: "URL" = http://www.bing.com/...}...R&pc=MALNJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://t.lenovo13.us.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {98D17D5A-7B9D-4103-B66C-CEFDE6EBEC3A}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....mp;d=2013-10-24 15:22:07&v=17.0.0.12&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentControl,version=7.1.0.1: C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: C:\Users\Brandon\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013/10/17 17:28:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\zulagames@ZulaGames.com: C:\Users\Brandon\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com [2013/10/17 17:48:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.0.1.12 [2013/10/25 16:22:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: C:\Users\Brandon\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013/10/17 17:28:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\zulagames@ZulaGames.com: C:\Users\Brandon\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com [2013/10/17 17:48:46 | 000,000,000 | ---D | M]

[2013/10/17 17:48:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandon\AppData\Roaming\mozilla\Extensions
[2013/10/17 17:28:34 | 000,000,000 | ---D | M] (Speed Analysis 3) -- C:\Users\Brandon\AppData\Roaming\mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
[2013/10/17 17:48:46 | 000,000,000 | ---D | M] (Zula Games) -- C:\Users\Brandon\AppData\Roaming\mozilla\Extensions\zulagames@ZulaGames.com

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://mysearch.avg....mp;d=2013-10-24 15:22:07&v=17.0.0.12&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://toolbar.avg.c...earchTerms}&o=1,
CHR - homepage: http://mysearch.avg....mp;d=2013-10-24 15:22:07&v=17.0.0.12&pid=safeguard&sg=0&sap=hp
CHR - Extension: New Tab Page = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\
CHR - Extension: Plus-HD-1.3 = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.84_0\crossrider
CHR - Extension: Plus-HD-1.3 = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.84_0\
CHR - Extension: AVG SafeGuard = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.0.1.12_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\
CHR - Extension: Lavasoft NewTab = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_0\

O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Plus-HD-1.3) - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll (Plus HD)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Speed Analysis 3) - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost64.dll (SpeedAnalysis.com)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Plus-HD-1.3) - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho.dll (Plus HD)
O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Speed Analysis 3) - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost.dll (SpeedAnalysis.com)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtsFT] C:\WINDOWS\RTFTrack.exe (Realtek semiconductor)
O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
O4:64bit: - HKLM..\Run: [UMonit64] C:\Windows\SysWOW64\UMonit64.exe ()
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (Lavasoft)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Desk 365] C:\Program Files (x86)\Desk 365\desk365.exe (337 Technology Limited.)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Brandon\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [SkyDrive] C:\Users\Brandon\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} (ExentInf1 Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{333C6BD3-1AB1-4494-99E0-2EC18897B876}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6720DCF-6764-4C09-815E-ED56F20DED90}: DhcpNameServer = 150.201.1.2
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/13 09:17:36 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/10/27 12:11:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/24 15:24:38 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\SuperAdBlocker.com
[2013/10/24 15:24:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\URTTemp
[2013/10/24 15:24:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SuperAdBlocker.com
[2013/10/24 15:22:18 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\AVG SafeGuard toolbar
[2013/10/24 15:22:07 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2013/10/24 15:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013/10/24 15:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/10/24 15:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/10/24 15:21:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/10/23 12:50:22 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Lavasoft
[2013/10/23 12:46:22 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\LavasoftStatistics
[2013/10/23 12:41:22 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2013/10/23 12:36:05 | 002,084,072 | ---- | C] (Bitdefender) -- C:\WINDOWS\SysNative\bdnc.dll
[2013/10/23 12:36:04 | 001,061,776 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\SysNative\bdsmtpp.dll
[2013/10/23 12:36:04 | 000,209,984 | ---- | C] (BitDefender) -- C:\WINDOWS\SysNative\BdFirewallSDK.dll
[2013/10/23 12:36:04 | 000,195,016 | ---- | C] (BitDefender) -- C:\WINDOWS\SysNative\httproxy.dll
[2013/10/23 12:36:04 | 000,155,912 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\SysNative\bdpop3p.dll
[2013/10/23 12:36:04 | 000,122,928 | ---- | C] (BitDefender) -- C:\WINDOWS\SysNative\OEMbdpredir.dll
[2013/10/23 12:36:04 | 000,096,160 | ---- | C] (BitDefender) -- C:\WINDOWS\SysNative\bdpredir.dll
[2013/10/23 12:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/10/23 12:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2013/10/23 12:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2013/10/23 12:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013/10/23 12:34:29 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\adawarebp
[2013/10/23 12:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/10/23 12:34:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013/10/23 12:34:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2013/10/23 12:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2013/10/23 12:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/10/20 09:52:48 | 004,953,944 | ---- | C] (FLVMPlayer ) -- C:\Users\Brandon\Desktop\FLVMPlayer.exe
[2013/10/17 17:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\337
[2013/10/17 17:54:25 | 000,000,000 | ---D | C] -- C:\ProgramData\eSafe
[2013/10/17 17:54:12 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Desk 365
[2013/10/17 17:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
[2013/10/17 17:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desk 365
[2013/10/17 17:54:08 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Documents\Optimizer Pro
[2013/10/17 17:53:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-1.3
[2013/10/17 17:48:43 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\zulagames
[2013/10/17 17:30:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/10/17 17:29:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/10/17 17:29:27 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\Conduit
[2013/10/17 17:29:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013/10/17 17:29:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013/10/17 17:28:43 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\SearchProtect
[2013/10/17 17:28:38 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\CRE
[2013/10/17 17:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/10/17 17:28:34 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\SpeedAnalysis3
[2013/10/17 17:28:34 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Mozilla
[2013/10/17 17:28:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Speed Analysis 3
[2013/10/17 17:28:08 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\PerformerSoft
[2013/10/17 17:28:07 | 000,019,456 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\SysNative\roboot64.exe
[2013/10/17 17:28:05 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\Programs
[2013/10/17 17:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2013/10/17 17:27:17 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\File Scout
[2013/10/17 11:48:29 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/10/17 11:48:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2013/10/17 11:47:26 | 002,144,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/10/17 11:47:26 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/10/17 11:47:26 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/10/17 11:47:26 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/10/17 11:47:26 | 001,286,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/10/17 11:47:26 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/10/17 11:47:26 | 000,977,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/10/17 11:47:26 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/10/17 11:47:26 | 000,837,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/10/17 11:47:26 | 000,698,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/10/17 11:47:26 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/10/17 11:47:26 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/10/17 11:47:26 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/10/17 11:47:26 | 000,294,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/10/17 11:47:26 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/10/17 11:47:26 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/10/17 11:47:26 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/10/17 11:44:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/10/17 11:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/10/17 11:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/10/17 11:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/10/17 11:43:41 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2013/10/17 11:43:41 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/17 11:43:41 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2013/10/17 11:43:39 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2013/10/17 11:43:38 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2013/10/17 11:43:38 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/17 10:56:00 | 000,000,000 | --SD | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft
[2013/10/17 10:56:00 | 000,000,000 | R--D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/10/17 10:56:00 | 000,000,000 | R--D | C] -- C:\Users\Brandon\Favorites
[2013/10/17 10:56:00 | 000,000,000 | R--D | C] -- C:\Users\Brandon\Documents
[2013/10/17 10:56:00 | 000,000,000 | R--D | C] -- C:\Users\Brandon\Desktop
[2013/10/17 10:56:00 | 000,000,000 | R--D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/10/17 10:56:00 | 000,000,000 | R--D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\AppData\Local\Temporary Internet Files
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\Templates
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\Start Menu
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\SendTo
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\Recent
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\PrintHood
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\NetHood
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\Documents\My Videos
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\Documents\My Pictures
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\Documents\My Music
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\My Documents
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\Local Settings
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\AppData\Local\History
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\Cookies
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\Application Data
[2013/10/17 10:56:00 | 000,000,000 | -HSD | C] -- C:\Users\Brandon\AppData\Local\Application Data
[2013/10/17 10:56:00 | 000,000,000 | -H-D | C] -- C:\Users\Brandon\AppData
[2013/10/17 10:56:00 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\Temp
[2013/10/17 10:56:00 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\Microsoft
[2013/10/17 10:56:00 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/10/17 10:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam
[2013/10/17 10:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2013/10/17 10:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/10/17 10:51:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2013/10/17 10:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/10/17 10:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/10/17 10:51:25 | 000,064,000 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2013/10/17 10:51:25 | 000,060,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2013/10/17 10:51:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2013/10/17 10:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/10/17 10:50:24 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/10/17 10:50:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/10/17 10:49:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/10/14 16:32:12 | 000,251,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vccorlib110.dll
[2013/10/14 16:32:10 | 000,862,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr110.dll
[2013/10/14 16:32:10 | 000,534,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp110.dll
[2013/10/14 16:32:08 | 000,828,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr110.dll
[2013/10/14 16:32:08 | 000,674,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LCCoin425.dll
[2013/10/14 16:32:08 | 000,661,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp110.dll
[2013/10/14 16:32:08 | 000,354,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vccorlib110.dll
[2013/10/14 16:32:08 | 000,034,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\LcUvcUpper.sys
[2013/10/12 17:20:04 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\facebook helicopter
[2013/10/12 17:00:42 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\helicopter
[2013/10/10 13:04:44 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\ebay
[2013/10/09 10:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/10/09 10:45:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/10/09 10:45:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/10/03 23:43:10 | 004,067,328 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\MetroIntelGenericUIFramework.dll
[2013/10/03 23:43:06 | 000,750,752 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiWinNextAgent64.dll
[2013/10/03 23:43:06 | 000,064,000 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\Intel_OpenCL_ICD64.dll
[2013/10/03 23:43:06 | 000,060,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\Intel_OpenCL_ICD32.dll
[2013/10/03 23:43:04 | 002,474,832 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiVAD64.exe
[2013/10/03 23:43:04 | 001,423,520 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiSecureSourceFilter64.dll
[2013/10/03 23:43:04 | 000,598,688 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiMux64.dll
[2013/10/03 23:43:04 | 000,344,736 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiSilenceFilter64.dll
[2013/10/03 23:43:04 | 000,209,056 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiUtils64.dll
[2013/10/03 23:43:04 | 000,176,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiDDEAgent64.dll
[2013/10/03 23:43:04 | 000,121,504 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiMCUMD64.dll
[2013/10/03 23:43:04 | 000,094,368 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiLogServer64.dll
[2013/10/03 23:43:02 | 004,010,144 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiAAC64.dll
[2013/10/03 23:43:02 | 000,632,480 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiAudioFilter64.dll
[2013/10/03 23:43:02 | 000,304,640 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelOpenCL64.dll
[2013/10/03 23:43:02 | 000,279,000 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
[2013/10/03 23:43:02 | 000,253,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\IntelOpenCL32.dll
[2013/10/03 23:43:02 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxCoIn_v3316.dll
[2013/10/03 23:43:00 | 001,127,424 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\iglhsip64.dll
[2013/10/03 23:43:00 | 001,123,328 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\iglhsip32.dll
[2013/10/03 23:43:00 | 000,844,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxsrvc.exe
[2013/10/03 23:43:00 | 000,391,128 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxtray.exe
[2013/10/03 23:43:00 | 000,345,600 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxTMM.dll
[2013/10/03 23:43:00 | 000,214,528 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\iglhcp64.dll
[2013/10/03 23:43:00 | 000,179,712 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\iglhcp32.dll
[2013/10/03 23:43:00 | 000,066,560 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxsrvc.dll
[2013/10/03 23:42:58 | 000,526,848 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrplk.lrc
[2013/10/03 23:42:58 | 000,526,336 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrrus.lrc
[2013/10/03 23:42:58 | 000,525,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrsky.lrc
[2013/10/03 23:42:58 | 000,525,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrrom.lrc
[2013/10/03 23:42:58 | 000,525,312 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrptg.lrc
[2013/10/03 23:42:58 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrsve.lrc
[2013/10/03 23:42:58 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrslv.lrc
[2013/10/03 23:42:58 | 000,524,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrtrk.lrc
[2013/10/03 23:42:58 | 000,524,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrptb.lrc
[2013/10/03 23:42:58 | 000,523,776 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrtha.lrc
[2013/10/03 23:42:58 | 000,523,776 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrnor.lrc
[2013/10/03 23:42:56 | 009,081,856 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxress.dll
[2013/10/03 23:42:56 | 000,526,848 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrfra.lrc
[2013/10/03 23:42:56 | 000,526,336 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrnld.lrc
[2013/10/03 23:42:56 | 000,525,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrita.lrc
[2013/10/03 23:42:56 | 000,525,312 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrhun.lrc
[2013/10/03 23:42:56 | 000,525,312 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrhrv.lrc
[2013/10/03 23:42:56 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrfin.lrc
[2013/10/03 23:42:56 | 000,522,240 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrheb.lrc
[2013/10/03 23:42:56 | 000,517,120 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrjpn.lrc
[2013/10/03 23:42:56 | 000,516,096 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrkor.lrc
[2013/10/03 23:42:54 | 000,769,496 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxpers.exe
[2013/10/03 23:42:54 | 000,548,864 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxpph.dll
[2013/10/03 23:42:54 | 000,527,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrell.lrc
[2013/10/03 23:42:54 | 000,526,848 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxresn.lrc
[2013/10/03 23:42:54 | 000,526,336 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrdeu.lrc
[2013/10/03 23:42:54 | 000,525,312 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrcsy.lrc
[2013/10/03 23:42:54 | 000,523,776 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrdan.lrc
[2013/10/03 23:42:54 | 000,521,728 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrara.lrc
[2013/10/03 23:42:54 | 000,513,536 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrcht.lrc
[2013/10/03 23:42:54 | 000,513,024 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrchs.lrc
[2013/10/03 23:42:54 | 000,371,200 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrenu.lrc
[2013/10/03 23:42:52 | 000,623,616 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxdev.dll
[2013/10/03 23:42:52 | 000,492,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfxdv32.dll
[2013/10/03 23:42:52 | 000,393,688 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxext.exe
[2013/10/03 23:42:52 | 000,279,040 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxcpl.cpl
[2013/10/03 23:42:52 | 000,243,712 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxdo.dll
[2013/10/03 23:42:52 | 000,029,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxexps.dll
[2013/10/03 23:42:52 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfxexps32.dll
[2013/10/03 23:42:50 | 004,434,432 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igdusc64.dll
[2013/10/03 23:42:50 | 003,524,608 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdusc32.dll
[2013/10/03 23:42:50 | 002,064,896 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxcmjit64.dll
[2013/10/03 23:42:50 | 001,814,016 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfxcmjit32.dll
[2013/10/03 23:42:50 | 000,158,720 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxcmrt64.dll
[2013/10/03 23:42:50 | 000,149,504 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igfx11cmrt64.dll
[2013/10/03 23:42:50 | 000,133,120 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfxcmrt32.dll
[2013/10/03 23:42:50 | 000,128,000 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfx11cmrt32.dll
[2013/10/03 23:42:48 | 012,130,304 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igdumdim64.dll
[2013/10/03 23:42:46 | 011,417,600 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdumdim32.dll
[2013/10/03 23:42:46 | 003,292,672 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igdrcl64.dll
[2013/10/03 23:42:46 | 002,974,208 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdrcl32.dll
[2013/10/03 23:42:44 | 004,185,600 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys
[2013/10/03 23:42:42 | 025,986,048 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igdfcl64.dll
[2013/10/03 23:42:40 | 020,946,944 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdfcl32.dll
[2013/10/03 23:42:40 | 000,329,216 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igdbcl64.dll
[2013/10/03 23:42:38 | 013,871,616 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\igd10iumd64.dll
[2013/10/03 23:42:38 | 000,290,816 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdbcl32.dll
[2013/10/03 23:42:36 | 013,272,576 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\igd10iumd32.dll
[2013/10/03 23:42:32 | 007,850,496 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\ig75icd64.dll
[2013/10/03 23:42:30 | 006,225,408 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\ig75icd32.dll
[2013/10/03 23:42:30 | 000,771,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\hkcmd.exe
[2013/10/03 23:42:30 | 000,754,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\GfxUIHotKeyMenu.exe
[2013/10/03 23:42:30 | 000,223,744 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\hccutils.dll
[2013/10/03 23:42:28 | 007,587,800 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\GfxUIEx.exe
[2013/10/03 23:42:28 | 000,194,048 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\gfxSrvc.dll
[2013/10/03 23:42:26 | 000,530,392 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\DPTopologyApp.exe
[2013/10/03 23:42:24 | 000,396,248 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\CustomModeApp.exe
[2013/10/03 23:42:24 | 000,153,048 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\difx64.exe
[2013/09/30 09:16:41 | 000,027,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iwdbus.sys
[2013/09/30 09:16:40 | 000,039,320 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\intelaud.sys
[2013/09/29 21:07:35 | 001,641,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2013/09/29 21:07:35 | 001,506,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2013/09/29 21:07:35 | 001,476,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2013/09/29 21:07:35 | 001,344,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2013/09/29 21:06:41 | 004,079,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2013/09/29 21:06:41 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2013/09/29 21:06:41 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmIndexer.dll
[2013/09/29 21:06:41 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2013/09/29 21:06:41 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2013/09/29 21:06:41 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2013/09/29 21:06:41 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2013/09/29 21:06:41 | 000,515,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmIndexer.dll
[2013/09/29 21:06:41 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2013/09/29 21:03:40 | 002,800,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2013/09/29 21:03:40 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.dll
[2013/09/29 21:03:40 | 000,970,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebcamUi.dll
[2013/09/29 21:03:40 | 000,813,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WebcamUi.dll
[2013/09/29 21:03:40 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2013/09/29 21:03:40 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2013/09/29 21:03:40 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdprint.dll
[2013/09/29 21:03:40 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WorkFoldersRes.dll
[2013/09/29 21:03:40 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersRes.dll
[2013/09/29 21:03:39 | 002,142,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2013/09/29 21:03:39 | 002,131,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2013/09/29 21:03:39 | 001,231,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2013/09/29 21:03:39 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2013/09/29 21:03:39 | 000,934,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2013/09/29 21:03:39 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2013/09/29 21:03:39 | 000,872,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/09/29 21:03:39 | 000,803,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2013/09/29 21:03:39 | 000,796,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2013/09/29 21:03:39 | 000,783,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2013/09/29 21:03:39 | 000,698,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/09/29 21:03:39 | 000,648,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2013/09/29 21:03:39 | 000,482,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2013/09/29 21:03:39 | 000,382,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2013/09/29 21:03:39 | 000,366,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2013/09/29 21:03:39 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2013/09/29 21:03:39 | 000,312,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2013/09/29 21:03:39 | 000,233,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2013/09/29 21:03:39 | 000,205,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2013/09/29 21:03:39 | 000,180,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2013/09/29 21:03:39 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsClassExtension.dll
[2013/09/29 21:03:38 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013/09/29 21:03:38 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2013/09/29 21:03:37 | 011,670,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013/09/29 21:03:37 | 008,875,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2013/09/29 21:03:37 | 008,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2013/09/29 21:03:37 | 004,975,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2013/09/29 21:03:37 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013/09/29 21:03:37 | 002,065,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2013/09/29 21:03:37 | 001,581,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2013/09/29 21:03:37 | 001,455,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2013/09/29 21:03:37 | 001,370,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2013/09/29 21:03:37 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2013/09/29 21:03:37 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2013/09/29 21:03:37 | 000,802,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2013/09/29 21:03:37 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2013/09/29 21:03:37 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2013/09/29 21:03:37 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2013/09/29 21:03:37 | 000,552,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2013/09/29 21:03:37 | 000,528,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2013/09/29 21:03:37 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2013/09/29 21:03:37 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceCenter.dll
[2013/09/29 21:03:37 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2013/09/29 21:03:37 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013/09/29 21:03:37 | 000,393,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sysmon.ocx
[2013/09/29 21:03:37 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2013/09/29 21:03:37 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2013/09/29 21:03:37 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcbuilder.exe
[2013/09/29 21:03:37 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2013/09/29 21:03:37 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2013/09/29 21:03:37 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CryptoWinRT.dll
[2013/09/29 21:03:37 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFolders.exe
[2013/09/29 21:03:37 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2013/09/29 21:03:37 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersGPExt.dll
[2013/09/29 21:03:37 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.dll
[2013/09/29 21:03:37 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2013/09/29 21:03:36 | 018,576,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013/09/29 21:03:36 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2013/09/29 21:03:36 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2013/09/29 21:03:36 | 000,358,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2013/09/29 21:03:36 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2013/09/29 21:03:36 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\miutils.dll
[2013/09/29 21:03:36 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2013/09/29 21:03:36 | 000,123,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2013/09/29 21:03:29 | 012,028,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2013/09/29 21:03:29 | 006,639,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2013/09/29 21:03:29 | 002,328,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2013/09/29 21:03:29 | 001,225,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2013/09/29 21:03:29 | 001,147,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2013/09/29 21:03:29 | 000,738,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfuimanager.dll
[2013/09/29 21:03:29 | 000,707,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2013/09/29 21:03:29 | 000,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10level9.dll
[2013/09/29 21:03:29 | 000,638,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\riched20.dll
[2013/09/29 21:03:29 | 000,534,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2013/09/29 21:03:29 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2013/09/29 21:03:29 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCenter.dll
[2013/09/29 21:03:29 | 000,458,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2013/09/29 21:03:29 | 000,407,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2013/09/29 21:03:29 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2013/09/29 21:03:29 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2013/09/29 21:03:29 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2013/09/29 21:03:29 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdsdwmdr.dll
[2013/09/29 21:03:28 | 013,172,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013/09/29 21:03:28 | 011,366,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2013/09/29 21:03:28 | 007,544,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2013/09/29 21:03:28 | 002,616,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013/09/29 21:03:28 | 002,569,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2013/09/29 21:03:28 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2013/09/29 21:03:28 | 001,662,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2013/09/29 21:03:28 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2013/09/29 21:03:28 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.dll
[2013/09/29 21:03:28 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2013/09/29 21:03:28 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2013/09/29 21:03:28 | 001,084,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2013/09/29 21:03:28 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2013/09/29 21:03:28 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2013/09/29 21:03:28 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013/09/29 21:03:28 | 000,570,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2013/09/29 21:03:28 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tpmvsc.dll
[2013/09/29 21:03:28 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2013/09/29 21:03:28 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2013/09/29 21:03:28 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2013/09/29 21:03:28 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2013/09/29 21:03:28 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdprint.dll
[2013/09/29 21:03:28 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TetheringMgr.dll
[2013/09/29 21:03:28 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2013/09/29 21:03:28 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2013/09/29 21:03:28 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2013/09/29 21:03:28 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2013/09/29 21:03:28 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2013/09/29 21:03:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Utilman.exe
[2013/09/29 21:03:28 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2013/09/29 21:03:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2013/09/29 21:03:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2013/09/29 21:03:28 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013/09/29 21:03:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2013/09/29 21:03:27 | 001,534,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2013/09/29 21:03:27 | 001,302,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013/09/29 21:03:27 | 001,286,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013/09/29 21:03:27 | 001,150,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2013/09/29 21:03:27 | 000,911,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2013/09/29 21:03:27 | 000,638,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2013/09/29 21:03:27 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\recimg.exe
[2013/09/29 21:03:27 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
[2013/09/29 21:03:27 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll
[2013/09/29 21:03:27 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysmon.ocx
[2013/09/29 21:03:27 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Usb.dll
[2013/09/29 21:03:27 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2013/09/29 21:03:27 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2013/09/29 21:03:27 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcbuilder.exe
[2013/09/29 21:03:27 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2013/09/29 21:03:27 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2013/09/29 21:03:27 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2013/09/29 21:03:27 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2013/09/29 21:03:27 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2013/09/29 21:03:27 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\miutils.dll
[2013/09/29 21:03:27 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2013/09/29 21:03:27 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2013/09/29 21:03:27 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DscCore.dll
[2013/09/29 21:03:27 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DscCoreConfProv.dll
[2013/09/29 21:03:27 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2013/09/29 21:03:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthRadioMedia.dll
[2013/09/29 21:03:27 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.dll
[2013/09/29 21:03:26 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013/09/29 21:03:26 | 007,401,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013/09/29 21:03:26 | 005,769,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2013/09/29 21:03:26 | 001,928,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2013/09/29 21:03:26 | 001,741,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2013/09/29 21:03:26 | 001,415,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2013/09/29 21:03:26 | 001,344,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dui70.dll
[2013/09/29 21:03:26 | 000,996,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2013/09/29 21:03:26 | 000,919,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2013/09/29 21:03:26 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfuimanager.dll
[2013/09/29 21:03:26 | 000,528,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2013/09/29 21:03:26 | 000,427,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2013/09/29 21:03:26 | 000,419,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2013/09/29 21:03:26 | 000,408,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2013/09/29 21:03:26 | 000,368,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2013/09/29 21:03:26 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GeofenceMonitorService.dll
[2013/09/29 21:03:26 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Usb.dll
[2013/09/29 21:03:26 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2013/09/29 21:03:26 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2013/09/29 21:03:26 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2013/09/29 21:03:26 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2013/09/29 21:03:26 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Utilman.exe
[2013/09/29 21:03:26 | 000,066,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PSHED.DLL
[2013/09/29 21:03:25 | 001,720,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2013/09/29 21:03:25 | 001,109,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2013/09/29 21:03:25 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2013/09/29 21:03:25 | 000,371,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013/09/29 21:03:25 | 000,236,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2013/09/29 21:03:25 | 000,175,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys
[2013/09/29 21:03:25 | 000,171,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2013/09/29 21:03:25 | 000,151,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2013/09/29 21:03:25 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2013/09/29 21:03:25 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2013/09/29 21:03:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2013/09/29 21:01:03 | 002,407,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2013/09/29 20:51:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Journal
[2013/09/29 20:51:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\SKB
[2013/09/29 20:51:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2013/09/29 20:51:15 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/09/29 20:51:12 | 002,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsCpl.dll
[2013/09/29 20:51:12 | 000,788,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mblctr.exe
[2013/09/29 20:51:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RotMgr.dll
[2013/09/29 20:51:11 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hwrreg.exe
[2013/09/29 20:51:11 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hwrcomp.exe
[2013/09/29 20:51:10 | 002,119,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsCpl.dll
[2013/09/29 20:51:10 | 000,267,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpendp.dll
[2013/09/29 20:51:09 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msTextPrediction.dll
[2013/09/29 20:51:09 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2013/09/29 20:51:08 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2013/09/29 20:51:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jnwmon.dll
[2013/09/29 20:51:07 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2013/09/29 20:51:07 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpinput.exe
[2013/09/29 20:51:07 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorPerformanceEvents.dll
[2013/09/29 20:51:06 | 003,396,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2013/09/29 20:51:06 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StikyNot.exe
[2013/09/29 20:51:06 | 000,291,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpendp.dll
[2013/09/29 20:51:06 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SNTSearch.dll
[2013/09/29 20:51:06 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2013/09/29 20:51:06 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfdts.dll
[2013/09/29 20:51:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2013/09/29 20:51:06 | 000,027,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2013/09/29 20:51:04 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SnippingTool.exe
[2013/09/29 20:51:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2013/09/29 20:51:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DFDWiz.exe
[2013/09/29 20:51:04 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetppui.dll
[2013/09/29 20:51:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnpinst.exe
[2013/09/29 20:51:01 | 000,037,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\terminpt.sys
[2013/09/29 20:48:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\winrm
[2013/09/29 20:48:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\WCN
[2013/09/29 20:48:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\drivers\UMDF
[2013/09/29 20:48:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sysprep
[2013/09/29 20:48:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\slmgr
[2013/09/29 20:48:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Printing_Admin_Scripts
[2013/09/29 20:48:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\drivers\en-US
[2013/09/29 20:48:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\en
[2013/09/29 20:48:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\0409
[2013/09/29 20:48:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\winrm
[2013/09/29 20:48:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\slmgr
[2013/09/29 20:48:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\en-US
[2013/09/29 20:48:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\en
[2013/09/29 20:48:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\0409
[2013/09/29 20:48:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\WCN
[2013/09/29 20:48:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Printing_Admin_Scripts
[2013/09/29 20:48:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\srv.sys.mui
[2013/09/29 20:48:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbrpm.sys.mui
[2013/09/29 20:48:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\fvevol.sys.mui
[2013/09/29 20:48:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\WpdUpFltr.sys.mui
[2013/09/29 20:48:05 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\RNDISMP.sys.mui
[2013/09/29 20:48:04 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pacer.sys.mui
[2013/09/29 20:48:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\nwifi.sys.mui
[2013/09/29 20:48:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mslldp.sys.mui
[2013/09/29 20:48:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\tunnel.sys.mui
[2013/09/29 20:48:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ipnat.sys.mui
[2013/09/29 20:48:04 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\modem.sys.mui
[2013/09/29 20:48:04 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\qwavedrv.sys.mui
[2013/09/29 20:48:04 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\NdisVirtualBus.sys.mui
[2013/09/29 20:48:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ws2ifsl.sys.mui
[2013/09/29 20:48:02 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\srv2.sys.mui
[2013/09/29 20:48:02 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mrxsmb.sys.mui
[2013/09/29 20:48:02 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\http.sys.mui
[2013/09/29 20:48:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\refs.sys.mui
[2013/09/29 20:48:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\rdbss.sys.mui
[2013/09/29 20:48:02 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ndisuio.sys.mui
[2013/09/29 20:48:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\volmgrx.sys.mui
[2013/09/29 20:48:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\scfilter.sys.mui
[2013/09/29 20:48:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mshidumdf.sys.mui
[2013/09/29 20:48:00 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sercx2.sys.mui
[2013/09/29 20:48:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\spbcx.sys.mui
[2013/09/29 20:48:00 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sercx.sys.mui
[2013/09/29 20:48:00 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\scsiport.sys.mui
[2013/09/29 20:48:00 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wudfpf.sys.mui
[2013/09/29 20:48:00 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mshidkmdf.sys.mui
[2013/09/29 20:48:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ks.sys.mui
[2013/09/29 20:47:58 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\luafv.sys.mui
[2013/09/29 20:47:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
[2013/09/29 20:47:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\NdisImPlatform.sys.mui
[2013/09/29 20:47:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
[2013/09/29 20:47:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ndiscap.sys.mui
[2013/09/29 20:47:55 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
[2013/09/29 20:47:55 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wfplwfs.sys.mui
[2013/09/29 20:47:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
[2013/09/29 20:47:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\fwpkclnt.sys.mui
[2013/09/29 20:47:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wmbclass.sys.mui
[2013/09/29 20:47:49 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthpan.sys.mui
[2013/09/29 20:47:49 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\tsusbflt.sys.mui
[2013/09/29 20:47:49 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\rndismpx.sys.mui
[2013/09/29 20:47:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\serscan.sys.mui
[2013/09/29 20:47:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\rdpdr.sys.mui
[2013/09/29 20:47:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\vwifibus.sys.mui
[2013/09/29 20:47:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthport.sys.mui
[2013/09/29 20:47:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthLEEnum.sys.mui
[2013/09/29 20:47:48 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\EhStorTcgDrv.sys.mui
[2013/09/29 20:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sdbus.sys.mui
[2013/09/29 20:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\dumpsd.sys.mui
[2013/09/29 20:47:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\portcls.sys.mui
[2013/09/29 20:47:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pcmcia.sys.mui
[2013/09/29 20:47:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hdaudbus.sys.mui
[2013/09/29 20:47:48 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hidi2c.sys.mui
[2013/09/29 20:47:48 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthA2DP.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sdstor.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\rndismp6.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hidbth.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\HdAudio.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthMini.SYS.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthhfenum.sys.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbvideo.sys.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\USBAUDIO.sys.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pnpmem.sys.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BTHUSB.SYS.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthAvrcpTg.sys.mui
[2013/09/29 20:47:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthhfHid.sys.mui
[2013/09/29 20:47:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthenum.sys.mui
[2013/09/29 20:47:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbport.sys.mui
[2013/09/29 20:47:47 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\volsnap.sys.mui
[2013/09/29 20:47:47 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\USBHUB3.SYS.mui
[2013/09/29 20:47:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\USBXHCI.SYS.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbhub.sys.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\processr.sys.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\intelppm.sys.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\amdppm.sys.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\amdk8.sys.mui
[2013/09/29 20:47:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\spaceport.sys.mui
[2013/09/29 20:47:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\vhdmp.sys.mui
[2013/09/29 20:47:47 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\UCX01000.SYS.mui
[2013/09/29 20:47:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\i8042prt.sys.mui
[2013/09/29 20:47:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\acpi.sys.mui
[2013/09/29 20:47:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pci.sys.mui
[2013/09/29 20:47:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ataport.sys.mui
[2013/09/29 20:47:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\disk.sys.mui
[2013/09/29 20:47:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\vdrvroot.sys.mui
[2013/09/29 20:47:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sermouse.sys.mui
[2013/09/29 20:47:47 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\kbdclass.sys.mui
[2013/09/29 20:47:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wacompen.sys.mui
[2013/09/29 20:47:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mouclass.sys.mui
[2013/09/29 20:47:47 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\isapnp.sys.mui
[2013/09/29 20:47:47 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbehci.sys.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ULIAGPKX.SYS.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\UAGP35.SYS.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\NV_AGP.SYS.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mouhid.sys.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\kbdhid.sys.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\GAGP30KX.SYS.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\cdrom.sys.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\AGP440.sys.mui
[2013/09/29 20:47:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pdc.sys.mui
[2013/09/29 20:47:46 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\tcpip.sys.mui
[2013/09/29 20:47:46 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ntfs.sys.mui
[2013/09/29 20:47:46 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ndis.sys.mui
[2013/09/29 20:47:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\afd.sys.mui
[2013/09/29 20:47:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\1394ohci.sys.mui
[2013/09/29 20:47:46 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\serial.sys.mui
[2013/09/29 20:47:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\tpm.sys.mui
[2013/09/29 20:47:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\battc.sys.mui
[2013/09/29 20:47:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\IPMIDrv.sys.mui
[2013/09/29 20:47:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hidclass.sys.mui
[2013/09/29 20:47:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\fltmgr.sys.mui
[2013/09/29 20:47:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\parport.sys.mui
[2013/09/29 20:47:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\umbus.sys.mui
[2013/09/29 20:47:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mssmbios.sys.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wdf01000.sys.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\USBSTOR.SYS.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\partmgr.sys.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\MTConfig.sys.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mountmgr.sys.mui

========== Files - Modified Within 30 Days ==========

[2013/10/27 12:34:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/27 11:53:01 | 000,001,934 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-1.3-chromeinstaller.job
[2013/10/27 11:53:00 | 000,001,324 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-1.3-updater.job
[2013/10/27 11:53:00 | 000,001,226 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-1.3-codedownloader.job
[2013/10/27 11:53:00 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-1.3-enabler.job
[2013/10/27 11:10:29 | 000,000,369 | ---- | M] () -- C:\Users\Brandon\AppData\Local\RegisteredPackageInformation.xml
[2013/10/27 11:10:26 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/26 11:50:42 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync
[2013/10/26 08:47:11 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/25 23:55:01 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/10/25 23:55:01 | 000,732,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/10/25 23:55:01 | 000,136,262 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/10/24 15:22:01 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2013/10/23 12:46:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/10/23 12:46:55 | 2342,322,175 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/20 09:54:20 | 000,000,000 | ---- | M] () -- C:\END
[2013/10/20 09:52:56 | 004,953,944 | ---- | M] (FLVMPlayer ) -- C:\Users\Brandon\Desktop\FLVMPlayer.exe
[2013/10/19 19:58:46 | 000,132,340 | ---- | M] () -- C:\Users\Brandon\Desktop\LifePlan.zip
[2013/10/18 20:54:27 | 000,002,310 | ---- | M] () -- C:\Users\Brandon\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/17 17:48:42 | 000,001,140 | ---- | M] () -- C:\Users\Brandon\Desktop\SpeedAnalysis.lnk
[2013/10/17 17:46:14 | 000,383,480 | ---- | M] () -- C:\Users\Brandon\Desktop\BringMeSports.exe
[2013/10/17 11:54:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/10/17 11:47:26 | 002,144,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/10/17 11:47:26 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/10/17 11:47:26 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/10/17 11:47:26 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/10/17 11:47:26 | 001,286,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/10/17 11:47:26 | 001,217,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/10/17 11:47:26 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/10/17 11:47:26 | 000,909,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/10/17 11:47:26 | 000,837,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/10/17 11:47:26 | 000,698,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/10/17 11:47:26 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/10/17 11:47:26 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/10/17 11:47:26 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/10/17 11:47:26 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/10/17 11:47:26 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/10/17 11:47:26 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/10/17 11:47:26 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/10/17 11:12:32 | 000,051,438 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013/10/17 11:12:32 | 000,051,438 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/10/17 11:12:21 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/10/17 11:08:47 | 000,880,342 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/10/17 11:02:47 | 000,474,184 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/10/17 10:52:01 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
[2013/10/17 10:51:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2013/10/17 10:51:38 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2013/10/17 10:51:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/10/17 10:51:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013/10/15 11:54:13 | 014,223,397 | ---- | M] () -- C:\Users\Brandon\Desktop\ComeBack-ThePosition.zip
[2013/10/14 16:32:12 | 000,251,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vccorlib110.dll
[2013/10/14 16:32:10 | 000,862,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr110.dll
[2013/10/14 16:32:10 | 000,534,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp110.dll
[2013/10/14 16:32:08 | 000,828,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr110.dll
[2013/10/14 16:32:08 | 000,674,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LCCoin425.dll
[2013/10/14 16:32:08 | 000,661,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp110.dll
[2013/10/14 16:32:08 | 000,354,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vccorlib110.dll
[2013/10/14 16:32:08 | 000,034,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\LcUvcUpper.sys
[2013/10/13 17:28:46 | 002,686,509 | ---- | M] () -- C:\Users\Brandon\Desktop\fionia.jpg
[2013/10/12 18:41:54 | 003,305,576 | ---- | M] () -- C:\Users\Brandon\Desktop\IMG_9370.jpg
[2013/10/03 23:43:10 | 004,067,328 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\MetroIntelGenericUIFramework.dll
[2013/10/03 23:43:06 | 000,750,752 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiWinNextAgent64.dll
[2013/10/03 23:43:06 | 000,064,000 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2013/10/03 23:43:06 | 000,064,000 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\Intel_OpenCL_ICD64.dll
[2013/10/03 23:43:06 | 000,060,416 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2013/10/03 23:43:06 | 000,060,416 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\Intel_OpenCL_ICD32.dll
[2013/10/03 23:43:04 | 002,474,832 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiVAD64.exe
[2013/10/03 23:43:04 | 001,423,520 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiSecureSourceFilter64.dll
[2013/10/03 23:43:04 | 000,598,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiMux64.dll
[2013/10/03 23:43:04 | 000,344,736 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiSilenceFilter64.dll
[2013/10/03 23:43:04 | 000,209,056 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiUtils64.dll
[2013/10/03 23:43:04 | 000,176,288 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiDDEAgent64.dll
[2013/10/03 23:43:04 | 000,121,504 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiMCUMD64.dll
[2013/10/03 23:43:04 | 000,094,368 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiLogServer64.dll
[2013/10/03 23:43:02 | 004,010,144 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiAAC64.dll
[2013/10/03 23:43:02 | 000,632,480 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelWiDiAudioFilter64.dll
[2013/10/03 23:43:02 | 000,304,640 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\IntelOpenCL64.dll
[2013/10/03 23:43:02 | 000,279,000 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
[2013/10/03 23:43:02 | 000,253,440 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\IntelOpenCL32.dll
[2013/10/03 23:43:02 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxCoIn_v3316.dll
[2013/10/03 23:43:02 | 000,044,025 | ---- | M] () -- C:\WINDOWS\SysNative\iglhxo64.vp
[2013/10/03 23:43:02 | 000,043,816 | ---- | M] () -- C:\WINDOWS\SysNative\iglhxc64_dev.vp
[2013/10/03 23:43:02 | 000,043,298 | ---- | M] () -- C:\WINDOWS\SysNative\iglhxg64_dev.vp
[2013/10/03 23:43:02 | 000,043,256 | ---- | M] () -- C:\WINDOWS\SysNative\iglhxg64.vp
[2013/10/03 23:43:02 | 000,042,079 | ---- | M] () -- C:\WINDOWS\SysNative\iglhxo64_dev.vp
[2013/10/03 23:43:02 | 000,002,940 | ---- | M] () -- C:\WINDOWS\SysNative\iglhxs64.vp
[2013/10/03 23:43:00 | 002,813,952 | ---- | M] () -- C:\WINDOWS\SysNative\iglhxa64.cpa
[2013/10/03 23:43:00 | 001,127,424 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\iglhsip64.dll
[2013/10/03 23:43:00 | 001,123,328 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\iglhsip32.dll
[2013/10/03 23:43:00 | 000,844,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxsrvc.exe
[2013/10/03 23:43:00 | 000,391,128 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxtray.exe
[2013/10/03 23:43:00 | 000,345,600 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxTMM.dll
[2013/10/03 23:43:00 | 000,214,528 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\iglhcp64.dll
[2013/10/03 23:43:00 | 000,179,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\iglhcp32.dll
[2013/10/03 23:43:00 | 000,066,560 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxsrvc.dll
[2013/10/03 23:43:00 | 000,043,494 | ---- | M] () -- C:\WINDOWS\SysNative\iglhxc64.vp
[2013/10/03 23:43:00 | 000,001,125 | ---- | M] () -- C:\WINDOWS\SysNative\iglhxa64.vp
[2013/10/03 23:42:58 | 000,526,848 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrplk.lrc
[2013/10/03 23:42:58 | 000,526,336 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrrus.lrc
[2013/10/03 23:42:58 | 000,525,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrsky.lrc
[2013/10/03 23:42:58 | 000,525,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrrom.lrc
[2013/10/03 23:42:58 | 000,525,312 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrptg.lrc
[2013/10/03 23:42:58 | 000,524,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrsve.lrc
[2013/10/03 23:42:58 | 000,524,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrslv.lrc
[2013/10/03 23:42:58 | 000,524,288 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrtrk.lrc
[2013/10/03 23:42:58 | 000,524,288 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrptb.lrc
[2013/10/03 23:42:58 | 000,523,776 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrtha.lrc
[2013/10/03 23:42:58 | 000,523,776 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrnor.lrc
[2013/10/03 23:42:56 | 009,081,856 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxress.dll
[2013/10/03 23:42:56 | 000,526,848 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrfra.lrc
[2013/10/03 23:42:56 | 000,526,336 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrnld.lrc
[2013/10/03 23:42:56 | 000,525,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrita.lrc
[2013/10/03 23:42:56 | 000,525,312 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrhun.lrc
[2013/10/03 23:42:56 | 000,525,312 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrhrv.lrc
[2013/10/03 23:42:56 | 000,524,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrfin.lrc
[2013/10/03 23:42:56 | 000,522,240 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrheb.lrc
[2013/10/03 23:42:56 | 000,517,120 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrjpn.lrc
[2013/10/03 23:42:56 | 000,516,096 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrkor.lrc
[2013/10/03 23:42:54 | 000,769,496 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxpers.exe
[2013/10/03 23:42:54 | 000,548,864 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxpph.dll
[2013/10/03 23:42:54 | 000,527,360 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrell.lrc
[2013/10/03 23:42:54 | 000,526,848 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxresn.lrc
[2013/10/03 23:42:54 | 000,526,336 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrdeu.lrc
[2013/10/03 23:42:54 | 000,525,312 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrcsy.lrc
[2013/10/03 23:42:54 | 000,523,776 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrdan.lrc
[2013/10/03 23:42:54 | 000,521,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrara.lrc
[2013/10/03 23:42:54 | 000,513,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrcht.lrc
[2013/10/03 23:42:54 | 000,513,024 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrchs.lrc
[2013/10/03 23:42:54 | 000,371,200 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxrenu.lrc
[2013/10/03 23:42:52 | 000,623,616 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxdev.dll
[2013/10/03 23:42:52 | 000,492,032 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfxdv32.dll
[2013/10/03 23:42:52 | 000,393,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxext.exe
[2013/10/03 23:42:52 | 000,279,040 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxcpl.cpl
[2013/10/03 23:42:52 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxdo.dll
[2013/10/03 23:42:52 | 000,029,184 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxexps.dll
[2013/10/03 23:42:52 | 000,025,088 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfxexps32.dll
[2013/10/03 23:42:52 | 000,012,288 | ---- | M] ( ) -- C:\WINDOWS\SysNative\IGFXDEVLib.dll
[2013/10/03 23:42:50 | 004,434,432 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igdusc64.dll
[2013/10/03 23:42:50 | 003,524,608 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdusc32.dll
[2013/10/03 23:42:50 | 002,064,896 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxcmjit64.dll
[2013/10/03 23:42:50 | 001,814,016 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfxcmjit32.dll
[2013/10/03 23:42:50 | 000,158,720 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfxcmrt64.dll
[2013/10/03 23:42:50 | 000,149,504 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igfx11cmrt64.dll
[2013/10/03 23:42:50 | 000,133,120 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfxcmrt32.dll
[2013/10/03 23:42:50 | 000,128,000 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igfx11cmrt32.dll
[2013/10/03 23:42:48 | 012,130,304 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igdumdim64.dll
[2013/10/03 23:42:46 | 011,417,600 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdumdim32.dll
[2013/10/03 23:42:46 | 003,292,672 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igdrcl64.dll
[2013/10/03 23:42:46 | 002,974,208 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdrcl32.dll
[2013/10/03 23:42:46 | 000,412,160 | ---- | M] () -- C:\WINDOWS\SysNative\igdmd64.dll
[2013/10/03 23:42:46 | 000,343,040 | ---- | M] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/03 23:42:44 | 004,185,600 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys
[2013/10/03 23:42:42 | 025,986,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igdfcl64.dll
[2013/10/03 23:42:40 | 020,946,944 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdfcl32.dll
[2013/10/03 23:42:40 | 000,329,216 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igdbcl64.dll
[2013/10/03 23:42:40 | 000,220,672 | ---- | M] () -- C:\WINDOWS\SysNative\igdde64.dll
[2013/10/03 23:42:40 | 000,180,736 | ---- | M] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/03 23:42:38 | 013,871,616 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\igd10iumd64.dll
[2013/10/03 23:42:38 | 000,290,816 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igdbcl32.dll
[2013/10/03 23:42:38 | 000,160,256 | ---- | M] () -- C:\WINDOWS\SysNative\igdail64.dll
[2013/10/03 23:42:38 | 000,142,848 | ---- | M] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/10/03 23:42:36 | 013,272,576 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\igd10iumd32.dll
[2013/10/03 23:42:32 | 007,850,496 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\ig75icd64.dll
[2013/10/03 23:42:30 | 006,225,408 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysWow64\ig75icd32.dll
[2013/10/03 23:42:30 | 000,771,032 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\hkcmd.exe
[2013/10/03 23:42:30 | 000,754,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\GfxUIHotKeyMenu.exe
[2013/10/03 23:42:30 | 000,223,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\hccutils.dll
[2013/10/03 23:42:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\SysNative\IccLibDll_x64.dll
[2013/10/03 23:42:30 | 000,001,806 | ---- | M] () -- C:\WINDOWS\SysNative\GfxUIEx.exe.config
[2013/10/03 23:42:30 | 000,000,264 | ---- | M] () -- C:\WINDOWS\SysNative\GfxUIHotKeyMenu.exe.config
[2013/10/03 23:42:28 | 007,587,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\GfxUIEx.exe
[2013/10/03 23:42:28 | 000,265,030 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.th-TH.resources
[2013/10/03 23:42:28 | 000,233,293 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.ru-RU.resources
[2013/10/03 23:42:28 | 000,194,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\gfxSrvc.dll
[2013/10/03 23:42:28 | 000,175,165 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.ro-RO.resources
[2013/10/03 23:42:28 | 000,173,876 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.tr-TR.resources
[2013/10/03 23:42:28 | 000,173,626 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.pl-PL.resources
[2013/10/03 23:42:28 | 000,173,401 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.nl-NL.resources
[2013/10/03 23:42:28 | 000,172,630 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.pt-BR.resources
[2013/10/03 23:42:28 | 000,171,631 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.sk-SK.resources
[2013/10/03 23:42:28 | 000,171,464 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.sv-SE.resources
[2013/10/03 23:42:28 | 000,171,207 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.pt-PT.resources
[2013/10/03 23:42:28 | 000,166,591 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.sl-SI.resources
[2013/10/03 23:42:28 | 000,153,231 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.zh-TW.resources
[2013/10/03 23:42:28 | 000,151,479 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.zh-CN.resources
[2013/10/03 23:42:26 | 002,384,896 | ---- | M] () -- C:\WINDOWS\SysNative\GfxRes.dll
[2013/10/03 23:42:26 | 000,530,392 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\DPTopologyApp.exe
[2013/10/03 23:42:26 | 000,251,250 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.el-GR.resources
[2013/10/03 23:42:26 | 000,199,323 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.ar-SA.resources
[2013/10/03 23:42:26 | 000,196,855 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.ja-JP.resources
[2013/10/03 23:42:26 | 000,190,937 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.he-IL.resources
[2013/10/03 23:42:26 | 000,179,235 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.ko-KR.resources
[2013/10/03 23:42:26 | 000,179,170 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.it-IT.resources
[2013/10/03 23:42:26 | 000,176,818 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.es-ES.resources
[2013/10/03 23:42:26 | 000,176,555 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.fr-FR.resources
[2013/10/03 23:42:26 | 000,176,526 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.de-DE.resources
[2013/10/03 23:42:26 | 000,174,165 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.hu-HU.resources
[2013/10/03 23:42:26 | 000,171,980 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.fi-FI.resources
[2013/10/03 23:42:26 | 000,170,928 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.cs-CZ.resources
[2013/10/03 23:42:26 | 000,170,073 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.hr-HR.resources
[2013/10/03 23:42:26 | 000,165,303 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.nb-NO.resources
[2013/10/03 23:42:26 | 000,164,653 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.da-DK.resources
[2013/10/03 23:42:26 | 000,159,945 | ---- | M] () -- C:\WINDOWS\SysNative\Gfxres.en-US.resources
[2013/10/03 23:42:26 | 000,000,935 | ---- | M] () -- C:\WINDOWS\SysNative\DPTopologyApp.exe.config
[2013/10/03 23:42:24 | 000,396,248 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\CustomModeApp.exe
[2013/10/03 23:42:24 | 000,153,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\difx64.exe
[2013/10/03 23:42:24 | 000,000,935 | ---- | M] () -- C:\WINDOWS\SysNative\CustomModeApp.exe.config
[2013/10/01 18:04:52 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013/10/01 18:04:52 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/29 21:07:35 | 001,641,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2013/09/29 21:07:35 | 001,506,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2013/09/29 21:07:35 | 001,476,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2013/09/29 21:07:35 | 001,344,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2013/09/29 21:06:41 | 004,079,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2013/09/29 21:06:41 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2013/09/29 21:06:41 | 000,688,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmIndexer.dll
[2013/09/29 21:06:41 | 000,669,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2013/09/29 21:06:41 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2013/09/29 21:06:41 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2013/09/29 21:06:41 | 000,560,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2013/09/29 21:06:41 | 000,515,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmIndexer.dll
[2013/09/29 21:06:41 | 000,476,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2013/09/29 21:03:40 | 002,800,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2013/09/29 21:03:40 | 001,057,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.dll
[2013/09/29 21:03:40 | 000,970,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebcamUi.dll
[2013/09/29 21:03:40 | 000,813,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WebcamUi.dll
[2013/09/29 21:03:40 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2013/09/29 21:03:40 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2013/09/29 21:03:40 | 000,256,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdprint.dll
[2013/09/29 21:03:40 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WorkFoldersRes.dll
[2013/09/29 21:03:40 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersRes.dll
[2013/09/29 21:03:39 | 002,142,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2013/09/29 21:03:39 | 002,131,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2013/09/29 21:03:39 | 001,231,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2013/09/29 21:03:39 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2013/09/29 21:03:39 | 000,934,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2013/09/29 21:03:39 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2013/09/29 21:03:39 | 000,872,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/09/29 21:03:39 | 000,803,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2013/09/29 21:03:39 | 000,796,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2013/09/29 21:03:39 | 000,783,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2013/09/29 21:03:39 | 000,698,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/09/29 21:03:39 | 000,648,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2013/09/29 21:03:39 | 000,482,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2013/09/29 21:03:39 | 000,382,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2013/09/29 21:03:39 | 000,366,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2013/09/29 21:03:39 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2013/09/29 21:03:39 | 000,312,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2013/09/29 21:03:39 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2013/09/29 21:03:39 | 000,205,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2013/09/29 21:03:39 | 000,180,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2013/09/29 21:03:39 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsClassExtension.dll
[2013/09/29 21:03:38 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013/09/29 21:03:38 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2013/09/29 21:03:37 | 011,670,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013/09/29 21:03:37 | 008,875,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2013/09/29 21:03:37 | 008,712,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2013/09/29 21:03:37 | 004,975,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2013/09/29 21:03:37 | 002,295,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013/09/29 21:03:37 | 002,065,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2013/09/29 21:03:37 | 001,581,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2013/09/29 21:03:37 | 001,455,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2013/09/29 21:03:37 | 001,370,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2013/09/29 21:03:37 | 001,160,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2013/09/29 21:03:37 | 000,867,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2013/09/29 21:03:37 | 000,802,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2013/09/29 21:03:37 | 000,767,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2013/09/29 21:03:37 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2013/09/29 21:03:37 | 000,761,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2013/09/29 21:03:37 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2013/09/29 21:03:37 | 000,528,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2013/09/29 21:03:37 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2013/09/29 21:03:37 | 000,482,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceCenter.dll
[2013/09/29 21:03:37 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2013/09/29 21:03:37 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013/09/29 21:03:37 | 000,393,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sysmon.ocx
[2013/09/29 21:03:37 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2013/09/29 21:03:37 | 000,300,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2013/09/29 21:03:37 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcbuilder.exe
[2013/09/29 21:03:37 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2013/09/29 21:03:37 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2013/09/29 21:03:37 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CryptoWinRT.dll
[2013/09/29 21:03:37 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFolders.exe
[2013/09/29 21:03:37 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2013/09/29 21:03:37 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersGPExt.dll
[2013/09/29 21:03:37 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.dll
[2013/09/29 21:03:37 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2013/09/29 21:03:36 | 018,576,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013/09/29 21:03:36 | 001,730,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2013/09/29 21:03:36 | 000,787,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2013/09/29 21:03:36 | 000,358,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2013/09/29 21:03:36 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2013/09/29 21:03:36 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\miutils.dll
[2013/09/29 21:03:36 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2013/09/29 21:03:36 | 000,123,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2013/09/29 21:03:29 | 012,028,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2013/09/29 21:03:29 | 011,366,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2013/09/29 21:03:29 | 006,639,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2013/09/29 21:03:29 | 002,328,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2013/09/29 21:03:29 | 001,225,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2013/09/29 21:03:29 | 001,147,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2013/09/29 21:03:29 | 000,738,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfuimanager.dll
[2013/09/29 21:03:29 | 000,707,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2013/09/29 21:03:29 | 000,700,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10level9.dll
[2013/09/29 21:03:29 | 000,638,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\riched20.dll
[2013/09/29 21:03:29 | 000,534,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2013/09/29 21:03:29 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2013/09/29 21:03:29 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCenter.dll
[2013/09/29 21:03:29 | 000,458,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2013/09/29 21:03:29 | 000,407,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2013/09/29 21:03:29 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2013/09/29 21:03:29 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2013/09/29 21:03:29 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2013/09/29 21:03:29 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdsdwmdr.dll
[2013/09/29 21:03:28 | 013,172,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013/09/29 21:03:28 | 007,544,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2013/09/29 21:03:28 | 002,616,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013/09/29 21:03:28 | 002,569,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2013/09/29 21:03:28 | 002,050,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2013/09/29 21:03:28 | 001,662,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2013/09/29 21:03:28 | 001,555,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2013/09/29 21:03:28 | 001,185,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.dll
[2013/09/29 21:03:28 | 001,160,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2013/09/29 21:03:28 | 001,106,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2013/09/29 21:03:28 | 001,084,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2013/09/29 21:03:28 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2013/09/29 21:03:28 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2013/09/29 21:03:28 | 000,576,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013/09/29 21:03:28 | 000,570,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2013/09/29 21:03:28 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tpmvsc.dll
[2013/09/29 21:03:28 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2013/09/29 21:03:28 | 000,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2013/09/29 21:03:28 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2013/09/29 21:03:28 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2013/09/29 21:03:28 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdprint.dll
[2013/09/29 21:03:28 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TetheringMgr.dll
[2013/09/29 21:03:28 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2013/09/29 21:03:28 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2013/09/29 21:03:28 | 000,158,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2013/09/29 21:03:28 | 000,136,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2013/09/29 21:03:28 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2013/09/29 21:03:28 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Utilman.exe
[2013/09/29 21:03:28 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2013/09/29 21:03:28 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2013/09/29 21:03:28 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2013/09/29 21:03:28 | 000,054,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013/09/29 21:03:28 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2013/09/29 21:03:27 | 001,534,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2013/09/29 21:03:27 | 001,302,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013/09/29 21:03:27 | 001,286,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013/09/29 21:03:27 | 001,150,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2013/09/29 21:03:27 | 000,911,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2013/09/29 21:03:27 | 000,638,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2013/09/29 21:03:27 | 000,556,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\recimg.exe
[2013/09/29 21:03:27 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
[2013/09/29 21:03:27 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll
[2013/09/29 21:03:27 | 000,456,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysmon.ocx
[2013/09/29 21:03:27 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Usb.dll
[2013/09/29 21:03:27 | 000,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2013/09/29 21:03:27 | 000,358,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2013/09/29 21:03:27 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcbuilder.exe
[2013/09/29 21:03:27 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2013/09/29 21:03:27 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2013/09/29 21:03:27 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2013/09/29 21:03:27 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2013/09/29 21:03:27 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2013/09/29 21:03:27 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\miutils.dll
[2013/09/29 21:03:27 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2013/09/29 21:03:27 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2013/09/29 21:03:27 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DscCore.dll
[2013/09/29 21:03:27 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DscCoreConfProv.dll
[2013/09/29 21:03:27 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2013/09/29 21:03:27 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthRadioMedia.dll
[2013/09/29 21:03:27 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.dll
[2013/09/29 21:03:26 | 013,925,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013/09/29 21:03:26 | 007,401,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013/09/29 21:03:26 | 005,769,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2013/09/29 21:03:26 | 001,928,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2013/09/29 21:03:26 | 001,741,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2013/09/29 21:03:26 | 001,415,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2013/09/29 21:03:26 | 001,344,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dui70.dll
[2013/09/29 21:03:26 | 000,996,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2013/09/29 21:03:26 | 000,919,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2013/09/29 21:03:26 | 000,695,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfuimanager.dll
[2013/09/29 21:03:26 | 000,528,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2013/09/29 21:03:26 | 000,427,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2013/09/29 21:03:26 | 000,419,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2013/09/29 21:03:26 | 000,408,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2013/09/29 21:03:26 | 000,368,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2013/09/29 21:03:26 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GeofenceMonitorService.dll
[2013/09/29 21:03:26 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Usb.dll
[2013/09/29 21:03:26 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2013/09/29 21:03:26 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2013/09/29 21:03:26 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2013/09/29 21:03:26 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2013/09/29 21:03:26 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Utilman.exe
[2013/09/29 21:03:26 | 000,066,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PSHED.DLL
[2013/09/29 21:03:25 | 001,720,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2013/09/29 21:03:25 | 001,109,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2013/09/29 21:03:25 | 000,467,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2013/09/29 21:03:25 | 000,371,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013/09/29 21:03:25 | 000,236,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2013/09/29 21:03:25 | 000,175,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys
[2013/09/29 21:03:25 | 000,171,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2013/09/29 21:03:25 | 000,151,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2013/09/29 21:03:25 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2013/09/29 21:03:25 | 000,039,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2013/09/29 21:03:25 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2013/09/29 20:51:12 | 002,129,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsCpl.dll
[2013/09/29 20:51:12 | 000,788,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mblctr.exe
[2013/09/29 20:51:12 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RotMgr.dll
[2013/09/29 20:51:11 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hwrreg.exe
[2013/09/29 20:51:11 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hwrcomp.exe
[2013/09/29 20:51:10 | 002,119,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsCpl.dll
[2013/09/29 20:51:10 | 000,267,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpendp.dll
[2013/09/29 20:51:09 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msTextPrediction.dll
[2013/09/29 20:51:09 | 000,338,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2013/09/29 20:51:08 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2013/09/29 20:51:08 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jnwmon.dll
[2013/09/29 20:51:07 | 003,396,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2013/09/29 20:51:07 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2013/09/29 20:51:07 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpinput.exe
[2013/09/29 20:51:07 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorPerformanceEvents.dll
[2013/09/29 20:51:06 | 000,457,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StikyNot.exe
[2013/09/29 20:51:06 | 000,291,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpendp.dll
[2013/09/29 20:51:06 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SNTSearch.dll
[2013/09/29 20:51:06 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2013/09/29 20:51:06 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfdts.dll
[2013/09/29 20:51:06 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2013/09/29 20:51:06 | 000,027,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2013/09/29 20:51:04 | 000,468,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SnippingTool.exe
[2013/09/29 20:51:04 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2013/09/29 20:51:04 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DFDWiz.exe
[2013/09/29 20:51:04 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetppui.dll
[2013/09/29 20:51:04 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnpinst.exe
[2013/09/29 20:51:01 | 000,212,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\LocationProvider.dll
[2013/09/29 20:51:01 | 000,037,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\terminpt.sys
[2013/09/29 20:48:12 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\srv.sys.mui
[2013/09/29 20:48:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbrpm.sys.mui
[2013/09/29 20:48:09 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\fvevol.sys.mui
[2013/09/29 20:48:09 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\en-US\SensorsHIDClassDriver.dll.mui
[2013/09/29 20:48:09 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\en-US\LocationProvider.dll.mui
[2013/09/29 20:48:07 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\en-US\WpdMtpDr.dll.mui
[2013/09/29 20:48:07 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\WpdUpFltr.sys.mui
[2013/09/29 20:48:05 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\RNDISMP.sys.mui
[2013/09/29 20:48:04 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pacer.sys.mui
[2013/09/29 20:48:04 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\nwifi.sys.mui
[2013/09/29 20:48:04 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mslldp.sys.mui
[2013/09/29 20:48:04 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\tunnel.sys.mui
[2013/09/29 20:48:04 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ipnat.sys.mui
[2013/09/29 20:48:04 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\modem.sys.mui
[2013/09/29 20:48:04 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\qwavedrv.sys.mui
[2013/09/29 20:48:04 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\NdisVirtualBus.sys.mui
[2013/09/29 20:48:04 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ws2ifsl.sys.mui
[2013/09/29 20:48:02 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\srv2.sys.mui
[2013/09/29 20:48:02 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mrxsmb.sys.mui
[2013/09/29 20:48:02 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\http.sys.mui
[2013/09/29 20:48:02 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\refs.sys.mui
[2013/09/29 20:48:02 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\rdbss.sys.mui
[2013/09/29 20:48:02 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ndisuio.sys.mui
[2013/09/29 20:48:02 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\volmgrx.sys.mui
[2013/09/29 20:48:02 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\scfilter.sys.mui
[2013/09/29 20:48:01 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mshidumdf.sys.mui
[2013/09/29 20:48:00 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sercx2.sys.mui
[2013/09/29 20:48:00 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\spbcx.sys.mui
[2013/09/29 20:48:00 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sercx.sys.mui
[2013/09/29 20:48:00 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\scsiport.sys.mui
[2013/09/29 20:48:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wudfpf.sys.mui
[2013/09/29 20:48:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mshidkmdf.sys.mui
[2013/09/29 20:48:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ks.sys.mui
[2013/09/29 20:47:58 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\luafv.sys.mui
[2013/09/29 20:47:55 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
[2013/09/29 20:47:55 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\NdisImPlatform.sys.mui
[2013/09/29 20:47:55 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
[2013/09/29 20:47:55 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ndiscap.sys.mui
[2013/09/29 20:47:55 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
[2013/09/29 20:47:55 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wfplwfs.sys.mui
[2013/09/29 20:47:54 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
[2013/09/29 20:47:54 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\fwpkclnt.sys.mui
[2013/09/29 20:47:49 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wmbclass.sys.mui
[2013/09/29 20:47:49 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthpan.sys.mui
[2013/09/29 20:47:49 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\tsusbflt.sys.mui
[2013/09/29 20:47:49 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\rndismpx.sys.mui
[2013/09/29 20:47:49 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\serscan.sys.mui
[2013/09/29 20:47:49 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\rdpdr.sys.mui
[2013/09/29 20:47:49 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\en-US\mgtdyn.dll.mui
[2013/09/29 20:47:49 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\en-US\idtsec.dll.mui
[2013/09/29 20:47:49 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\vwifibus.sys.mui
[2013/09/29 20:47:49 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\en-US\hidscanner.dll.mui
[2013/09/29 20:47:48 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthport.sys.mui
[2013/09/29 20:47:48 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthLEEnum.sys.mui
[2013/09/29 20:47:48 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\EhStorTcgDrv.sys.mui
[2013/09/29 20:47:48 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui
[2013/09/29 20:47:48 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sdbus.sys.mui
[2013/09/29 20:47:48 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\dumpsd.sys.mui
[2013/09/29 20:47:48 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\portcls.sys.mui
[2013/09/29 20:47:48 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pcmcia.sys.mui
[2013/09/29 20:47:48 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hdaudbus.sys.mui
[2013/09/29 20:47:48 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hidi2c.sys.mui
[2013/09/29 20:47:48 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthA2DP.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sdstor.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\rndismp6.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hidbth.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\HdAudio.sys.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthMini.SYS.mui
[2013/09/29 20:47:48 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthhfenum.sys.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbvideo.sys.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\USBAUDIO.sys.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pnpmem.sys.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\en-US\HidBthLE.dll.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BTHUSB.SYS.mui
[2013/09/29 20:47:48 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthAvrcpTg.sys.mui
[2013/09/29 20:47:48 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthhfHid.sys.mui
[2013/09/29 20:47:48 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthenum.sys.mui
[2013/09/29 20:47:47 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbport.sys.mui
[2013/09/29 20:47:47 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\volsnap.sys.mui
[2013/09/29 20:47:47 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\USBHUB3.SYS.mui
[2013/09/29 20:47:47 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\USBXHCI.SYS.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbhub.sys.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\processr.sys.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\intelppm.sys.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\amdppm.sys.mui
[2013/09/29 20:47:47 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\amdk8.sys.mui
[2013/09/29 20:47:47 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\spaceport.sys.mui
[2013/09/29 20:47:47 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\vhdmp.sys.mui
[2013/09/29 20:47:47 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\UCX01000.SYS.mui
[2013/09/29 20:47:47 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\i8042prt.sys.mui
[2013/09/29 20:47:47 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\acpi.sys.mui
[2013/09/29 20:47:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pci.sys.mui
[2013/09/29 20:47:47 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ataport.sys.mui
[2013/09/29 20:47:47 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\disk.sys.mui
[2013/09/29 20:47:47 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\vdrvroot.sys.mui
[2013/09/29 20:47:47 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\sermouse.sys.mui
[2013/09/29 20:47:47 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\kbdclass.sys.mui
[2013/09/29 20:47:47 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wacompen.sys.mui
[2013/09/29 20:47:47 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mouclass.sys.mui
[2013/09/29 20:47:47 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\isapnp.sys.mui
[2013/09/29 20:47:47 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\usbehci.sys.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ULIAGPKX.SYS.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\UAGP35.SYS.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\NV_AGP.SYS.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mouhid.sys.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\kbdhid.sys.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\GAGP30KX.SYS.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\cdrom.sys.mui
[2013/09/29 20:47:47 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\AGP440.sys.mui
[2013/09/29 20:47:47 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\pdc.sys.mui
[2013/09/29 20:47:46 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\tcpip.sys.mui
[2013/09/29 20:47:46 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ntfs.sys.mui
[2013/09/29 20:47:46 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\ndis.sys.mui
[2013/09/29 20:47:46 | 000,047,140 | ---- | M] () -- C:\WINDOWS\SysWow64\license.rtf
[2013/09/29 20:47:46 | 000,047,140 | ---- | M] () -- C:\WINDOWS\SysNative\license.rtf
[2013/09/29 20:47:46 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\afd.sys.mui
[2013/09/29 20:47:46 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\1394ohci.sys.mui
[2013/09/29 20:47:46 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\serial.sys.mui
[2013/09/29 20:47:46 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\tpm.sys.mui
[2013/09/29 20:47:46 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\battc.sys.mui
[2013/09/29 20:47:46 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\IPMIDrv.sys.mui
[2013/09/29 20:47:46 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hidclass.sys.mui
[2013/09/29 20:47:46 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\fltmgr.sys.mui
[2013/09/29 20:47:46 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\parport.sys.mui
[2013/09/29 20:47:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\umbus.sys.mui
[2013/09/29 20:47:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mssmbios.sys.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\wdf01000.sys.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\USBSTOR.SYS.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\partmgr.sys.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\MTConfig.sys.mui
[2013/09/29 20:47:46 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\mountmgr.sys.mui

========== Files Created - No Company Name ==========

[2013/10/26 11:50:42 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync
[2013/10/23 12:36:04 | 000,156,936 | ---- | C] () -- C:\WINDOWS\SysNative\bdfwcore.dll
[2013/10/19 19:58:44 | 000,132,340 | ---- | C] () -- C:\Users\Brandon\Desktop\LifePlan.zip
[2013/10/17 17:53:47 | 000,001,324 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-1.3-updater.job
[2013/10/17 17:53:44 | 000,001,126 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-1.3-enabler.job
[2013/10/17 17:53:42 | 000,001,226 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-1.3-codedownloader.job
[2013/10/17 17:53:33 | 000,001,934 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-1.3-chromeinstaller.job
[2013/10/17 17:46:14 | 000,383,480 | ---- | C] () -- C:\Users\Brandon\Desktop\BringMeSports.exe
[2013/10/17 17:28:32 | 000,001,140 | ---- | C] () -- C:\Users\Brandon\Desktop\SpeedAnalysis.lnk
[2013/10/17 17:27:21 | 000,000,000 | ---- | C] () -- C:\END
[2013/10/17 11:54:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/10/17 11:15:47 | 000,001,453 | ---- | C] () -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/10/17 11:12:21 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/10/17 11:00:22 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/10/17 10:56:00 | 000,000,352 | ---- | C] () -- C:\Users\Brandon\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/10/17 10:56:00 | 000,000,334 | ---- | C] () -- C:\Users\Brandon\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/10/17 10:55:51 | 000,051,438 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013/10/17 10:55:51 | 000,051,438 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/10/17 10:52:01 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
[2013/10/17 10:51:53 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2013/10/17 10:51:38 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2013/10/17 10:51:38 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/10/17 10:51:35 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013/10/15 11:53:56 | 014,223,397 | ---- | C] () -- C:\Users\Brandon\Desktop\ComeBack-ThePosition.zip
[2013/10/13 17:24:39 | 002,686,509 | ---- | C] () -- C:\Users\Brandon\Desktop\fionia.jpg
[2013/10/12 18:41:54 | 003,305,576 | ---- | C] () -- C:\Users\Brandon\Desktop\IMG_9370.jpg
[2013/10/03 23:43:02 | 000,044,025 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxo64.vp
[2013/10/03 23:43:02 | 000,043,816 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxc64_dev.vp
[2013/10/03 23:43:02 | 000,043,298 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxg64_dev.vp
[2013/10/03 23:43:02 | 000,043,256 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxg64.vp
[2013/10/03 23:43:02 | 000,042,079 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxo64_dev.vp
[2013/10/03 23:43:02 | 000,002,940 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxs64.vp
[2013/10/03 23:43:00 | 002,813,952 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxa64.cpa
[2013/10/03 23:43:00 | 000,043,494 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxc64.vp
[2013/10/03 23:43:00 | 000,001,125 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxa64.vp
[2013/10/03 23:42:52 | 000,012,288 | ---- | C] ( ) -- C:\WINDOWS\SysNative\IGFXDEVLib.dll
[2013/10/03 23:42:46 | 000,412,160 | ---- | C] () -- C:\WINDOWS\SysNative\igdmd64.dll
[2013/10/03 23:42:46 | 000,343,040 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/03 23:42:40 | 000,220,672 | ---- | C] () -- C:\WINDOWS\SysNative\igdde64.dll
[2013/10/03 23:42:40 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/03 23:42:38 | 000,160,256 | ---- | C] () -- C:\WINDOWS\SysNative\igdail64.dll
[2013/10/03 23:42:38 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/10/03 23:42:30 | 000,094,208 | ---- | C] () -- C:\WINDOWS\SysNative\IccLibDll_x64.dll
[2013/10/03 23:42:30 | 000,001,806 | ---- | C] () -- C:\WINDOWS\SysNative\GfxUIEx.exe.config
[2013/10/03 23:42:30 | 000,000,264 | ---- | C] () -- C:\WINDOWS\SysNative\GfxUIHotKeyMenu.exe.config
[2013/10/03 23:42:28 | 000,265,030 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.th-TH.resources
[2013/10/03 23:42:28 | 000,233,293 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.ru-RU.resources
[2013/10/03 23:42:28 | 000,175,165 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.ro-RO.resources
[2013/10/03 23:42:28 | 000,173,876 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.tr-TR.resources
[2013/10/03 23:42:28 | 000,173,626 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.pl-PL.resources
[2013/10/03 23:42:28 | 000,173,401 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.nl-NL.resources
[2013/10/03 23:42:28 | 000,172,630 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.pt-BR.resources
[2013/10/03 23:42:28 | 000,171,631 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.sk-SK.resources
[2013/10/03 23:42:28 | 000,171,464 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.sv-SE.resources
[2013/10/03 23:42:28 | 000,171,207 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.pt-PT.resources
[2013/10/03 23:42:28 | 000,166,591 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.sl-SI.resources
[2013/10/03 23:42:28 | 000,153,231 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.zh-TW.resources
[2013/10/03 23:42:28 | 000,151,479 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.zh-CN.resources
[2013/10/03 23:42:26 | 002,384,896 | ---- | C] () -- C:\WINDOWS\SysNative\GfxRes.dll
[2013/10/03 23:42:26 | 000,251,250 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.el-GR.resources
[2013/10/03 23:42:26 | 000,199,323 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.ar-SA.resources
[2013/10/03 23:42:26 | 000,196,855 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.ja-JP.resources
[2013/10/03 23:42:26 | 000,190,937 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.he-IL.resources
[2013/10/03 23:42:26 | 000,179,235 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.ko-KR.resources
[2013/10/03 23:42:26 | 000,179,170 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.it-IT.resources
[2013/10/03 23:42:26 | 000,176,818 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.es-ES.resources
[2013/10/03 23:42:26 | 000,176,555 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.fr-FR.resources
[2013/10/03 23:42:26 | 000,176,526 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.de-DE.resources
[2013/10/03 23:42:26 | 000,174,165 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.hu-HU.resources
[2013/10/03 23:42:26 | 000,171,980 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.fi-FI.resources
[2013/10/03 23:42:26 | 000,170,928 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.cs-CZ.resources
[2013/10/03 23:42:26 | 000,170,073 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.hr-HR.resources
[2013/10/03 23:42:26 | 000,165,303 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.nb-NO.resources
[2013/10/03 23:42:26 | 000,164,653 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.da-DK.resources
[2013/10/03 23:42:26 | 000,159,945 | ---- | C] () -- C:\WINDOWS\SysNative\Gfxres.en-US.resources
[2013/10/03 23:42:26 | 000,000,935 | ---- | C] () -- C:\WINDOWS\SysNative\DPTopologyApp.exe.config
[2013/10/03 23:42:24 | 000,000,935 | ---- | C] () -- C:\WINDOWS\SysNative\CustomModeApp.exe.config
[2013/09/29 21:04:38 | 000,865,408 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/09/29 20:51:28 | 000,035,851 | ---- | C] () -- C:\WINDOWS\Core.xml
[2013/08/31 14:31:11 | 000,000,369 | ---- | C] () -- C:\Users\Brandon\AppData\Local\RegisteredPackageInformation.xml
[2013/08/22 08:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 08:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 07:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 00:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 20:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 20:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/21 16:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 16:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/05/30 08:40:53 | 000,000,198 | -H-- | C] () -- C:\ProgramData\Lenovo-24262.vbs
[2013/05/30 08:40:34 | 000,000,198 | -H-- | C] () -- C:\ProgramData\Lenovo-24206.vbs
[2013/05/30 08:39:01 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/05/30 08:23:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\SysWow64\UMonit64.exe
[2013/05/30 08:23:07 | 000,172,097 | ---- | C] () -- C:\WINDOWS\SysWow64\NoMSGuninstall.exe
[2013/05/30 08:23:07 | 000,001,519 | ---- | C] () -- C:\WINDOWS\SysWow64\_IconCfg0.ini
[2013/05/30 08:23:07 | 000,000,911 | ---- | C] () -- C:\WINDOWS\SysWow64\ProductName.ini
[2013/05/30 08:23:07 | 000,000,213 | ---- | C] () -- C:\WINDOWS\SysWow64\IconCfg0.ini
[2013/05/30 08:08:39 | 000,880,342 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/02/13 12:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2012/07/25 13:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 13:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin

========== ZeroAccess Check ==========

[2013/10/17 17:30:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/09/29 21:03:28 | 021,195,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/09/29 21:03:37 | 018,640,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 02:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 19:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 02:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/10/17 17:55:47 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Desk 365
[2013/10/17 17:27:17 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\File Scout
[2013/08/31 14:39:14 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Lenovo
[2013/09/03 14:47:12 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\LSC
[2013/06/16 04:51:58 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Nitro
[2013/10/17 20:43:41 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\PerformerSoft
[2013/10/20 09:59:16 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\SearchProtect
[2013/10/17 17:28:34 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\SpeedAnalysis3
[2013/10/24 15:24:38 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\SuperAdBlocker.com
[2013/10/17 17:48:46 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\zulagames

========== Purity Check ==========

========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.ADML >
[2013/09/29 20:48:10 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.16384_en-us_13bedf9d3e4c78d1\Explorer.adml

< MD5 for: EXPLORER.ADMX >
[2013/06/18 07:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.16384_none_067909bec4cce684\Explorer.admx

< MD5 for: EXPLORER.EXE >
[2013/09/29 21:03:37 | 002,065,960 | ---- | M] (Microsoft Corporation) MD5=712B0D2ADE5297563168C997DDC2DD13 -- C:\Windows\SysWOW64\explorer.exe
[2013/09/29 21:03:37 | 002,065,960 | ---- | M] (Microsoft Corporation) MD5=712B0D2ADE5297563168C997DDC2DD13 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2013/09/29 21:03:29 | 002,328,328 | ---- | M] (Microsoft Corporation) MD5=C1400519D76A364E974E47BBA62B95B0 -- C:\Windows\explorer.exe
[2013/09/29 21:03:29 | 002,328,328 | ---- | M] (Microsoft Corporation) MD5=C1400519D76A364E974E47BBA62B95B0 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe

< MD5 for: EXPLORER.EXE.MUI >
[2013/09/29 20:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\en-US\explorer.exe.mui
[2013/09/29 20:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2013/09/29 20:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f6b0e7284798d168\explorer.exe.mui
[2013/09/29 20:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_0105917a7bf99363\explorer.exe.mui

< MD5 for: EXPLORER.EXE-5F7AEA8B.PF >
[2013/10/27 11:10:34 | 000,360,492 | ---- | M] () MD5=3C799DB816268D08349094109ABC3F7D -- C:\Windows\Prefetch\EXPLORER.EXE-5F7AEA8B.pf

< MD5 for: IEXPLORE.EXE >
[2013/08/22 05:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation) MD5=1C39C41D50FF7113748D825F4327D406 -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/08/22 05:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation) MD5=1C39C41D50FF7113748D825F4327D406 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_9c7bbe6690ba5bc1\iexplore.exe
[2013/08/21 22:20:05 | 000,805,992 | ---- | M] (Microsoft Corporation) MD5=EE889775E0F9755C90FAEBFB93FBD781 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013/08/21 22:20:05 | 000,805,992 | ---- | M] (Microsoft Corporation) MD5=EE889775E0F9755C90FAEBFB93FBD781 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_a6d068b8c51b1dbc\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >
[2013/09/29 20:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/09/29 20:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/09/29 20:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_962853ddc8679ca8\iexplore.exe.mui
[2013/09/29 20:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_a07cfe2ffcc85ea3\iexplore.exe.mui

< MD5 for: IEXPLORE.EXE-562F796F.PF >
[2013/10/21 12:34:08 | 000,105,760 | ---- | M] () MD5=8D5A900D6A4ABB0B65528F958705617C -- C:\Windows\Prefetch\IEXPLORE.EXE-562F796F.pf

< MD5 for: IEXPLORE.EXE-562F7970.PF >
[2013/10/21 12:34:08 | 000,237,998 | ---- | M] () MD5=1E8500F4477106CF04FC44DFC76BCDCF -- C:\Windows\Prefetch\IEXPLORE.EXE-562F7970.pf

< MD5 for: IEXPLORE.EXE-6499D5EC.PF >
[2013/10/27 12:17:57 | 000,116,876 | ---- | M] () MD5=B9F93DF858A17C01A4C2C17B4683A467 -- C:\Windows\Prefetch\IEXPLORE.EXE-6499D5EC.pf

< MD5 for: IEXPLORE.EXE-9E8A2849.PF >
[2013/10/27 12:17:57 | 000,420,012 | ---- | M] () MD5=88812B61BB0FED76E9D449D4C5F79D55 -- C:\Windows\Prefetch\IEXPLORE.EXE-9E8A2849.pf

< MD5 for: IEXPLORE.VISUALELEMENTSMANIFEST.XML >
[2013/06/18 07:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Program Files\Internet Explorer\iexplore.VisualElementsManifest.xml
[2013/06/18 07:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Windows\WinSxS\amd64_microsoft-windows-immersivebrowser_31bf3856ad364e35_11.0.9600.16384_none_c673d0d2f4ca87f4\iexplore.VisualElementsManifest.xml

< MD5 for: SERVICES >
[2013/08/22 08:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services

< MD5 for: SERVICES.EXE >
[2013/08/22 06:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\WINDOWS\SysNative\services.exe
[2013/08/22 06:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2013/09/29 20:47:46 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\WINDOWS\SysNative\en-US\services.exe.mui
[2013/09/29 20:47:46 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-us_5abba721f9ec3435\services.exe.mui

< MD5 for: SERVICES.JS >
[2013/10/18 13:30:29 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.1.203_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/18 13:30:29 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.1.201_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/18 13:30:29 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.1.203_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/18 13:30:29 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.1.205_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/18 13:30:29 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/18 13:30:29 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.1.202_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/18 13:30:29 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.1.203_x64__8wekyb3d8bbwe\common\js\services.js

< MD5 for: SERVICES.LNK >
[2013/08/21 23:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/21 23:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/21 23:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk

< MD5 for: SERVICES.MOF >
[2013/06/18 07:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysNative\wbem\services.mof
[2013/06/18 07:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof

< MD5 for: SERVICES.MSC >
[2013/09/29 20:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\en-US\services.msc
[2013/06/18 07:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\services.msc
[2013/09/29 20:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 05:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2013/09/29 20:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 07:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 05:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2013/09/29 20:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc

< MD5 for: SERVICES.PTXML >
[2013/08/21 23:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2013/08/21 23:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml

< MD5 for: WINLOGON.ADML >
[2013/09/29 21:18:27 | 000,002,631 | ---- | M] () MD5=3FC16D999444A213C04297050F42DA07 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.3.9600.16384_en-us_85c27192b0d9003d\WinLogon.adml

< MD5 for: WINLOGON.ADMX >
[2013/08/22 07:57:15 | 000,001,101 | ---- | M] () MD5=513B8C31BC439F0A37EA44D540F98916 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.3.9600.16384_none_6bcbbccd4d39421a\WinLogon.admx

< MD5 for: WINLOGON.EXE >
[2013/08/22 02:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\WINDOWS\SysNative\winlogon.exe
[2013/08/22 02:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >
[2013/09/29 20:48:02 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\WINDOWS\SysNative\en-US\winlogon.exe.mui
[2013/09/29 20:48:02 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.3.9600.16384_en-us_bbb6f195d80d78ae\winlogon.exe.mui

< MD5 for: WINLOGON.EXE-6B149215.PF >
[2013/10/26 21:15:59 | 000,031,610 | ---- | M] () MD5=94D7D72A0263883505D4CC8B62FF43C5 -- C:\Windows\Prefetch\WINLOGON.EXE-6B149215.pf

< MD5 for: WINLOGON.MFL >
[2013/09/29 20:48:02 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\WINDOWS\SysNative\wbem\en-US\winlogon.mfl
[2013/09/29 20:48:02 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.3.9600.16384_en-us_19794360f345d243\winlogon.mfl

< MD5 for: WINLOGON.MOF >
[2013/08/21 23:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\WINDOWS\SysNative\wbem\winlogon.mof
[2013/08/21 23:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.3.9600.16384_none_70f729db49dee3dc\winlogon.mof

< %SYSTEMDRIVE%\*.* >
[2012/07/25 20:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2013/06/18 05:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2013/03/25 15:01:42 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/10/26 11:50:42 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync
[2013/10/20 09:54:20 | 000,000,000 | ---- | M] () -- C:\END
[2013/10/23 12:46:55 | 2342,322,175 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/21 10:26:54 | 000,001,936 | ---- | M] () -- C:\logFileUI.txt
[2013/10/23 12:46:56 | 4026,531,839 | -HS- | M] () -- C:\pagefile.sys
[2013/10/23 12:46:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

< %systemroot%\Fonts\*.com >
[2013/10/17 11:44:10 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2013/10/17 11:44:10 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2013/10/17 11:44:10 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2013/10/17 11:44:10 | 000,043,318 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2013/08/22 08:35:03 | 000,000,065 | ---- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2013/08/22 08:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is Windows8_OS
Volume Serial Number is BCCB-4157
Directory of C:\
08/22/2013 07:45 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
08/22/2013 07:45 AM <JUNCTION> Application Data [C:\ProgramData]
08/22/2013 07:45 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
08/22/2013 07:45 AM <JUNCTION> Documents [C:\Users\Public\Documents]
08/22/2013 07:45 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013 07:45 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
08/22/2013 07:45 AM <SYMLINKD> All Users [C:\ProgramData]
08/22/2013 07:45 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
08/22/2013 07:45 AM <JUNCTION> Application Data [C:\ProgramData]
08/22/2013 07:45 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
08/22/2013 07:45 AM <JUNCTION> Documents [C:\Users\Public\Documents]
08/22/2013 07:45 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013 07:45 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Brandon
10/17/2013 10:56 AM <JUNCTION> Application Data [C:\Users\Brandon\AppData\Roaming]
10/17/2013 10:56 AM <JUNCTION> Cookies [C:\Users\Brandon\AppData\Local\Microsoft\Windows\INetCookies]
10/17/2013 10:56 AM <JUNCTION> Local Settings [C:\Users\Brandon\AppData\Local]
10/17/2013 10:56 AM <JUNCTION> My Documents [C:\Users\Brandon\Documents]
10/17/2013 10:56 AM <JUNCTION> NetHood [C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/17/2013 10:56 AM <JUNCTION> PrintHood [C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/17/2013 10:56 AM <JUNCTION> Recent [C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Recent]
10/17/2013 10:56 AM <JUNCTION> SendTo [C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\SendTo]
10/17/2013 10:56 AM <JUNCTION> Start Menu [C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu]
10/17/2013 10:56 AM <JUNCTION> Templates [C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Brandon\AppData\Local
10/17/2013 10:56 AM <JUNCTION> Application Data [C:\Users\Brandon\AppData\Local]
10/17/2013 10:56 AM <JUNCTION> History [C:\Users\Brandon\AppData\Local\Microsoft\Windows\History]
10/17/2013 10:56 AM <JUNCTION> Temporary Internet Files [C:\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Brandon\AppData\Local\Microsoft\Windows
10/17/2013 10:56 AM <JUNCTION> Temporary Internet Files [C:\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache
10/17/2013 11:15 AM <JUNCTION> Content.IE5 [C:\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\Low
10/17/2013 02:50 PM <JUNCTION> Content.IE5 [C:\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
0 File(s) 0 bytes
Directory of C:\Users\Brandon\Documents
10/17/2013 10:56 AM <JUNCTION> My Music [C:\Users\Brandon\Music]
10/17/2013 10:56 AM <JUNCTION> My Pictures [C:\Users\Brandon\Pictures]
10/17/2013 10:56 AM <JUNCTION> My Videos [C:\Users\Brandon\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Brandon\SkyDrive
09/26/2013 02:02 PM (246,529) Bonneau Budget - Editable-lobster-PC-2-lobster-PC-lobster-PC.xlsx
1 File(s) 246,529 bytes
Directory of C:\Users\Brandon\SkyDrive\Pictures\Saved pictures
10/21/2013 03:54 PM (68,560) P__0CA1.jpg
1 File(s) 68,560 bytes
Directory of C:\Users\Brandon\SkyDrive\SkyDrive camera roll
10/18/2013 03:54 PM (1,664,202) WP_20131018_001.jpg
10/18/2013 03:54 PM (1,787,752) WP_20131018_002.jpg
10/19/2013 12:34 AM (2,698,555) WP_20131018_003.jpg
10/23/2013 10:41 AM (1,666,504) WP_20131023_001.jpg
10/23/2013 10:41 AM (1,647,568) WP_20131023_002.jpg
10/23/2013 10:41 AM (1,706,615) WP_20131023_003.jpg
10/23/2013 10:42 AM (1,694,284) WP_20131023_004.jpg
10/23/2013 10:42 AM (1,653,731) WP_20131023_005.jpg
10/23/2013 10:42 AM (1,552,446) WP_20131023_006.jpg
10/23/2013 10:42 AM (1,716,324) WP_20131023_007.jpg
10/23/2013 10:44 AM (1,769,622) WP_20131023_008.jpg
10/23/2013 04:23 PM (2,481,929) WP_20131023_009.jpg
10/25/2013 08:58 AM (3,015,306) WP_20131025_001.jpg
10/25/2013 08:59 AM (2,961,516) WP_20131025_002.jpg
10/25/2013 09:51 AM (2,929,752) WP_20131025_003.jpg
15 File(s) 30,946,106 bytes
Directory of C:\Users\Default
08/22/2013 07:45 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
08/22/2013 07:45 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
08/22/2013 07:45 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
08/22/2013 07:45 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
08/22/2013 07:45 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/22/2013 07:45 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/22/2013 07:45 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
08/22/2013 07:45 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
08/22/2013 07:45 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
08/22/2013 07:45 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
08/22/2013 07:45 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
08/22/2013 07:45 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
08/22/2013 07:45 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local\Microsoft\Windows
08/22/2013 07:45 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
08/22/2013 07:45 AM <JUNCTION> My Music [C:\Users\Default\Music]
08/22/2013 07:45 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
08/22/2013 07:45 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default.migrated\Documents
07/26/2012 12:22 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/26/2012 12:22 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/26/2012 12:22 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Guest
10/17/2013 10:56 AM <JUNCTION> Application Data [C:\Users\Guest\AppData\Roaming]
10/17/2013 10:56 AM <JUNCTION> Cookies [C:\Users\Guest\AppData\Local\Microsoft\Windows\INetCookies]
10/17/2013 10:56 AM <JUNCTION> Local Settings [C:\Users\Guest\AppData\Local]
10/17/2013 10:56 AM <JUNCTION> My Documents [C:\Users\Guest\Documents]
10/17/2013 10:56 AM <JUNCTION> NetHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/17/2013 10:56 AM <JUNCTION> PrintHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/17/2013 10:56 AM <JUNCTION> Recent [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Recent]
10/17/2013 10:56 AM <JUNCTION> SendTo [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo]
10/17/2013 10:56 AM <JUNCTION> Start Menu [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu]
10/17/2013 10:56 AM <JUNCTION> Templates [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Guest\AppData\Local
10/17/2013 10:56 AM <JUNCTION> Application Data [C:\Users\Guest\AppData\Local]
10/17/2013 10:56 AM <JUNCTION> History [C:\Users\Guest\AppData\Local\Microsoft\Windows\History]
10/17/2013 10:56 AM <JUNCTION> Temporary Internet Files [C:\Users\Guest\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Guest\AppData\Local\Microsoft\Windows
10/17/2013 10:56 AM <JUNCTION> Temporary Internet Files [C:\Users\Guest\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Guest\Documents
10/17/2013 10:56 AM <JUNCTION> My Music [C:\Users\Guest\Music]
10/17/2013 10:56 AM <JUNCTION> My Pictures [C:\Users\Guest\Pictures]
10/17/2013 10:56 AM <JUNCTION> My Videos [C:\Users\Guest\Videos]
0 File(s) 0 bytes
Directory of C:\Users\jabon_000
10/17/2013 10:55 AM <JUNCTION> Application Data [C:\Users\jabon_000\AppData\Roaming]
10/17/2013 10:55 AM <JUNCTION> Cookies [C:\Users\jabon_000\AppData\Local\Microsoft\Windows\INetCookies]
10/17/2013 10:55 AM <JUNCTION> Local Settings [C:\Users\jabon_000\AppData\Local]
10/17/2013 10:55 AM <JUNCTION> My Documents [C:\Users\jabon_000\Documents]
10/17/2013 10:55 AM <JUNCTION> NetHood [C:\Users\jabon_000\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/17/2013 10:55 AM <JUNCTION> PrintHood [C:\Users\jabon_000\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/17/2013 10:55 AM <JUNCTION> Recent [C:\Users\jabon_000\AppData\Roaming\Microsoft\Windows\Recent]
10/17/2013 10:55 AM <JUNCTION> SendTo [C:\Users\jabon_000\AppData\Roaming\Microsoft\Windows\SendTo]
10/17/2013 10:55 AM <JUNCTION> Start Menu [C:\Users\jabon_000\AppData\Roaming\Microsoft\Windows\Start Menu]
10/17/2013 10:55 AM <JUNCTION> Templates [C:\Users\jabon_000\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\jabon_000\AppData\Local
10/17/2013 10:55 AM <JUNCTION> Application Data [C:\Users\jabon_000\AppData\Local]
10/17/2013 10:55 AM <JUNCTION> History [C:\Users\jabon_000\AppData\Local\Microsoft\Windows\History]
10/17/2013 10:55 AM <JUNCTION> Temporary Internet Files [C:\Users\jabon_000\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\jabon_000\AppData\Local\Microsoft\Windows
10/17/2013 10:55 AM <JUNCTION> Temporary Internet Files [C:\Users\jabon_000\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\jabon_000\AppData\Local\Microsoft\Windows\INetCache
10/17/2013 09:00 PM <JUNCTION> Content.IE5 [C:\Users\jabon_000\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Users\jabon_000\AppData\Local\Microsoft\Windows\INetCache\Low
10/17/2013 09:02 PM <JUNCTION> Content.IE5 [C:\Users\jabon_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
0 File(s) 0 bytes
Directory of C:\Users\jabon_000\Documents
10/17/2013 10:55 AM <JUNCTION> My Music [C:\Users\jabon_000\Music]
10/17/2013 10:55 AM <JUNCTION> My Pictures [C:\Users\jabon_000\Pictures]
10/17/2013 10:55 AM <JUNCTION> My Videos [C:\Users\jabon_000\Videos]
0 File(s) 0 bytes
Directory of C:\Users\jabon_000\SkyDrive\Mexico 7.2012
07/23/2013 02:27 PM (2,987,640) IMG_2865.JPG
07/23/2013 02:27 PM (2,972,851) IMG_2873.JPG
07/23/2013 02:27 PM (3,349,419) IMG_2875.JPG
07/23/2013 02:27 PM (3,554,659) IMG_2880.JPG
07/23/2013 02:27 PM (3,793,842) IMG_2888.JPG
07/23/2013 02:27 PM (3,232,352) IMG_2892.JPG
07/23/2013 02:27 PM (3,291,327) IMG_2894.JPG
07/23/2013 02:27 PM (3,435,396) IMG_2895.JPG
07/23/2013 02:27 PM (4,535,391) IMG_2897.JPG
07/23/2013 02:27 PM (6,257,483) IMG_2898.JPG
07/23/2013 02:27 PM (4,109,097) IMG_2911.JPG
07/23/2013 02:27 PM (3,072,673) IMG_2913.JPG
07/23/2013 02:27 PM (3,714,946) IMG_2941.JPG
07/23/2013 02:27 PM (2,715,570) IMG_2943.JPG
07/23/2013 02:27 PM (2,405,888) IMG_2948.JPG
07/23/2013 02:27 PM (5,089,451) IMG_2952.JPG
07/23/2013 02:27 PM (4,780,949) IMG_2953.JPG
07/23/2013 02:27 PM (4,938,032) IMG_2967.JPG
07/23/2013 02:27 PM (3,054,154) IMG_2974.JPG
07/23/2013 02:27 PM (5,065,233) IMG_2988.JPG
07/23/2013 02:27 PM (5,000,935) IMG_2999.JPG
07/23/2013 02:27 PM (3,316,449) IMG_3001.JPG
07/23/2013 02:28 PM (7,021,638) TATY NOCHE-91.jpg
07/23/2013 02:28 PM (7,911,105) TATY NOCHE-92.jpg
07/23/2013 02:28 PM (7,672,637) TATY NOCHE-95.jpg
25 File(s) 107,279,117 bytes
Directory of C:\Users\jabon_000\SkyDrive\Tomas' Mission goodbye party 7.2013
07/23/2013 02:24 PM (3,860,500) IMG_6976.JPG
07/23/2013 02:24 PM (3,025,935) IMG_6977.JPG
07/23/2013 02:24 PM (4,095,438) IMG_6978.JPG
07/23/2013 02:24 PM (3,651,468) IMG_6979.JPG
07/23/2013 02:24 PM (3,560,683) IMG_6981.JPG
07/23/2013 02:24 PM (3,222,259) IMG_6982.JPG
07/23/2013 02:24 PM (3,185,592) IMG_6983.JPG
07/23/2013 02:24 PM (2,950,340) IMG_6984.JPG
07/23/2013 02:24 PM (2,856,273) IMG_6985.JPG
07/23/2013 02:24 PM (2,894,351) IMG_6986.JPG
07/23/2013 02:24 PM (2,843,368) IMG_6987.JPG
07/23/2013 02:24 PM (4,727,259) IMG_6988.JPG
07/23/2013 02:24 PM (2,952,731) IMG_6989.JPG
07/23/2013 02:24 PM (2,743,205) IMG_6990.JPG
07/23/2013 02:24 PM (2,732,070) IMG_6991.JPG
07/23/2013 02:25 PM (4,320,982) IMG_6992.JPG
07/23/2013 02:25 PM (3,365,707) IMG_6993.JPG
07/23/2013 02:25 PM (4,126,418) IMG_6994.JPG
07/23/2013 02:25 PM (2,809,340) IMG_6995.JPG
07/23/2013 02:25 PM (3,623,363) IMG_6996.JPG
07/23/2013 02:25 PM (3,184,694) IMG_6997.JPG
07/23/2013 02:25 PM (3,294,735) IMG_6999.JPG
07/23/2013 02:25 PM (3,413,470) IMG_7000.JPG
07/23/2013 02:25 PM (3,676,840) IMG_7001.JPG
07/23/2013 02:25 PM (4,020,598) IMG_7002.JPG
07/23/2013 02:25 PM (3,289,154) IMG_7003.JPG
07/23/2013 02:25 PM (4,327,253) IMG_7004.JPG
07/23/2013 02:25 PM (3,637,762) IMG_7005.JPG
07/23/2013 02:25 PM (3,755,563) IMG_7006.JPG
07/23/2013 02:25 PM (3,458,018) IMG_7007.JPG
07/23/2013 02:25 PM (2,856,661) IMG_7008.JPG
07/23/2013 02:25 PM (2,658,896) IMG_7009.JPG
07/23/2013 02:25 PM (2,588,383) IMG_7012.JPG
07/23/2013 02:25 PM (3,776,508) IMG_7013.JPG
07/23/2013 02:25 PM (3,638,723) IMG_7014.JPG
07/23/2013 02:25 PM (2,721,967) IMG_7015.JPG
07/23/2013 02:25 PM (3,072,775) IMG_7016.JPG
07/23/2013 02:25 PM (2,931,351) IMG_7018.JPG
07/23/2013 02:25 PM (3,974,811) IMG_7019.JPG
07/23/2013 02:25 PM (2,843,344) IMG_7020.JPG
07/23/2013 02:25 PM (3,229,096) IMG_7022.JPG
07/23/2013 02:25 PM (2,782,652) IMG_7023.JPG
07/23/2013 02:25 PM (3,922,943) IMG_7027.JPG
07/23/2013 02:25 PM (4,069,899) IMG_7031.JPG
07/23/2013 02:25 PM (4,687,807) IMG_7032.JPG
07/23/2013 02:25 PM (2,570,188) IMG_7038.JPG
07/23/2013 02:25 PM (4,497,414) IMG_7040.JPG
07/23/2013 02:25 PM (5,298,166) IMG_7042.JPG
07/23/2013 02:25 PM (4,402,385) IMG_7043.JPG
07/23/2013 02:25 PM (4,102,634) IMG_7046.JPG
07/23/2013 02:25 PM (4,047,707) IMG_7047.JPG
07/23/2013 02:25 PM (3,057,540) IMG_7048.JPG
07/23/2013 02:25 PM (4,373,580) IMG_7049.JPG
07/23/2013 02:25 PM (3,443,874) IMG_7051.JPG
07/23/2013 02:25 PM (3,710,822) IMG_7054.JPG
07/23/2013 02:25 PM (4,146,663) IMG_7055.JPG
07/23/2013 02:25 PM (3,726,554) IMG_7058.JPG
07/23/2013 02:25 PM (3,493,913) IMG_7063.JPG
07/23/2013 02:25 PM (3,590,440) IMG_7069.JPG
07/23/2013 02:25 PM (3,581,202) IMG_7072.JPG
07/23/2013 02:25 PM (3,115,089) IMG_7075.JPG
07/23/2013 02:25 PM (3,472,394) IMG_7076.JPG
07/23/2013 02:25 PM (3,450,925) IMG_7078.JPG
07/23/2013 02:25 PM (3,928,236) IMG_7086.JPG
07/23/2013 02:25 PM (3,828,373) IMG_7088.JPG
07/23/2013 02:25 PM (3,760,394) IMG_7089.JPG
07/23/2013 02:25 PM (4,266,761) IMG_7092.JPG
07/23/2013 02:25 PM (3,808,373) IMG_7098.JPG
07/23/2013 02:25 PM (4,271,100) IMG_7099.JPG
07/23/2013 02:25 PM (4,242,007) IMG_7102.JPG
07/23/2013 02:25 PM (4,784,013) IMG_7105.JPG
07/23/2013 02:25 PM (4,088,237) IMG_7106.JPG
07/23/2013 02:26 PM (4,287,601) IMG_7109.JPG
07/23/2013 02:26 PM (3,037,960) IMG_7112.JPG
07/23/2013 02:26 PM (4,245,543) IMG_7113.JPG
07/23/2013 02:26 PM (4,489,810) IMG_7119.JPG
07/23/2013 02:26 PM (4,222,717) IMG_7120.JPG
07/23/2013 02:26 PM (3,826,408) IMG_7130.JPG
07/23/2013 02:26 PM (4,447,059) IMG_7131.JPG
07/23/2013 02:26 PM (3,798,198) IMG_7134.JPG
07/23/2013 02:26 PM (3,774,690) IMG_7137.JPG
07/23/2013 02:26 PM (3,534,359) IMG_7138.JPG
07/23/2013 02:26 PM (3,695,126) IMG_7139.JPG
07/23/2013 02:26 PM (3,558,375) IMG_7140.JPG
07/23/2013 02:26 PM (4,105,276) IMG_7142.JPG
07/23/2013 02:26 PM (4,513,143) IMG_7144.JPG
07/23/2013 02:26 PM (4,457,054) IMG_7148.JPG
07/23/2013 02:26 PM (3,902,191) IMG_7151.JPG
07/23/2013 02:26 PM (3,600,864) IMG_7153.JPG
07/23/2013 02:26 PM (3,537,052) IMG_7154.JPG
07/23/2013 02:26 PM (4,171,707) IMG_7156.JPG
07/23/2013 02:26 PM (3,768,760) IMG_7157.JPG
07/23/2013 02:26 PM (3,734,393) IMG_7158.JPG
07/23/2013 02:26 PM (1,972,065) IMG_7160.JPG
07/23/2013 02:26 PM (2,390,694) IMG_7162.JPG
07/23/2013 02:26 PM (5,050,109) IMG_7165.JPG
07/23/2013 02:26 PM (4,798,718) IMG_7166.JPG
07/23/2013 02:26 PM (4,845,084) IMG_7167.JPG
07/23/2013 02:26 PM (4,697,877) IMG_7170.JPG
07/23/2013 02:26 PM (4,495,788) IMG_7173.JPG
07/23/2013 02:26 PM (4,549,229) IMG_7174.JPG
07/23/2013 02:26 PM (4,736,615) IMG_7175.JPG
07/23/2013 02:26 PM (4,364,169) IMG_7176.JPG
07/23/2013 02:26 PM (4,028,766) IMG_7177.JPG
07/23/2013 02:26 PM (4,571,107) IMG_7180.JPG
07/23/2013 02:26 PM (3,170,875) IMG_7185.JPG
07/23/2013 02:26 PM (4,677,698) IMG_7187.JPG
07/23/2013 02:26 PM (3,875,052) IMG_7188.JPG
07/23/2013 02:26 PM (4,370,942) IMG_7189.JPG
07/23/2013 02:26 PM (4,343,183) IMG_7191.JPG
07/23/2013 02:26 PM (4,521,800) IMG_7192.JPG
07/23/2013 02:26 PM (4,281,619) IMG_7193.JPG
07/23/2013 02:26 PM (3,897,072) IMG_7195.JPG
07/23/2013 02:26 PM (3,334,539) IMG_7196.JPG
07/23/2013 02:26 PM (3,548,627) IMG_7197.JPG
07/23/2013 02:26 PM (3,980,143) IMG_7198.JPG
07/23/2013 02:26 PM (3,889,177) IMG_7199.JPG
07/23/2013 02:26 PM (4,153,485) IMG_7205.JPG
07/23/2013 02:26 PM (3,610,556) IMG_7206.JPG
07/23/2013 02:26 PM (2,205,402) IMG_7208.JPG
07/23/2013 02:26 PM (2,095,354) IMG_7215.JPG
07/23/2013 02:26 PM (3,683,481) IMG_7219.JPG
07/23/2013 02:26 PM (3,939,850) IMG_7223.JPG
07/23/2013 02:26 PM (4,123,374) IMG_7227.JPG
07/23/2013 02:26 PM (4,023,727) IMG_7228.JPG
07/23/2013 02:26 PM (3,533,119) IMG_7230.JPG
07/23/2013 02:29 PM (3,471,184) IMG_7233.JPG
127 File(s) 474,358,935 bytes
Directory of C:\Users\jabon_000\SkyDrive\with my precious Baby K
07/23/2013 02:28 PM (3,811,873) IMG_6933.JPG
07/23/2013 02:28 PM (3,517,819) IMG_6934.JPG
07/23/2013 02:28 PM (4,270,444) IMG_6935.JPG
07/23/2013 02:28 PM (4,490,501) IMG_6936.JPG
07/23/2013 02:28 PM (4,019,929) IMG_6937.JPG
07/23/2013 02:28 PM (3,871,246) IMG_6938.JPG
07/23/2013 02:28 PM (4,051,260) IMG_6939.JPG
07/23/2013 02:28 PM (4,647,757) IMG_6940.JPG
07/23/2013 02:28 PM (4,675,356) IMG_6941.JPG
07/23/2013 02:28 PM (4,444,019) IMG_6942.JPG
07/23/2013 02:28 PM (4,282,279) IMG_6943.JPG
07/23/2013 02:28 PM (3,334,694) IMG_6944.JPG
07/23/2013 02:28 PM (3,110,564) IMG_6945.JPG
07/23/2013 02:28 PM (3,058,347) IMG_6946.JPG
07/23/2013 02:28 PM (3,371,880) IMG_6968.JPG
07/23/2013 02:28 PM (3,803,083) IMG_6969.JPG
07/23/2013 02:28 PM (3,932,131) IMG_6970.JPG
17 File(s) 66,693,182 bytes
Directory of C:\Users\Public\Documents
08/22/2013 07:45 AM <JUNCTION> My Music [C:\Users\Public\Music]
08/22/2013 07:45 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
08/22/2013 07:45 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser
10/17/2013 10:56 AM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Roaming]
10/17/2013 10:56 AM <JUNCTION> Cookies [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCookies]
10/17/2013 10:56 AM <JUNCTION> Local Settings [C:\Users\UpdatusUser\AppData\Local]
10/17/2013 10:56 AM <JUNCTION> My Documents [C:\Users\UpdatusUser\Documents]
10/17/2013 10:56 AM <JUNCTION> NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/17/2013 10:56 AM <JUNCTION> PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/17/2013 10:56 AM <JUNCTION> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
10/17/2013 10:56 AM <JUNCTION> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
10/17/2013 10:56 AM <JUNCTION> Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
10/17/2013 10:56 AM <JUNCTION> Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local
10/17/2013 10:56 AM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Local]
10/17/2013 10:56 AM <JUNCTION> History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
10/17/2013 10:56 AM <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows
10/17/2013 10:56 AM <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\Documents
10/17/2013 10:56 AM <JUNCTION> My Music [C:\Users\UpdatusUser\Music]
10/17/2013 10:56 AM <JUNCTION> My Pictures [C:\Users\UpdatusUser\Pictures]
10/17/2013 10:56 AM <JUNCTION> My Videos [C:\Users\UpdatusUser\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
10/17/2013 08:39 PM <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
10/17/2013 08:39 PM <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Total Files Listed:
186 File(s) 679,592,429 bytes
110 Dir(s) 863,073,132,544 bytes free

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/06/16 04:50:21 | 000,000,223 | -HS- | M] () -- C:\Users\Brandon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2013/08/22 08:35:52 | 000,000,148 | -HS- | M] () -- C:\Users\Brandon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2013/10/17 17:46:14 | 000,383,480 | ---- | M] () -- C:\Users\Brandon\Desktop\BringMeSports.exe
[2013/10/20 09:52:56 | 004,953,944 | ---- | M] (FLVMPlayer ) -- C:\Users\Brandon\Desktop\FLVMPlayer.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\Users\Brandon\SkyDrive:ms-properties
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

Edited by Manbearpig79, 27 October 2013 - 01:52 PM.

Advertisements

Register to Remove

#2 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 28 October 2013 - 09:01 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
In the right panel, you will see several boxes that have been checked. Uncheck the following ...
- Sections
- IAT/EAT
- Show All ( should be unchecked by default )
Leave everything else as it is.
Close all other running programs as well as your Browser.
Click the Scan button & wait for it to finish.
Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop.
Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Please attach extras.txt

Proud Member of UNITE & TB

#3 Manbearpig79

New Member

Authentic Member
12 posts

Posted 28 October 2013 - 12:29 PM

Thanks Marius--when I download gmer it opens but gives me this error message: C:\WINDOWS\system32\config\system: The process cannot access the file because it is being used by another process. I am not sure what you mean by "•Double click on the randomly named GMER.exe"...is this is something that I am not seeing due to the error?

Here is the extras text from the previous scan using OTL:

OTL Extras logfile created on: 10/27/2013 12:31:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brandon\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.73 Gb Total Physical Memory | 3.52 Gb Available Physical Memory | 45.56% Memory free
15.48 Gb Paging File | 11.81 Gb Available in Paging File | 76.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 883.84 Gb Total Space | 803.77 Gb Free Space | 90.94% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 22.09 Gb Free Space | 88.36% Space Free | Partition Type: NTFS
Drive E: | 2.35 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BILLYBADASS | User Name: Brandon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Brandon\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Lenovo Photos] -- "C:\Program Files (x86)\LenovoPhotos\Lenovo Photos\Lenovo Photos.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Brandon\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Lenovo Photos] -- "C:\Program Files (x86)\LenovoPhotos\Lenovo Photos\Lenovo Photos.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{054A4907-3E95-4B51-BF6D-0AF76B5156B1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{222BCB54-0733-493A-891F-FE6F4B8331AD}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2574FC22-689D-4113-A519-423DBD453C1E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3818BC49-92DF-4451-9D14-594265B4E4F3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CC0FBB8-3132-4287-A9B0-380CB65D52D8}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6B43D17C-6A9F-40D9-AFB9-D2BF89654539}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7954DBD1-DDEB-4351-B6A9-471F5E23BDE5}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8FF454A6-0D4E-4193-AE0B-0307401BC287}" = lport=10243 | protocol=6 | dir=in | app=system |
"{917A6BAE-4EB2-4B59-8736-ACBED747FEAC}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9658063B-17B0-4023-A4F1-3448A0625C73}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D127478A-4909-4774-A606-4C3DB6F35D94}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DAA29B02-13BA-48CA-B50E-A24CA99F50D7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{E7B41420-F42B-4057-8CAB-6CCEB638C02C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F4C25807-B92E-4432-8A9B-480293A09525}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00738B23-E158-4CE1-8344-9890338EEE9C}" = dir=out | name=lifecam dashboard |
"{04061C1A-2D56-4634-9B5C-AD7381299F25}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{044F1913-33CD-44FE-A53C-35B04FDED5C0}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{04C64F6A-5FBA-4CFE-942A-9C900B5F4A42}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{06EFD45F-3AC8-43DF-84BC-D7F8AA26B0F3}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{077DF179-0374-4F18-93F6-5AFE26389395}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{09236D00-C4EB-46F8-8406-77E869AB08B6}" = dir=in | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.87_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/resources/app-name} |
"{0D643F78-0B00-4CAC-83E3-D1450789F022}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9600.20278_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{0D7A0FB6-447D-4B19-B296-E698901193DC}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.201_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{11051EA1-1D98-4E0F-BA43-37FC301DAE02}" = dir=out | name=rara.com |
"{1187136A-2631-46C8-8BD2-9DB2A8C68685}" = dir=out | name=@{microsoft.zunemusic_1.5.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{11BE8539-E360-4637-ABFA-0063DFE12B8B}" = dir=in | name=windows phone |
"{129D67C0-4B7B-4A7C-9C4A-6770F0DB2894}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9600.20278_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{157F8BE6-7203-4CCD-B625-B1A6EF085DF3}" = dir=in | name=hp printer control |
"{15CA0245-6BA4-43C2-9BFC-8099A8249C18}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20279_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{16284CA4-8F0A-4610-93C6-FEF20394FAFE}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9600.20278_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{1758814E-4138-4458-9DFA-69726BD761D3}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{1A8CC562-6CB8-4840-A5CB-37DFA1C013A5}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1CAB81C4-7515-4BB6-A23A-04FB9C3CF8D1}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{1CC7ABCB-4D65-4D9D-AA96-28E7D422CFCF}" = dir=out | name=lenovo cloud storage by sugarsync |
"{1F2295A8-409C-4DE4-BE7C-3BBDDDEB113C}" = dir=out | name=zinio |
"{1F7A6BCC-AE77-47D3-B786-3B2E807DC2C0}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{200A3343-F094-43A7-8350-CC4712A37F1F}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{20AD3826-0B9A-488C-87A7-E567D95E11F7}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{213393F2-6D9A-4324-850C-C961A36FB08F}" = dir=out | name=zinio |
"{21C949BD-76FB-4EBF-AFAD-A0B6E505D842}" = dir=in | name=@{microsoft.xboxcompanion_1.3.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{22830014-96FF-4A52-8BBF-8342D14FA7B3}" = dir=out | name=hulu plus |
"{24B66F78-231D-4FF3-8752-B2B7957D6F4F}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{24DAD844-02B6-4EA4-AE28-2EF2F40EADAA}" = dir=out | name=evernote |
"{2598B962-CA04-403D-96B4-8D8F8496B3C3}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20279_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{27AEC53F-DD90-456C-B8BD-C7E8D5EF3081}" = dir=out | name=lifecam dashboard |
"{2878D7D7-1F48-40DA-B08A-203803662D01}" = dir=out | name=evernote touch |
"{2FE0A725-6ED0-43E3-95F1-CAB6034364C3}" = dir=out | name=mcafee® central for lenovo |
"{35514EA6-8AF8-4C49-9D7E-CAC554BEE0AE}" = dir=out | name=windows_ie_ac_001 |
"{35835AD2-E448-4586-B3DA-3705A3194AEE}" = dir=in | name=f5 vpn |
"{36CD751B-BA91-4F34-8E5A-35D77CEE557F}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{375629B9-6EE2-4459-ABF3-BB761DA8F25C}" = dir=out | name=windows phone |
"{39B6A577-36AA-4BA5-A464-42178DBE35B9}" = dir=out | name=encyclopaedia britannica |
"{39DC12F0-3616-4C82-9332-FC24F43F6BFF}" = dir=in | name=check point vpn |
"{3C7A817A-643F-4756-84B5-B891C2035361}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{40D8E4CD-F7AA-4E46-9D06-54645D6F63BD}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{41A30C50-FA3C-4FF1-88B0-340A1CD70CCF}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{42B195B1-58CA-4A53-947E-BDC7985097EC}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20279_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{44174256-9E5E-4901-BA90-87F17D909455}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{45FA2D68-9110-4043-89F3-8D081D96B9E3}" = dir=out | name=ebay |
"{46F22C9A-70E0-48BF-8807-66C543EC1485}" = dir=in | name=mcafee® central for lenovo |
"{47FA9D2F-8A8D-4D6F-B5F6-3577F7E91597}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{490B7A56-5743-4470-90BD-B33FD2196335}" = dir=in | name=evernote touch |
"{4C4D975B-AB56-4FCA-9F2C-F20C1C5BC1D1}" = protocol=6 | dir=out | app=system |
"{4D217512-48C3-4A13-B0EE-7798AF682F60}" = dir=in | name=sonicwall mobile connect |
"{4DB0212E-4C04-4CA0-852F-51B7432C0284}" = dir=out | name=@{microsoft.zunemusic_2.2.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{4E7C704A-0506-4A78-98F4-107E25182D79}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{50188AAC-63FB-4234-B8A3-C3A02DA268D9}" = dir=out | name=check point vpn |
"{53FCD212-5863-432A-8E04-0E65FD4E6B52}" = dir=out | name=kindle |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{565B684F-E732-4D9F-A32C-56360696793A}" = dir=out | name=windows phone |
"{58971CA9-E933-421F-BD08-E49965B100D5}" = dir=in | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{59B04296-98AC-4005-8972-9F35E9AE9D61}" = dir=out | name=accuweather for windows 8 |
"{5A1B9325-D20A-49B1-930E-A729870F0557}" = dir=out | name=@{microsoft.zunevideo_1.5.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{5A9A4BE9-D267-4525-ABF4-27076608AB7A}" = dir=out | name=juniper networks junos pulse |
"{5B81AA3F-56A5-437F-BD10-5317BBE47E7F}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{5C1B7874-5F26-45F2-871E-1C600396B3B6}" = dir=out | name=accuweather for windows 8 |
"{5C6FC28A-F65E-49CC-B851-76EBDBC43D85}" = dir=out | name=@{microsoft.xboxcompanion_1.3.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{5E26C948-B74A-456B-B1D4-43FA8470666A}" = dir=out | name=rara music |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6008DFF6-3DC7-4DAD-B25D-3C392436E020}" = dir=out | name=skype |
"{61DF8ABF-5099-4AFF-9B4E-3F422110AEC4}" = dir=in | name=skype |
"{624716A3-C545-448C-9290-34C5FFB16B85}" = dir=in | app=c:\users\brandon\appdata\local\microsoft\skydrive\skydrive.exe |
"{6358DEB0-8C9E-41B8-8E73-F844BE90D7A1}" = dir=out | name=juniper networks junos pulse |
"{64FE37E1-E6D9-4452-B4AB-F41482550BC4}" = dir=out | name=lenovo cloud storage by sugarsync |
"{662543E8-1937-4328-A00C-1990BA115CD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C5BF398-7CF9-4DEC-B849-7D5BAC382A7E}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.201_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{6C812B2D-2585-41EB-A9D2-2F075E724D57}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{6F2110B2-0D6A-4D2F-9CAD-94B53D7C5CA7}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{7113B0F4-3354-43AA-B325-E0E71917686C}" = dir=out | name=ebay |
"{7122308D-CF5A-4C82-B035-4C043BA85CF3}" = dir=out | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{719B863D-19B3-4414-A0FC-E0A064AA3A95}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{73C748EE-6FBB-49FA-B3E6-567DD5D5C39E}" = dir=out | name=windows_ie_ac_001 |
"{7553BB95-3344-4C4A-93FA-6EB5FBE96745}" = dir=in | name=juniper networks junos pulse |
"{758D3612-DE1C-4994-B237-D586B42933BB}" = dir=out | name=merriam-webster dictionary |
"{779F32A8-0C60-4EA4-91DA-56B1824B3728}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7A224A58-2AC0-47D2-A946-36521D4BBA71}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7C2ACCE5-9D0E-4EAD-B29F-AC90F8298549}" = dir=in | name=@{microsoft.xboxcompanion_1.3.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{7DA5E3F5-2A9A-472C-84AF-E5254868F105}" = dir=out | name=f5 vpn |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{80D63FA1-4FB5-42CC-8E9A-B9D85FDE7F82}" = dir=out | name=encyclopaedia britannica |
"{84FEA219-B817-4627-BB4B-A124D139B934}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{879D85E2-8478-4225-9433-A847338DA971}" = dir=in | name=check point vpn |
"{8BF08468-D826-45E9-B0FE-5E6A26F7FBD7}" = dir=in | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{8D1D2FC2-5F92-4DDD-9A1F-1532979CABB4}" = dir=out | name=hp printer control |
"{8E7F891A-65DD-491D-9585-212092347CE0}" = dir=out | name=windows_ie_ac_001 |
"{9212681D-C2BB-4DC7-A29A-C248B00E451D}" = dir=out | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.87_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/resources/app-name} |
"{95F9B21E-69A9-4C48-924E-9723088C58C0}" = dir=in | name=rara music |
"{981EB79A-200D-4575-9C7F-226907B9AD1F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9878D6B2-C3EF-4A5C-AFCA-84CB306E643F}" = dir=in | name=juniper networks junos pulse |
"{99A174B9-C2A3-43ED-8612-69F14D1E6595}" = dir=out | name=sonicwall mobile connect |
"{9B170DDD-CAF6-470D-BF0B-DF929873E5A0}" = dir=out | name=@{microsoft.bingfinance_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9CBF28E4-BD7C-416F-B90A-5576ABD2C10C}" = dir=out | name=@{microsoft.bingnews_3.0.1.205_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{9D660035-6319-4723-9FE2-78688CEE5795}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{9D918242-8B51-4BDF-8319-BA91D67853AF}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A13CCEE5-4019-4FF8-B17C-85E63DF8E36B}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{A18FF515-8A17-4A15-9164-FE633E358EDE}" = dir=in | name=sonicwall mobile connect |
"{A3141809-02EE-4475-AD11-7D4C1763F5F8}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{A513ECBC-AFB2-48D1-AD9F-2CEAE82F86CA}" = dir=in | name=windows phone |
"{A67C2D45-08EC-4816-AFB4-2F12AD0C4135}" = dir=out | name=lenovo companion |
"{A75830C0-FACC-4144-9846-3F6D48709F54}" = dir=out | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{A895B132-26FD-4EFE-84F5-CB0FE6812CCC}" = protocol=6 | dir=in | app=c:\program files (x86)\lavasoft\adaware securesearch toolbar\dtuser.exe |
"{A99E9574-AC53-4326-AF02-C4E0FF26D36D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{AD9BF29B-CD96-4E24-97C8-8EF671E96791}" = dir=out | name=@{microsoft.zunemusic_2.2.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{AE2BB0CD-E48B-4806-B4C4-E2F5E4FF7CBE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE5E2C68-AA72-4493-8158-F56C2E9DC79A}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{AEA9AC99-2540-44F9-9B6B-6C8D51CCC1F1}" = dir=out | name=netflix |
"{B11F4E96-7F3C-47A5-8E9E-0415327D0AFB}" = dir=out | name=@{microsoft.zunevideo_2.2.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{B4D04C43-9806-40B6-812E-D1606B3F6A37}" = dir=in | name=f5 vpn |
"{B5F31B28-1E84-4E5A-B6B7-D99DDC38F1B1}" = dir=out | name=@{microsoft.xboxcompanion_1.3.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{BA0BD034-6073-436E-AAC9-889281A5A180}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BB694513-0A46-4F50-A101-D2291A4828C6}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{BBE2B50E-CD90-4081-B214-E1084726921A}" = dir=in | name=hp printer control |
"{BC3B0F9A-5B52-43A6-917A-03ADF79E18DF}" = dir=out | name=powerdvd for lenovo idea |
"{BD6A006D-4186-45EB-966C-5A739A93E231}" = dir=out | name=lenovo support |
"{BF36741F-0141-4532-B43E-2BD264AD855E}" = dir=out | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{C03D7930-6010-46CC-9195-F6F11F461229}" = dir=in | name=rara.com |
"{C056B825-0A74-457F-AE14-964387632E66}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C385AE66-143D-45BA-B54C-D7C13521F395}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{C43785DD-C8DA-44F5-8C0B-1396B88B5E10}" = dir=out | name=sonicwall mobile connect |
"{C4A6FC7D-77F7-4A0C-BC9F-18045288C039}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20279_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C59D4425-FCEA-4321-8F87-808B4499E6E1}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{C6A8A422-4A04-4C7F-9F3A-9FCB1BAF6EEC}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{C7C41012-14DD-4A18-B71B-1D77CE4698AC}" = protocol=17 | dir=in | app=c:\program files (x86)\lavasoft\adaware securesearch toolbar\dtuser.exe |
"{C9EEFBEA-D807-46A7-9896-43E43813DB9C}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{CA06A661-A6EA-4989-B650-AA851C878DBB}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd10.exe |
"{CACE769B-B9CB-41B4-B88B-3B2C9AD33C24}" = dir=in | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{CC31F853-B83C-447D-84CC-4DC595098515}" = dir=out | name=lenovo support |
"{CC896D8F-ED2E-447D-8B4F-F6E3B5F4C07B}" = dir=out | name=check point vpn |
"{CCDB5B85-15E7-4BC3-9A1D-06ECF23A8218}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{CF692FFA-91EF-402A-B18F-BC2C479138B5}" = dir=out | name=kindle |
"{CF74E9BC-DFC5-4592-9AC6-4DAF35A7C028}" = dir=out | name=f5 vpn |
"{D12C447F-93FB-4728-B5B7-11416DEBD87B}" = dir=out | name=@{microsoft.bingnews_3.0.1.205_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{D1B98059-9977-4EDC-B90B-38906523112C}" = dir=out | name=skype |
"{D2E34556-BC5E-41BA-A77D-FF11FFD64138}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{D4172F80-D25B-4754-A100-54E7E274F205}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D81B3929-972F-4FE2-92B8-EEE5E842B7B5}" = dir=out | name=@{microsoft.bingfinance_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{D94A8D38-3FBF-45F6-90E0-36C37DA162A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA45B048-1C27-4F16-A1FA-4B1BF37067D5}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E0DAEBA0-32F3-489F-BC21-F5390965EEF5}" = dir=in | name=powerdvd for lenovo idea |
"{E29FAD32-F76A-4F7C-A67F-D12BB4320BC5}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{E395AE30-C8E2-46F8-8174-75A9C5C72696}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9600.20278_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{E4A1AA64-93D3-470C-9671-E4EC5E7EE575}" = dir=in | name=rara music |
"{E51D9EFD-6DEB-49B5-B621-CB570923D069}" = dir=in | name=skype |
"{E6BF669A-4CF1-4A98-91C4-93DC6ACFB225}" = dir=in | name=evernote |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EADD52EC-AA62-426E-99FE-481B46E49C03}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EBC6D5C6-1674-4C03-9F72-ED0B0BF7C82D}" = dir=out | name=merriam-webster dictionary |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ED32F7D3-89E5-476A-B8A3-6D749C7CC1C7}" = dir=in | name=evernote touch |
"{EDAAB877-C2D9-407D-A5CC-779D728EA913}" = dir=out | name=hp printer control |
"{EECE7B6A-CACF-43CB-AAB4-D764ADA34ABA}" = dir=out | name=@{microsoft.zunevideo_2.2.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F2A7E5C5-B608-4999-93C3-F008719FC358}" = dir=out | name=powerdvd for lenovo idea |
"{F3500D2C-7C77-4D57-BB01-87578309555A}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F7375ACA-7AFC-4F5D-94F4-E157548E3472}" = dir=out | name=evernote touch |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7A0FBAB-55FE-46E2-92ED-7EA54EC13537}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{F7DB4AC1-9372-4360-B2DF-8A176EBF8E8F}" = dir=out | name=rara music |
"{F9D760E3-D3DA-4908-945E-514AE8F21BF5}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{FB22F5F0-A25F-4F09-BEE6-3FB1452F7103}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FB7A3152-176D-4B1C-BA27-876FC168E361}" = dir=out | name=lenovo companion |
"{FBE31753-8502-4E76-8890-0464185E326D}" = dir=in | name=powerdvd for lenovo idea |
"{FD8AC99D-B913-4478-8265-790F0FE73B64}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"TCP Query User{45144987-70EA-46CB-84F3-266E217A6254}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |
"TCP Query User{4F556CF2-E192-4E42-8781-C4834F202028}C:\users\guest\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\guest\appdata\roaming\spotify\spotify.exe |
"TCP Query User{725EC044-7B0C-4634-9997-9ACBBA89375A}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |
"TCP Query User{833E9843-7047-401D-BC0A-F7154D10A78C}C:\users\jabon_000\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\jabon_000\appdata\roaming\spotify\spotify.exe |
"UDP Query User{34B6A869-D65B-451C-8602-908A7B576D40}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |
"UDP Query User{61CF2502-9E4F-4561-82C8-4DB0CC07BD48}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |
"UDP Query User{704DBE80-3690-41E9-A23D-9EA5227F8C9E}C:\users\jabon_000\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\jabon_000\appdata\roaming\spotify\spotify.exe |
"UDP Query User{C46A3138-A6CC-4052-8A01-FEC7C44387C7}C:\users\guest\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\guest\appdata\roaming\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A087CE7-F643-4FE8-A5D2-0BBAF4A7B032}" = AdAwareUpdater
"{0A087CE7-F643-4FE8-A5D2-0BBAF4A7B032}_AdAwareUpdater" = Ad-Aware Antivirus
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{28A683FB-7BEF-4C94-93D1-0DDDB7761894}" = OnlineThreatsEngine
"{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}" = Nitro Pro 8
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{44B72151-611E-429D-9765-9BA093D7E48A}" = Intel® Trusted Connect Service Client
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{5AF3560C-09BA-426F-BFA0-FEF0A94A9D8B}" = Microsoft Corporation
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{600DEB42-433A-40AF-BC14-082E40577BF2}" = AntimalwareEngine
"{7629623D-F0D0-4AC6-A763-FBE06ED8288C}" = Intel® Rapid Storage Technology
"{7C6CD9B4-B230-4E76-80AA-FB465FF4DE29}" = Intel® PROSet/Wireless WiFi Software Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{877C7A27-7529-4B0C-BA7B-4D697E90DDC1}" = FirewallEngine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EC9E7BB-2443-49B1-8476-490EBF932C2E}" = Microsoft LifeCam
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{A94C50AA-21E8-4627-ADD0-E16A07030D7D}" = Intel® PROSet/Wireless for Bluetooth® + High Speed
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 7.2.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 7.2.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.5
"{B73D2BF9-2C82-40A4-AFA8-32CE2E501640}" = Lenovo Solution Center
"{C123584F-9C84-45E8-AE5F-522328BB79A0}" = ExpressCache
"{CE5E1FC7-FD27-493F-A65F-23AD7ED9661D}" = WebFilteringEngine
"{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{DEF50764-F1A7-4DD4-B8BA-C81A4807631A}" = Intel® PROSet/Wireless WiFi Software
"{E1507F52-6DFA-414B-BF3D-9A1BEF7B7EC8}" = AntispamEngine
"{EBE1D498-A767-489E-A0DD-F317A8B83579}" = AdAwareInstaller
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
"8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
"O365HomePremRetail - en-us" = Microsoft Office 365 Home Premium - en-us
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C26A305-4549-4A8A-9F03-25719C03B0FB}" = FreeRide Games
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}" = Onekey Theater
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{959B7F35-2819-40C5-A0CD-3C53B5FCC935}" = Genesys USB Mass Storage Device
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1CF7B76-682D-4547-AA96-11B659A2CEAC}" = Microsoft Corporation
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Lenovo EasyCamera
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{fad118b4-798f-4755-9e67-a622eec95b62}" = Intel® PROSet/Wireless Software
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"adawaretb" = Ad-Aware Security Add-on
"Adobe AIR" = Adobe AIR
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"Desk 365" = Desk 365
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Intel AppUp(SM) center 33057" = Intel AppUp(SM) center
"Lenovo Dependency Package_is1" = Lenovo Dependency Package
"Lenovo Photos" = Lenovo Photos
"Office14.SingleImage" = Microsoft Office Professional 2010
"Plus-HD-1.3" = Plus-HD-1.3
"Prism" = Prism Video File Converter
"SearchProtect" = Search Protect by conduit
"Speed Analysis 3" = Speed Analysis 3
"VideoPad" = VideoPad Video Editor
"WavePad" = WavePad Sound Editor

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/22/2013 6:29:26 PM | Computer Name = BillyBadass | Source = MsiInstaller | ID = 11925
Description =

Error - 10/22/2013 6:29:27 PM | Computer Name = BillyBadass | Source = MsiInstaller | ID = 11925
Description =

Error - 10/22/2013 6:29:28 PM | Computer Name = BillyBadass | Source = MsiInstaller | ID = 11925
Description =

Error - 10/23/2013 3:46:22 PM | Computer Name = BillyBadass | Source = Application Error | ID = 1000
Description = Faulting application name: AdAwareUpdater.exe, version: 11.0.4555.0,
time stamp: 0x526146a6 Faulting module name: Localization.dll, version: 11.0.4555.0,
time stamp: 0x52614435 Exception code: 0xc0000005 Fault offset: 0x0000000000001922
Faulting
process id: 0x4b74 Faulting application start time: 0x01ced026b243fa84 Faulting application
path: C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
Updater\11.0.4555.0\AdAwareUpdater.exe Faulting module path: C:\Program Files\Common
Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.0.4555.0\Localization.dll
Report
Id: caf4593d-3c1b-11e3-bea2-606c666319dc Faulting package full name: Faulting package-relative
application ID:

Error - 10/23/2013 3:46:58 PM | Computer Name = BillyBadass | Source = CltMngSvc | ID = 1000
Description =

Error - 10/23/2013 11:36:46 PM | Computer Name = BillyBadass | Source = MsiInstaller | ID = 11925
Description =

Error - 10/23/2013 11:36:47 PM | Computer Name = BillyBadass | Source = MsiInstaller | ID = 11925
Description =

Error - 10/23/2013 11:36:48 PM | Computer Name = BillyBadass | Source = MsiInstaller | ID = 11925
Description =

Error - 10/23/2013 11:36:48 PM | Computer Name = BillyBadass | Source = MsiInstaller | ID = 11925
Description =

Error - 10/23/2013 11:36:49 PM | Computer Name = BillyBadass | Source = MsiInstaller | ID = 11925
Description =

[ System Events ]
Error - 10/16/2013 8:32:49 PM | Computer Name = BillyBadass | Source = DCOM | ID = 10010
Description =

Error - 10/17/2013 1:37:24 PM | Computer Name = BillyBadass | Source = DCOM | ID = 10010
Description =

Error - 10/17/2013 1:37:25 PM | Computer Name = BillyBadass | Source = DCOM | ID = 10010
Description =

Error - 10/17/2013 1:37:25 PM | Computer Name = BillyBadass | Source = DCOM | ID = 10010
Description =

Error - 10/17/2013 1:37:25 PM | Computer Name = BillyBadass | Source = DCOM | ID = 10010
Description =

Error - 10/17/2013 1:49:57 PM | Computer Name = BillyBadass | Source = Service Control Manager | ID = 7023
Description = The IP Helper service terminated with the following error: %%1058

Error - 10/17/2013 1:52:00 PM | Computer Name = BillyBadass | Source = Service Control Manager | ID = 7023
Description = The Network List Service service terminated with the following error:
%%21

Error - 10/17/2013 1:54:00 PM | Computer Name = BillyBadass | Source = DCOM | ID = 10010
Description =

Error - 10/17/2013 1:54:00 PM | Computer Name = BillyBadass | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description = The BITS service failed to start. Error 2148007941.

Error - 10/17/2013 1:54:00 PM | Computer Name = BillyBadass | Source = Service Control Manager | ID = 7024
Description = The Background Intelligent Transfer Service service terminated with
the following service-specific error: %%2148007941

< End of report >

#4 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 28 October 2013 - 01:44 PM

Skip Gmer

Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

Double click the aswMBR.exe icon, and click Run.
There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
Click the Scan button to start the scan once the update has finished downloading
On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

Proud Member of UNITE & TB

#5 Manbearpig79

New Member

Authentic Member
12 posts

Posted 28 October 2013 - 01:59 PM

TDSSKiller log:

12:53:26.0171 0x2230 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
12:53:26.0171 0x2230 UEFI system
12:53:30.0392 0x2230 ============================================================
12:53:30.0392 0x2230 Current date / time: 2013/10/28 12:53:30.0392
12:53:30.0392 0x2230 SystemInfo:
12:53:30.0392 0x2230
12:53:30.0392 0x2230 OS Version: 6.3.9600 ServicePack: 0.0
12:53:30.0392 0x2230 Product type: Workstation
12:53:30.0392 0x2230 ComputerName: BILLYBADASS
12:53:30.0392 0x2230 UserName: Brandon
12:53:30.0392 0x2230 Windows directory: C:\WINDOWS
12:53:30.0392 0x2230 System windows directory: C:\WINDOWS
12:53:30.0392 0x2230 Running under WOW64
12:53:30.0392 0x2230 Processor architecture: Intel x64
12:53:30.0392 0x2230 Number of processors: 8
12:53:30.0392 0x2230 Page size: 0x1000
12:53:30.0392 0x2230 Boot type: Normal boot
12:53:30.0392 0x2230 ============================================================
12:53:30.0512 0x2230 System UUID: {3CADB5D6-453F-E5EF-075C-3C2DC0672E8E}
12:53:30.0772 0x2230 Drive \Device\Harddisk0\DR0 - Size: 0x5976F6000 (22.37 Gb), SectorSize: 0x200, Cylinders: 0xB67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:53:30.0782 0x2230 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:53:30.0792 0x2230 ============================================================
12:53:30.0792 0x2230 \Device\Harddisk0\DR0:
12:53:30.0792 0x2230 GPT partitions:
12:53:30.0792 0x2230 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {B8CB5058-C187-4719-BAF0-379CA2D4C97E}, UniqueGUID: {4613EE39-4727-4347-8134-173F590F716F}, Name: HFS, StartLBA 0x800, BlocksNum 0x2CBA800
12:53:30.0792 0x2230 MBR partitions:
12:53:30.0792 0x2230 \Device\Harddisk1\DR1:
12:53:30.0792 0x2230 GPT partitions:
12:53:30.0792 0x2230 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CA51D042-3CC0-4654-9310-D8009159C6B1}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
12:53:30.0792 0x2230 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0521EDAC-5DAA-4A4B-8243-31767FB71F8C}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
12:53:30.0792 0x2230 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {0897952F-7726-44E2-B2E3-11276AAF95E0}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
12:53:30.0792 0x2230 \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {0897C349-CD1D-4D47-90B0-A0147255D44C}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
12:53:30.0792 0x2230 \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2D3297E0-C1C9-4C8F-B107-D2FD57D35A76}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6E7AD000
12:53:30.0792 0x2230 \Device\Harddisk1\DR1\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4662F4C3-C929-44FB-8CF3-8CFBF14E4887}, Name: , StartLBA 0x6EC57800, BlocksNum 0xAF000
12:53:30.0792 0x2230 \Device\Harddisk1\DR1\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7A05DF48-ED4F-4F49-9CBA-AC45C30E27B2}, Name: Basic data partition, StartLBA 0x6ED06800, BlocksNum 0x3200000
12:53:30.0792 0x2230 \Device\Harddisk1\DR1\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CDC9962E-A92C-42D0-A7AE-9483E33D3627}, Name: Basic data partition, StartLBA 0x71F06800, BlocksNum 0x2800000
12:53:30.0792 0x2230 MBR partitions:
12:53:30.0792 0x2230 ============================================================
12:53:30.0822 0x2230 C: <-> \Device\Harddisk1\DR1\Partition5
12:53:30.0882 0x2230 D: <-> \Device\Harddisk1\DR1\Partition7
12:53:30.0882 0x2230 ============================================================
12:53:30.0882 0x2230 Initialize success
12:53:30.0882 0x2230 ============================================================
12:53:55.0815 0x0600 ============================================================
12:53:55.0815 0x0600 Scan started
12:53:55.0815 0x0600 Mode: Manual;
12:53:55.0815 0x0600 ============================================================
12:53:55.0815 0x0600 KSN ping started
12:53:58.0376 0x0600 KSN ping finished: true
12:53:58.0616 0x0600 ================ Scan system memory ========================
12:53:58.0616 0x0600 System memory - ok
12:53:58.0616 0x0600 ================ Scan services =============================
12:53:58.0756 0x0600 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:53:58.0766 0x0600 1394ohci - ok
12:53:58.0786 0x0600 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:53:58.0796 0x0600 3ware - ok
12:53:58.0826 0x0600 [ E19D921EBBD1A2CA4C48D7B5F1685B30, E14F6E48593E03DDAB4DF281755C0A5FC77D491AB8039D421AC84D306C38BCDA ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:53:58.0836 0x0600 ACPI - ok
12:53:58.0866 0x0600 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:53:58.0866 0x0600 acpiex - ok
12:53:58.0896 0x0600 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:53:58.0896 0x0600 acpipagr - ok
12:53:58.0936 0x0600 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:53:58.0936 0x0600 AcpiPmi - ok
12:53:58.0956 0x0600 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:53:58.0956 0x0600 acpitime - ok
12:53:58.0986 0x0600 [ 3B42D95D20CD2AACDB0564471AE43ED7, BF49568D7060159F61D5F6DE7ECDECCCD1F920A2881544BA83CF420C822F6653 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
12:53:58.0996 0x0600 ACPIVPC - ok
12:53:59.0026 0x0600 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:53:59.0036 0x0600 ADP80XX - ok
12:53:59.0086 0x0600 [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
12:53:59.0086 0x0600 AeLookupSvc - ok
12:53:59.0116 0x0600 [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:53:59.0126 0x0600 AFD - ok
12:53:59.0156 0x0600 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
12:53:59.0156 0x0600 agp440 - ok
12:53:59.0176 0x0600 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:53:59.0176 0x0600 ahcache - ok
12:53:59.0196 0x0600 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
12:53:59.0206 0x0600 ALG - ok
12:53:59.0246 0x0600 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:53:59.0246 0x0600 AmdK8 - ok
12:53:59.0256 0x0600 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:53:59.0256 0x0600 AmdPPM - ok
12:53:59.0276 0x0600 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:53:59.0276 0x0600 amdsata - ok
12:53:59.0296 0x0600 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:53:59.0306 0x0600 amdsbs - ok
12:53:59.0326 0x0600 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:53:59.0326 0x0600 amdxata - ok
12:53:59.0366 0x0600 [ EA3F776E71584D7B51D9B1ADCE80DF08, DFBE52589DDBBD6CC22FFF6DE9874F9E8144DF58C06F14DD1176BDF5CD2DB649 ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys
12:53:59.0376 0x0600 AMPPAL - ok
12:53:59.0516 0x0600 [ 9BE647AB104153BD0053EB4A48F50B31, 06BE3CA2C3F0D675DC3802BE8D12511495553EA1FB8118427998F5D2EDA550C7 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
12:53:59.0526 0x0600 AMPPALR3 - ok
12:53:59.0566 0x0600 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:53:59.0576 0x0600 AppID - ok
12:53:59.0596 0x0600 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:53:59.0606 0x0600 AppIDSvc - ok
12:53:59.0636 0x0600 [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:53:59.0646 0x0600 Appinfo - ok
12:53:59.0696 0x0600 [ EF0EE63BE56D2CAC3FA07850770326F1, AB50E428B7FF9B697A11393D72B5702E1E5991F0ECE422FE69B353FE0746F03C ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
12:53:59.0706 0x0600 AppReadiness - ok
12:53:59.0746 0x0600 [ AF361C58D23BB967C7B4DF6BDDD57744, BE8BD820196D7D9378FB095EBEF7FF4573504CA841B38357E28896BD76B2F69D ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
12:53:59.0766 0x0600 AppXSvc - ok
12:53:59.0796 0x0600 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:53:59.0796 0x0600 arcsas - ok
12:53:59.0836 0x0600 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:53:59.0836 0x0600 atapi - ok
12:53:59.0876 0x0600 [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:53:59.0886 0x0600 AudioEndpointBuilder - ok
12:53:59.0956 0x0600 [ 86DD7884124D363A63CCE7A11FDEBBED, E7BAE477D964E395A96342E077774467AA9DE5D8112BFCDE27EEA1CB04A2A480 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:53:59.0966 0x0600 Audiosrv - ok
12:54:00.0036 0x0600 [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp C:\WINDOWS\system32\drivers\avgtpx64.sys
12:54:00.0036 0x0600 avgtp - ok
12:54:00.0076 0x0600 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:54:00.0086 0x0600 AxInstSV - ok
12:54:00.0136 0x0600 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:54:00.0156 0x0600 b06bdrv - ok
12:54:00.0186 0x0600 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:54:00.0186 0x0600 BasicDisplay - ok
12:54:00.0196 0x0600 [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
12:54:00.0196 0x0600 BasicRender - ok
12:54:00.0236 0x0600 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
12:54:00.0246 0x0600 bcmfn2 - ok
12:54:00.0286 0x0600 [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:54:00.0296 0x0600 BDESVC - ok
12:54:00.0336 0x0600 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:54:00.0336 0x0600 Beep - ok
12:54:00.0376 0x0600 [ 619D2B906EEA740AB0223BA4AB9507C4, 6AB68D644CECBF1588159A0E8D28AC007991C4BE9BB926BAC96B8293B6E3E6AD ] BFE C:\WINDOWS\System32\bfe.dll
12:54:00.0386 0x0600 BFE - ok
12:54:00.0436 0x0600 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
12:54:00.0456 0x0600 BITS - ok
12:54:00.0626 0x0600 [ BAE8683BE3463B25E51875B380AB695A, 3EDB44560F798BB05AB7F534CEC4688C35AD9092B7D1CC5F58B47E82BD8EA270 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
12:54:00.0656 0x0600 Bluetooth Device Monitor - ok
12:54:00.0736 0x0600 [ AF06006C7A8B6CE409ABD351867A9544, AB985CEB86E57AB99E8D273058533CD3D04FF3232C62688DFD8F9D6A5B6586CD ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
12:54:00.0756 0x0600 Bluetooth OBEX Service - ok
12:54:00.0776 0x0600 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:54:00.0776 0x0600 bowser - ok
12:54:00.0796 0x0600 [ 748141CC03DF40C38F17D3F96BB15C80, 8F1FA850BC6C6497325C0758DEA36C2839BE53C3F8143DFD3A905BEEFF538126 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:54:00.0796 0x0600 BrokerInfrastructure - ok
12:54:00.0816 0x0600 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\WINDOWS\System32\browser.dll
12:54:00.0816 0x0600 Browser - ok
12:54:00.0846 0x0600 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:54:00.0846 0x0600 BthAvrcpTg - ok
12:54:00.0866 0x0600 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
12:54:00.0876 0x0600 BthEnum - ok
12:54:00.0886 0x0600 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:54:00.0886 0x0600 BthHFEnum - ok
12:54:00.0916 0x0600 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
12:54:00.0916 0x0600 bthhfhid - ok
12:54:00.0926 0x0600 [ FCD8BD17B7193CFFF18C332D1A381D7F, CD8A03086695F8FF2566697164D1FD1B60210C017220EFBD78CB12C38CD12BE1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
12:54:00.0936 0x0600 BthLEEnum - ok
12:54:00.0956 0x0600 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:54:00.0956 0x0600 BTHMODEM - ok
12:54:00.0966 0x0600 [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
12:54:00.0966 0x0600 BthPan - ok
12:54:01.0006 0x0600 [ 8458ECAB701EE385851C2559B71D1209, 0680031AFB5501C6D16F404CAA43C00C44C3213A790BB5570C9309BB9197C257 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
12:54:01.0036 0x0600 BTHPORT - ok
12:54:01.0046 0x0600 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
12:54:01.0046 0x0600 bthserv - ok
12:54:01.0066 0x0600 [ D30286FF3C7B6318C024D2BC2955C1BF, 47863D046C94A5C19F7D4E0BA393E6FE1E249C78FAB9B8705F7DD2CD87EAC16C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
12:54:01.0066 0x0600 BTHSSecurityMgr - ok
12:54:01.0086 0x0600 [ 2C0B77176CD68F1F60510CDF36ADC401, 77990114F9D7B60F5D62122F4634DF89BE69EC56507DAD8C84417B9EC6B21E8D ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
12:54:01.0086 0x0600 BTHUSB - ok
12:54:01.0166 0x0600 [ FD6DCB9E986D4B88655370C7F3976F78, F106BBC3147BF4FFEE3A56B477BA7F26A269CAE659570930860AF033F1171A70 ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys
12:54:01.0196 0x0600 btmhsf - ok
12:54:01.0206 0x0600 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:54:01.0206 0x0600 cdfs - ok
12:54:01.0236 0x0600 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:54:01.0246 0x0600 cdrom - ok
12:54:01.0276 0x0600 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:54:01.0286 0x0600 CertPropSvc - ok
12:54:01.0316 0x0600 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:54:01.0316 0x0600 circlass - ok
12:54:01.0336 0x0600 [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:54:01.0346 0x0600 CLFS - ok
12:54:01.0386 0x0600 [ D76786BA05443C6FDD0184E0838E9968, AA7238DC0AC1933DC4700BED23723F5127FD890733E7345848A00DA1F9349061 ] CltMngSvc C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
12:54:01.0386 0x0600 CltMngSvc - ok
12:54:01.0396 0x0600 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:54:01.0406 0x0600 CmBatt - ok
12:54:01.0416 0x0600 [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:54:01.0426 0x0600 CNG - ok
12:54:01.0436 0x0600 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
12:54:01.0446 0x0600 CompositeBus - ok
12:54:01.0446 0x0600 COMSysApp - ok
12:54:01.0466 0x0600 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:54:01.0466 0x0600 condrv - ok
12:54:01.0546 0x0600 [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:54:01.0576 0x0600 cphs - ok
12:54:01.0606 0x0600 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:54:01.0616 0x0600 CryptSvc - ok
12:54:01.0626 0x0600 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
12:54:01.0626 0x0600 dam - ok
12:54:01.0656 0x0600 [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
12:54:01.0666 0x0600 dc3d - ok
12:54:01.0736 0x0600 [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:54:01.0756 0x0600 DcomLaunch - ok
12:54:01.0776 0x0600 [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:54:01.0786 0x0600 defragsvc - ok
12:54:01.0836 0x0600 [ A8FC2DD55FCB753A75B9368FBA090282, 7DE584A98A8A2D375F4F0962F874CF808656FDE8C4AE21029B0BA130012F8EF2 ] desksvc C:\Program Files (x86)\Desk 365\deskSvc.exe
12:54:01.0846 0x0600 desksvc - ok
12:54:01.0866 0x0600 [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:54:01.0876 0x0600 DeviceAssociationService - ok
12:54:01.0876 0x0600 [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:54:01.0886 0x0600 DeviceInstall - ok
12:54:01.0906 0x0600 [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:54:01.0906 0x0600 Dfsc - ok
12:54:01.0936 0x0600 [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:54:01.0946 0x0600 Dhcp - ok
12:54:01.0946 0x0600 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
12:54:01.0956 0x0600 disk - ok
12:54:01.0976 0x0600 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:54:01.0976 0x0600 dmvsc - ok
12:54:01.0996 0x0600 [ FBD2D7F491F3EBC5C54C5C4DB2564953, 1C053C28DB00ADF63BE317376395F5E32CBFD2C065A3756470BC54F44747965B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:54:01.0996 0x0600 Dnscache - ok
12:54:02.0036 0x0600 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:54:02.0036 0x0600 dot3svc - ok
12:54:02.0076 0x0600 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
12:54:02.0086 0x0600 dot4 - ok
12:54:02.0086 0x0600 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
12:54:02.0086 0x0600 Dot4Print - ok
12:54:02.0096 0x0600 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
12:54:02.0096 0x0600 dot4usb - ok
12:54:02.0106 0x0600 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
12:54:02.0116 0x0600 DPS - ok
12:54:02.0126 0x0600 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:54:02.0126 0x0600 drmkaud - ok
12:54:02.0156 0x0600 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:54:02.0166 0x0600 DsmSvc - ok
12:54:02.0226 0x0600 [ AEAB1924098DB538784C1D2B268FF0C9, F3D30E778B86A2870D5A5267848055787AE65FBE83B0E1DA9BC35D671D9BF08A ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:54:02.0256 0x0600 DXGKrnl - ok
12:54:02.0256 0x0600 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
12:54:02.0266 0x0600 Eaphost - ok
12:54:02.0406 0x0600 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:54:02.0466 0x0600 ebdrv - ok
12:54:02.0486 0x0600 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
12:54:02.0496 0x0600 EFS - ok
12:54:02.0506 0x0600 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:54:02.0516 0x0600 EhStorClass - ok
12:54:02.0526 0x0600 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:54:02.0526 0x0600 EhStorTcgDrv - ok
12:54:02.0536 0x0600 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:54:02.0536 0x0600 ErrDev - ok
12:54:02.0586 0x0600 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
12:54:02.0596 0x0600 EventSystem - ok
12:54:02.0646 0x0600 [ 00B132F23AA25DEF2060D490B0AB70EF, AAE3BA09C2201EA27D3DB761B3D3E8A3EE80A14B451B743F4DF1281D87166857 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:54:02.0666 0x0600 EvtEng - ok
12:54:02.0676 0x0600 [ EE8A4765D5EB30736E2E067A3E8907CB, E7FE4F3707E6EEE046BE0C20B75E59924B332CA2F35482B4A457A79D59F4BF4E ] excfs C:\WINDOWS\system32\DRIVERS\excfs.sys
12:54:02.0676 0x0600 excfs - ok
12:54:02.0696 0x0600 [ 681426F5AFB40405FB596BF90199C484, D9DF2964B96805F61B90E4B862F9EAC5B1C682935A625F75862645E94D623DF4 ] excsd C:\WINDOWS\system32\DRIVERS\excsd.sys
12:54:02.0696 0x0600 excsd - ok
12:54:02.0716 0x0600 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:54:02.0716 0x0600 exfat - ok
12:54:02.0766 0x0600 [ 0AE5D0CD28D26F4BC2BDCA96FC21F67F, F3EB803CE5B2D32212AE40A52C9DE074374709C296023109EAA6DF4012E7AB01 ] ExpressCache C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
12:54:02.0766 0x0600 ExpressCache - ok
12:54:02.0786 0x0600 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:54:02.0796 0x0600 fastfat - ok
12:54:02.0826 0x0600 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
12:54:02.0846 0x0600 Fax - ok
12:54:02.0856 0x0600 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:54:02.0866 0x0600 fdc - ok
12:54:02.0896 0x0600 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:54:02.0896 0x0600 fdPHost - ok
12:54:02.0896 0x0600 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:54:02.0896 0x0600 FDResPub - ok
12:54:02.0906 0x0600 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:54:02.0906 0x0600 fhsvc - ok
12:54:02.0916 0x0600 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:54:02.0916 0x0600 FileInfo - ok
12:54:02.0916 0x0600 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:54:02.0926 0x0600 Filetrace - ok
12:54:02.0936 0x0600 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:54:02.0936 0x0600 flpydisk - ok
12:54:02.0946 0x0600 [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:54:02.0956 0x0600 FltMgr - ok
12:54:03.0016 0x0600 [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache C:\WINDOWS\system32\FntCache.dll
12:54:03.0036 0x0600 FontCache - ok
12:54:03.0146 0x0600 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:54:03.0156 0x0600 FontCache3.0.0.0 - ok
12:54:03.0166 0x0600 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:54:03.0176 0x0600 FsDepends - ok
12:54:03.0186 0x0600 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:54:03.0196 0x0600 Fs_Rec - ok
12:54:03.0256 0x0600 [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:54:03.0276 0x0600 fvevol - ok
12:54:03.0286 0x0600 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
12:54:03.0296 0x0600 FxPPM - ok
12:54:03.0306 0x0600 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
12:54:03.0306 0x0600 gagp30kx - ok
12:54:03.0316 0x0600 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:54:03.0326 0x0600 gencounter - ok
12:54:03.0356 0x0600 [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:54:03.0366 0x0600 GPIOClx0101 - ok
12:54:03.0426 0x0600 [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:54:03.0446 0x0600 gpsvc - ok
12:54:03.0486 0x0600 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:54:03.0496 0x0600 gupdate - ok
12:54:03.0496 0x0600 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:54:03.0496 0x0600 gupdatem - ok
12:54:03.0576 0x0600 [ 07177B5A8C277074C30AC515FEBD4F37, A18B7A4491732D97884D0F95428563DE6EBCBB988C5595DA2C710DFDE733B096 ] gzflt C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys
12:54:03.0596 0x0600 gzflt - ok
12:54:03.0616 0x0600 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:54:03.0626 0x0600 HDAudBus - ok
12:54:03.0656 0x0600 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:54:03.0656 0x0600 HidBatt - ok
12:54:03.0696 0x0600 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:54:03.0706 0x0600 HidBth - ok
12:54:03.0716 0x0600 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:54:03.0726 0x0600 hidi2c - ok
12:54:03.0756 0x0600 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:54:03.0756 0x0600 HidIr - ok
12:54:03.0776 0x0600 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
12:54:03.0786 0x0600 hidserv - ok
12:54:03.0796 0x0600 [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:54:03.0806 0x0600 HidUsb - ok
12:54:03.0846 0x0600 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
12:54:03.0856 0x0600 hkmsvc - ok
12:54:03.0866 0x0600 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:54:03.0876 0x0600 HomeGroupListener - ok
12:54:03.0916 0x0600 [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:54:03.0936 0x0600 HomeGroupProvider - ok
12:54:03.0946 0x0600 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:54:03.0946 0x0600 HpSAMD - ok
12:54:03.0996 0x0600 [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:54:04.0016 0x0600 HTTP - ok
12:54:04.0026 0x0600 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:54:04.0036 0x0600 hwpolicy - ok
12:54:04.0046 0x0600 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:54:04.0056 0x0600 hyperkbd - ok
12:54:04.0076 0x0600 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:54:04.0076 0x0600 HyperVideo - ok
12:54:04.0086 0x0600 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:54:04.0086 0x0600 i8042prt - ok
12:54:04.0106 0x0600 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:54:04.0106 0x0600 iaLPSSi_GPIO - ok
12:54:04.0126 0x0600 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:54:04.0126 0x0600 iaLPSSi_I2C - ok
12:54:04.0166 0x0600 [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
12:54:04.0176 0x0600 iaStorA - ok
12:54:04.0216 0x0600 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
12:54:04.0236 0x0600 iaStorAV - ok
12:54:04.0276 0x0600 [ D5854F77CEEAFC5A8405F8ECCBEC09DF, 06D94EAF55787F807FB40E95011E90B0A719AC1A1529C2C110C1EABC5BE02C5B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:54:04.0276 0x0600 IAStorDataMgrSvc - ok
12:54:04.0306 0x0600 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:54:04.0316 0x0600 iaStorV - ok
12:54:04.0336 0x0600 [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] iBtFltCoex C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
12:54:04.0346 0x0600 iBtFltCoex - ok
12:54:04.0346 0x0600 IEEtwCollectorService - ok
12:54:04.0476 0x0600 [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:54:04.0546 0x0600 igfx - ok
12:54:04.0606 0x0600 [ CE6E075B75E313EDF7F32ECD69DD8EA1, 91E0B6301E93DBA3D285B4376E81371FD8B56F696F84A1DDF65064F7137FD83F ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:54:04.0626 0x0600 IKEEXT - ok
12:54:04.0646 0x0600 [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
12:54:04.0656 0x0600 intaud_WaveExtensible - ok
12:54:04.0786 0x0600 [ CCC757B8FD330D0AEF548ACE265BD196, 9244F2AA8A1E9E1B8BA139E8025E9AA3D93A8556216CBE6C9F46CA51FBDCA426 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:54:04.0846 0x0600 IntcAzAudAddService - ok
12:54:04.0906 0x0600 [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
12:54:04.0926 0x0600 IntcDAud - ok
12:54:04.0996 0x0600 [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:54:05.0006 0x0600 Intel® Capability Licensing Service Interface - ok
12:54:05.0036 0x0600 [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:54:05.0056 0x0600 Intel® Capability Licensing Service TCP IP Interface - ok
12:54:05.0146 0x0600 [ EE65488B7294FBCB113EAC9FD492345C, D1D6B22CD94324387171B188D295AA716900654DA1DC9F3DC18D0CD528F2BBEA ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
12:54:05.0146 0x0600 Intel® ME Service - ok
12:54:05.0176 0x0600 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:54:05.0176 0x0600 intelide - ok
12:54:05.0196 0x0600 [ A2B6215E54075A936E5B424ABCD1323E, A10F2A2DD82B9853775451569FBAF332710C135CB71EA5743BD4C3C9E5891404 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
12:54:05.0196 0x0600 intelpep - ok
12:54:05.0206 0x0600 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:54:05.0216 0x0600 intelppm - ok
12:54:05.0226 0x0600 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:54:05.0236 0x0600 IpFilterDriver - ok
12:54:05.0286 0x0600 [ 201EDF3C5E674BF1FE44D28CC6A76EA2, 33DEA0C6DE9AE915C62794FBBA2625364E68AC5385C4B5FFDE889D90DA54C1AE ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:54:05.0316 0x0600 iphlpsvc - ok
12:54:05.0336 0x0600 [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:54:05.0346 0x0600 IPMIDRV - ok
12:54:05.0376 0x0600 [ E23D32BAF152FBE35F18C6A2AB8EF271, C244E54E472B724765497731ADC0DF6DA9EBA5E7B0723A4409061F5B928851E9 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:54:05.0386 0x0600 IPNAT - ok
12:54:05.0386 0x0600 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
12:54:05.0386 0x0600 IRENUM - ok
12:54:05.0396 0x0600 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:54:05.0406 0x0600 isapnp - ok
12:54:05.0426 0x0600 [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:54:05.0446 0x0600 iScsiPrt - ok
12:54:05.0466 0x0600 [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
12:54:05.0466 0x0600 iwdbus - ok
12:54:05.0506 0x0600 [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
12:54:05.0506 0x0600 jhi_service - ok
12:54:05.0526 0x0600 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:54:05.0526 0x0600 kbdclass - ok
12:54:05.0546 0x0600 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:54:05.0546 0x0600 kbdhid - ok
12:54:05.0556 0x0600 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:54:05.0566 0x0600 kdnic - ok
12:54:05.0576 0x0600 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
12:54:05.0576 0x0600 KeyIso - ok
12:54:05.0586 0x0600 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:54:05.0596 0x0600 KSecDD - ok
12:54:05.0596 0x0600 [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:54:05.0606 0x0600 KSecPkg - ok
12:54:05.0616 0x0600 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:54:05.0616 0x0600 ksthunk - ok
12:54:05.0646 0x0600 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:54:05.0656 0x0600 KtmRm - ok
12:54:05.0666 0x0600 [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
12:54:05.0676 0x0600 L1C - ok
12:54:05.0706 0x0600 [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:54:05.0716 0x0600 LanmanServer - ok
12:54:05.0746 0x0600 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:54:05.0756 0x0600 LanmanWorkstation - ok
12:54:05.0816 0x0600 [ EC1BD7B7D665B81D263F378480428186, 8C83274ABFF39F850D2F596308D72B5C9FD227B3D06FD3A34F2397960FECD425 ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe
12:54:05.0826 0x0600 LavasoftAdAwareService11 - ok
12:54:05.0866 0x0600 [ EA77386B046012CFF0A069AFC3532932, 756CD2FEF17ADC8D933D789E4935951745FF29DD446E72EBE0756F76D92BA596 ] LcUvcUpper C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys
12:54:05.0866 0x0600 LcUvcUpper - ok
12:54:05.0956 0x0600 [ BC98B868809D95B504E47795B4994B6F, 842C713004A3B4AA67031809A3F188D900E688BE28CB060323997613883AE8B5 ] Lenovo System Agent Service C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
12:54:05.0976 0x0600 Lenovo System Agent Service - ok
12:54:06.0016 0x0600 [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
12:54:06.0036 0x0600 lfsvc - ok
12:54:06.0046 0x0600 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\WINDOWS\system32\DRIVERS\LhdX64.sys
12:54:06.0056 0x0600 LHDmgr - ok
12:54:06.0086 0x0600 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:54:06.0086 0x0600 lltdio - ok
12:54:06.0136 0x0600 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:54:06.0136 0x0600 lltdsvc - ok
12:54:06.0166 0x0600 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:54:06.0166 0x0600 lmhosts - ok
12:54:06.0226 0x0600 [ 3EA307C51069BC72DD74A4964F2A30A9, EB8F9C936AE43B7E31CB6C46F76FB918509D529E897C0E82B865A2854458996A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:54:06.0236 0x0600 LMS - ok
12:54:06.0306 0x0600 [ 2808470E5E91D8838243D9045588C303, 4516559853EEEDD86260F4A1EFAD41190C00E5B5317DB3CF5C709DF207AE42A9 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
12:54:06.0316 0x0600 LSCWinService - ok
12:54:06.0356 0x0600 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:54:06.0356 0x0600 LSI_SAS - ok
12:54:06.0366 0x0600 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:54:06.0376 0x0600 LSI_SAS2 - ok
12:54:06.0376 0x0600 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
12:54:06.0386 0x0600 LSI_SAS3 - ok
12:54:06.0386 0x0600 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
12:54:06.0396 0x0600 LSI_SSS - ok
12:54:06.0426 0x0600 [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM C:\WINDOWS\System32\lsm.dll
12:54:06.0446 0x0600 LSM - ok
12:54:06.0446 0x0600 [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:54:06.0446 0x0600 luafv - ok
12:54:06.0466 0x0600 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
12:54:06.0476 0x0600 megasas - ok
12:54:06.0506 0x0600 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
12:54:06.0516 0x0600 megasr - ok
12:54:06.0556 0x0600 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
12:54:06.0556 0x0600 MEIx64 - ok
12:54:06.0576 0x0600 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
12:54:06.0576 0x0600 MMCSS - ok
12:54:06.0596 0x0600 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:54:06.0606 0x0600 Modem - ok
12:54:06.0606 0x0600 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:54:06.0606 0x0600 monitor - ok
12:54:06.0626 0x0600 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:54:06.0626 0x0600 mouclass - ok
12:54:06.0646 0x0600 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:54:06.0646 0x0600 mouhid - ok
12:54:06.0666 0x0600 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:54:06.0666 0x0600 mountmgr - ok
12:54:06.0676 0x0600 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:54:06.0686 0x0600 mpsdrv - ok
12:54:06.0726 0x0600 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
12:54:06.0746 0x0600 MpsSvc - ok
12:54:06.0746 0x0600 [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:54:06.0756 0x0600 MRxDAV - ok
12:54:06.0766 0x0600 [ 6129EDB793A4255B1E2FB41773AC9D9A, 3292C64FAB3B83C87790FB35F54D6702987891234AF33FD1D5299C7084795375 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:54:06.0776 0x0600 mrxsmb - ok
12:54:06.0796 0x0600 [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:54:06.0806 0x0600 mrxsmb10 - ok
12:54:06.0816 0x0600 [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:54:06.0826 0x0600 mrxsmb20 - ok
12:54:06.0846 0x0600 [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
12:54:06.0856 0x0600 MsBridge - ok
12:54:06.0906 0x0600 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:54:06.0926 0x0600 MSDTC - ok
12:54:06.0936 0x0600 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:54:06.0936 0x0600 Msfs - ok
12:54:06.0956 0x0600 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:54:06.0956 0x0600 msgpiowin32 - ok
12:54:06.0976 0x0600 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:54:06.0976 0x0600 mshidkmdf - ok
12:54:06.0986 0x0600 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:54:06.0986 0x0600 mshidumdf - ok
12:54:06.0996 0x0600 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:54:06.0996 0x0600 msisadrv - ok
12:54:07.0026 0x0600 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:54:07.0036 0x0600 MSiSCSI - ok
12:54:07.0036 0x0600 msiserver - ok
12:54:07.0056 0x0600 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:54:07.0056 0x0600 MSKSSRV - ok
12:54:07.0066 0x0600 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:54:07.0066 0x0600 MsLldp - ok
12:54:07.0086 0x0600 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:54:07.0086 0x0600 MSPCLOCK - ok
12:54:07.0086 0x0600 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:54:07.0096 0x0600 MSPQM - ok
12:54:07.0116 0x0600 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:54:07.0126 0x0600 MsRPC - ok
12:54:07.0166 0x0600 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:54:07.0166 0x0600 mssmbios - ok
12:54:07.0176 0x0600 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:54:07.0176 0x0600 MSTEE - ok
12:54:07.0186 0x0600 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:54:07.0196 0x0600 MTConfig - ok
12:54:07.0206 0x0600 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:54:07.0216 0x0600 Mup - ok
12:54:07.0236 0x0600 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:54:07.0236 0x0600 mvumis - ok
12:54:07.0266 0x0600 [ 74E1E62819D33F176821ADC9AFF8A3E7, 99E5C85E8A49ECBBBB5D9ABCA43BC7C756126F29A3B73E74D61F9644EF19FC8B ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:54:07.0276 0x0600 MyWiFiDHCPDNS - ok
12:54:07.0336 0x0600 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
12:54:07.0346 0x0600 napagent - ok
12:54:07.0406 0x0600 [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:54:07.0416 0x0600 NativeWifiP - ok
12:54:07.0436 0x0600 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:54:07.0446 0x0600 NcaSvc - ok
12:54:07.0466 0x0600 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
12:54:07.0466 0x0600 NcbService - ok
12:54:07.0476 0x0600 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:54:07.0476 0x0600 NcdAutoSetup - ok
12:54:07.0506 0x0600 [ AD9086052A5E5153AF43FE74138A4B27, A511F785F8B29CE7CCC923489C9D03B4722E8FDD9853556D4F0F3CA608CFA956 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:54:07.0526 0x0600 NDIS - ok
12:54:07.0546 0x0600 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:54:07.0546 0x0600 NdisCap - ok
12:54:07.0556 0x0600 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:54:07.0556 0x0600 NdisImPlatform - ok
12:54:07.0576 0x0600 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:54:07.0576 0x0600 NdisTapi - ok
12:54:07.0596 0x0600 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:54:07.0596 0x0600 Ndisuio - ok
12:54:07.0616 0x0600 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:54:07.0616 0x0600 NdisVirtualBus - ok
12:54:07.0636 0x0600 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:54:07.0646 0x0600 NdisWan - ok
12:54:07.0656 0x0600 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:54:07.0656 0x0600 NdisWanLegacy - ok
12:54:07.0656 0x0600 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:54:07.0666 0x0600 NDProxy - ok
12:54:07.0676 0x0600 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:54:07.0686 0x0600 Ndu - ok
12:54:07.0686 0x0600 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:54:07.0696 0x0600 NetBIOS - ok
12:54:07.0706 0x0600 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:54:07.0716 0x0600 NetBT - ok
12:54:07.0726 0x0600 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:54:07.0726 0x0600 Netlogon - ok
12:54:07.0756 0x0600 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
12:54:07.0766 0x0600 Netman - ok
12:54:07.0776 0x0600 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:54:07.0796 0x0600 netprofm - ok
12:54:07.0836 0x0600 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:54:07.0846 0x0600 NetTcpPortSharing - ok
12:54:07.0856 0x0600 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
12:54:07.0866 0x0600 netvsc - ok
12:54:07.0966 0x0600 [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64 C:\WINDOWS\system32\DRIVERS\NETwew00.sys
12:54:08.0036 0x0600 NETwNe64 - ok
12:54:08.0136 0x0600 [ FC91D7804B8FE5C2F0B12585C612F592, 0F43466D0F52D6A5282BD076005AC5F615C8CFCAC0D4B17B152E8AD0F556CB08 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
12:54:08.0146 0x0600 NitroDriverReadSpool8 - ok
12:54:08.0186 0x0600 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:54:08.0196 0x0600 NlaSvc - ok
12:54:08.0276 0x0600 [ 21D28C3448983A072B907E9BAC93D223, 27EF785F8A26E461EE9CDA18445E4896EB5BAE73ABE77262639320D45BC6A512 ] nlsX86cc C:\windows\SysWOW64\NLSSRV32.EXE
12:54:08.0276 0x0600 nlsX86cc - ok
12:54:08.0296 0x0600 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:54:08.0306 0x0600 Npfs - ok
12:54:08.0326 0x0600 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:54:08.0326 0x0600 npsvctrig - ok
12:54:08.0336 0x0600 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
12:54:08.0336 0x0600 nsi - ok
12:54:08.0356 0x0600 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:54:08.0356 0x0600 nsiproxy - ok
12:54:08.0416 0x0600 [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:54:08.0456 0x0600 Ntfs - ok
12:54:08.0476 0x0600 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
12:54:08.0476 0x0600 Null - ok
12:54:08.0776 0x0600 [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
12:54:09.0016 0x0600 nvlddmkm - ok
12:54:09.0036 0x0600 [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
12:54:09.0046 0x0600 nvpciflt - ok
12:54:09.0076 0x0600 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:54:09.0076 0x0600 nvraid - ok
12:54:09.0096 0x0600 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:54:09.0096 0x0600 nvstor - ok
12:54:09.0526 0x0600 [ 505BB5E5A0BE786DBB813A27A46355A5, AA9DE113263D0C32B0B50D62B7E3565611DD47CA87487E90AD0D497164D8910D ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:54:09.0796 0x0600 NvStreamSvc - ok
12:54:09.0896 0x0600 [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] nvsvc C:\windows\system32\nvvsvc.exe
12:54:09.0926 0x0600 nvsvc - ok
12:54:10.0096 0x0600 [ BC120F98DCA622BE48D16B4A5714CA71, 5C6F29F1723F8361B69812CBE202248A1E9FB55EA03446A5BB558C48032E8AB4 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:54:10.0136 0x0600 nvUpdatusService - ok
12:54:10.0166 0x0600 [ 220B120EF4C36B4A3E23FAEC91E2FCE3, 84F34F8CF0B7040F0C6DCF3AF70533E9E2D7CBA5E422CD21A7BF831135E42453 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
12:54:10.0176 0x0600 nvvad_WaveExtensible - ok
12:54:10.0186 0x0600 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
12:54:10.0196 0x0600 nv_agp - ok
12:54:10.0296 0x0600 [ A382709BD57C9614F46DE6FF495493C2, 2CE95563213A22569F0D9F13E14C69774A31187F48B070BD57EEDE795E50E262 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
12:54:10.0316 0x0600 OfficeSvc - ok
12:54:10.0366 0x0600 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:54:10.0386 0x0600 ose - ok
12:54:10.0546 0x0600 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:54:10.0626 0x0600 osppsvc - ok
12:54:10.0666 0x0600 [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:54:10.0676 0x0600 p2pimsvc - ok
12:54:10.0727 0x0600 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:54:10.0736 0x0600 p2psvc - ok
12:54:10.0757 0x0600 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:54:10.0757 0x0600 Parport - ok
12:54:10.0777 0x0600 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:54:10.0786 0x0600 partmgr - ok
12:54:10.0796 0x0600 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:54:10.0806 0x0600 PcaSvc - ok
12:54:10.0837 0x0600 [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci C:\WINDOWS\system32\drivers\pci.sys
12:54:10.0846 0x0600 pci - ok
12:54:10.0867 0x0600 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:54:10.0867 0x0600 pciide - ok
12:54:10.0887 0x0600 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:54:10.0896 0x0600 pcmcia - ok
12:54:10.0896 0x0600 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:54:10.0906 0x0600 pcw - ok
12:54:10.0916 0x0600 [ E170103E68329E9154A5EC383CD253ED, A9DC1C9B51DD25E474ADE11C0347C04F4B04EABEBAD4FB175AD78A29426B3243 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:54:10.0926 0x0600 pdc - ok
12:54:10.0956 0x0600 [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:54:10.0986 0x0600 PEAUTH - ok
12:54:11.0007 0x0600 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:54:11.0016 0x0600 PerfHost - ok
12:54:11.0066 0x0600 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
12:54:11.0096 0x0600 pla - ok
12:54:11.0127 0x0600 [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:54:11.0127 0x0600 PlugPlay - ok
12:54:11.0147 0x0600 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:54:11.0156 0x0600 PNRPAutoReg - ok
12:54:11.0207 0x0600 [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:54:11.0207 0x0600 PNRPsvc - ok
12:54:11.0257 0x0600 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:54:11.0277 0x0600 PolicyAgent - ok
12:54:11.0297 0x0600 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
12:54:11.0297 0x0600 Power - ok
12:54:11.0457 0x0600 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
12:54:11.0507 0x0600 PrintNotify - ok
12:54:11.0537 0x0600 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:54:11.0547 0x0600 Processor - ok
12:54:11.0577 0x0600 [ 9E5A3A3B702ECB9E88AA07731F0E65EB, 837EF55E367218B07100092BA1E6291FD52766C57A02900B6141B1A360654B84 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:54:11.0587 0x0600 ProfSvc - ok
12:54:11.0617 0x0600 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
12:54:11.0627 0x0600 Psched - ok
12:54:11.0647 0x0600 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:54:11.0667 0x0600 QWAVE - ok
12:54:11.0677 0x0600 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:54:11.0677 0x0600 QWAVEdrv - ok
12:54:11.0697 0x0600 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:54:11.0697 0x0600 RasAcd - ok
12:54:11.0707 0x0600 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:54:11.0707 0x0600 RasAuto - ok
12:54:11.0727 0x0600 [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan C:\WINDOWS\System32\rasmans.dll
12:54:11.0747 0x0600 RasMan - ok
12:54:11.0767 0x0600 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:54:11.0777 0x0600 RasPppoe - ok
12:54:11.0797 0x0600 [ B939A2A0F9D6C6C186721E268EB6FA93, 8AF03945428D8F0E9B6DE1C24627336398320C7C78E5F594E0A57AB2DB6E0A24 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:54:11.0807 0x0600 rdbss - ok
12:54:11.0827 0x0600 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:54:11.0827 0x0600 rdpbus - ok
12:54:11.0837 0x0600 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:54:11.0837 0x0600 RDPDR - ok
12:54:11.0857 0x0600 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:54:11.0867 0x0600 RdpVideoMiniport - ok
12:54:11.0887 0x0600 [ 06250FF7F8E5F98DAA6F2D6251B1694E, F9FA2CDD7964442E51DEB826ED00E3EEA786B3CBDE3CC5452E0122A960CFD35C ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:54:11.0897 0x0600 rdyboost - ok
12:54:11.0977 0x0600 [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
12:54:11.0997 0x0600 ReFS - ok
12:54:12.0037 0x0600 [ 5A118234A2251D6CFB8A11DFE7AC4B4A, C79AEAA4D35C10F3C0F5F75E525FE8FB839F43C5EA0D83AE2D5FAB8FEB8F6ECF ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:54:12.0037 0x0600 RegSrvc - ok
12:54:12.0077 0x0600 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:54:12.0077 0x0600 RemoteAccess - ok
12:54:12.0107 0x0600 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:54:12.0107 0x0600 RemoteRegistry - ok
12:54:12.0127 0x0600 [ 02307C86CB24769306B0DFA0C751952E, 637D90161C477995925936E4807B57EA80BE11761B26F5FC1B4B0F3EB52FBA87 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
12:54:12.0137 0x0600 RFCOMM - ok
12:54:12.0167 0x0600 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:54:12.0167 0x0600 RpcEptMapper - ok
12:54:12.0197 0x0600 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:54:12.0197 0x0600 RpcLocator - ok
12:54:12.0227 0x0600 [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:54:12.0237 0x0600 RpcSs - ok
12:54:12.0257 0x0600 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:54:12.0257 0x0600 rspndr - ok
12:54:12.0507 0x0600 [ 48D95A57DBFDA470DED69573411E4C55, 08D614939A04B0368000946210EE20F0B5B86391DF673A6EFCB3EAD63166F0B0 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
12:54:12.0647 0x0600 rtsuvc - ok
12:54:12.0667 0x0600 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:54:12.0677 0x0600 s3cap - ok
12:54:12.0727 0x0600 SABKUTIL - ok
12:54:12.0737 0x0600 SABProcEnum - ok
12:54:12.0767 0x0600 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
12:54:12.0767 0x0600 SamSs - ok
12:54:12.0797 0x0600 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:54:12.0817 0x0600 sbp2port - ok
12:54:12.0857 0x0600 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:54:12.0877 0x0600 SCardSvr - ok
12:54:12.0887 0x0600 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
12:54:12.0897 0x0600 ScDeviceEnum - ok
12:54:12.0917 0x0600 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:54:12.0927 0x0600 scfilter - ok
12:54:12.0987 0x0600 [ 888A30EAB651502352C18745367FD179, 00CD9FA55F3E896D8BA81368DF1E855E2F64B5AC488EB4F9BF2C4E45ED63FD5F ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:54:13.0007 0x0600 Schedule - ok
12:54:13.0057 0x0600 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:54:13.0067 0x0600 SCPolicySvc - ok
12:54:13.0087 0x0600 [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:54:13.0107 0x0600 sdbus - ok
12:54:13.0127 0x0600 [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:54:13.0127 0x0600 sdstor - ok
12:54:13.0147 0x0600 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
12:54:13.0147 0x0600 secdrv - ok
12:54:13.0157 0x0600 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
12:54:13.0157 0x0600 seclogon - ok
12:54:13.0157 0x0600 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
12:54:13.0157 0x0600 SENS - ok
12:54:13.0167 0x0600 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:54:13.0177 0x0600 SensrSvc - ok
12:54:13.0187 0x0600 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:54:13.0197 0x0600 SerCx - ok
12:54:13.0197 0x0600 [ 53BDBF04ECAF943CBF6359E3BCB2445E, B7CD4341B34BC44B511A167C21BF2EB907EB9F85D2B0A83577B9D632AD76D614 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
12:54:13.0207 0x0600 SerCx2 - ok
12:54:13.0217 0x0600 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:54:13.0217 0x0600 Serenum - ok
12:54:13.0237 0x0600 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:54:13.0237 0x0600 Serial - ok
12:54:13.0247 0x0600 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:54:13.0247 0x0600 sermouse - ok
12:54:13.0257 0x0600 [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:54:13.0267 0x0600 SessionEnv - ok
12:54:13.0277 0x0600 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:54:13.0277 0x0600 sfloppy - ok
12:54:13.0307 0x0600 [ 08A08EC17F1874802A8BC6D083BF1C55, 56B6B84E5F1F77712521E6F1F2278D369862DE346EDDC111D7EF03288A6974CE ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:54:13.0317 0x0600 SharedAccess - ok
12:54:13.0347 0x0600 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:54:13.0357 0x0600 ShellHWDetection - ok
12:54:13.0367 0x0600 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:54:13.0377 0x0600 SiSRaid2 - ok
12:54:13.0397 0x0600 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:54:13.0397 0x0600 SiSRaid4 - ok
12:54:13.0427 0x0600 [ 99A76D83444026619CA36744F2A468C5, FEAEE7D896AD59E77034E8B66E74E84027BD65E038D9ED944DACA59EBDA5F510 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
12:54:13.0427 0x0600 SmbDrvI - ok
12:54:13.0447 0x0600 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
12:54:13.0447 0x0600 smphost - ok
12:54:13.0477 0x0600 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:54:13.0477 0x0600 SNMPTRAP - ok
12:54:13.0497 0x0600 [ 2150AAB8CD16876AE6DBDDDCC9ED740C, 0BAC7F45310DD7AF482E26B2F6E5004C9C64C2B8D5FF19B103784FB40A46A53C ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:54:13.0507 0x0600 spaceport - ok
12:54:13.0527 0x0600 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:54:13.0537 0x0600 SpbCx - ok
12:54:13.0567 0x0600 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:54:13.0587 0x0600 Spooler - ok
12:54:13.0737 0x0600 [ E6DEC72A2A23FAA53EB9FEC3C7E29D66, 58BB3B9D50DFFF99E790D5B768FAA387F16385436BA6EB704BE6DB1F63B8E4B2 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:54:13.0847 0x0600 sppsvc - ok
12:54:13.0867 0x0600 [ CD7534BA5BA92086B1BC10ADF880FC49, 90FC7A083A95CF79A3B7816A5D0B9CE7B9757A685F412931955AB3B88C8F0530 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:54:13.0877 0x0600 srv - ok
12:54:13.0907 0x0600 [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:54:13.0927 0x0600 srv2 - ok
12:54:13.0937 0x0600 [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:54:13.0947 0x0600 srvnet - ok
12:54:13.0987 0x0600 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:54:13.0997 0x0600 SSDPSRV - ok
12:54:14.0027 0x0600 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:54:14.0037 0x0600 SstpSvc - ok
12:54:14.0057 0x0600 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:54:14.0057 0x0600 stexstor - ok
12:54:14.0087 0x0600 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
12:54:14.0107 0x0600 stisvc - ok
12:54:14.0127 0x0600 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:54:14.0127 0x0600 storahci - ok
12:54:14.0147 0x0600 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
12:54:14.0147 0x0600 storflt - ok
12:54:14.0167 0x0600 [ D57AEE34C7C0DD1DC8B6B54B7A89649C, C649E8670CBEAAAD0A380617B67BAF5A5931289AE599796FA6A9830AAFE5F8B4 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
12:54:14.0167 0x0600 stornvme - ok
12:54:14.0177 0x0600 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:54:14.0177 0x0600 StorSvc - ok
12:54:14.0197 0x0600 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:54:14.0197 0x0600 storvsc - ok
12:54:14.0217 0x0600 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
12:54:14.0217 0x0600 svsvc - ok
12:54:14.0227 0x0600 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
12:54:14.0227 0x0600 swenum - ok
12:54:14.0277 0x0600 [ A5DC2E63F5E5D3C0B843307374998479, B3156296D1750FEAF2354E217735B8D888C50599869233FB1B537167F2CECE0B ] swprv C:\WINDOWS\System32\swprv.dll
12:54:14.0297 0x0600 swprv - ok
12:54:14.0337 0x0600 [ DEDF257245AD25EAA727CB8D3CFBE5C3, 44020036185B32B2877EE95F2560DCF2E595B99B024134178B7D5F1A937935DF ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:54:14.0347 0x0600 SynTP - ok
12:54:14.0407 0x0600 [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain C:\WINDOWS\system32\sysmain.dll
12:54:14.0427 0x0600 SysMain - ok
12:54:14.0437 0x0600 [ 373382005ACB27CB16ED16722FBE946A, A1F86A014A518B3C2EC22A8DD830111E3B2A71D860ECA65A96BC82560802ACF4 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:54:14.0437 0x0600 SystemEventsBroker - ok
12:54:14.0467 0x0600 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:54:14.0467 0x0600 TabletInputService - ok
12:54:14.0477 0x0600 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:54:14.0487 0x0600 TapiSrv - ok
12:54:14.0617 0x0600 [ 59238CA23C6C7E881A2D403FC90A8C3B, 4FE5094F06C1C7819347B9E123523124416299C624DF2D36446B8FDE15718131 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:54:14.0667 0x0600 Tcpip - ok
12:54:14.0717 0x0600 [ 59238CA23C6C7E881A2D403FC90A8C3B, 4FE5094F06C1C7819347B9E123523124416299C624DF2D36446B8FDE15718131 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:54:14.0747 0x0600 TCPIP6 - ok
12:54:14.0767 0x0600 [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:54:14.0777 0x0600 tcpipreg - ok
12:54:14.0807 0x0600 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:54:14.0817 0x0600 tdx - ok
12:54:14.0827 0x0600 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:54:14.0837 0x0600 terminpt - ok
12:54:14.0887 0x0600 [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\WINDOWS\System32\termsrv.dll
12:54:14.0917 0x0600 TermService - ok
12:54:14.0927 0x0600 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
12:54:14.0927 0x0600 Themes - ok
12:54:14.0957 0x0600 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
12:54:14.0957 0x0600 THREADORDER - ok
12:54:14.0967 0x0600 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
12:54:14.0977 0x0600 TimeBroker - ok
12:54:14.0987 0x0600 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
12:54:14.0997 0x0600 TPM - ok
12:54:15.0017 0x0600 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:54:15.0027 0x0600 TrkWks - ok
12:54:15.0047 0x0600 [ D5747C16225B4C7B0D04511DB0407544, 413AC0BF02EE3E4B93784DAA6F29BA41E569948D4B3A41AA1AB7E06720EBEBD5 ] Trufos C:\WINDOWS\system32\DRIVERS\Trufos.sys
12:54:15.0057 0x0600 Trufos - ok
12:54:15.0107 0x0600 [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:54:15.0107 0x0600 TrustedInstaller - ok
12:54:15.0127 0x0600 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
12:54:15.0127 0x0600 TsUsbFlt - ok
12:54:15.0127 0x0600 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:54:15.0137 0x0600 TsUsbGD - ok
12:54:15.0157 0x0600 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:54:15.0157 0x0600 tunnel - ok
12:54:15.0177 0x0600 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
12:54:15.0177 0x0600 uagp35 - ok
12:54:15.0197 0x0600 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:54:15.0207 0x0600 UASPStor - ok
12:54:15.0217 0x0600 [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
12:54:15.0237 0x0600 UCX01000 - ok
12:54:15.0277 0x0600 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:54:15.0287 0x0600 udfs - ok
12:54:15.0297 0x0600 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
12:54:15.0307 0x0600 UEFI - ok
12:54:15.0337 0x0600 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
12:54:15.0337 0x0600 UI0Detect - ok
12:54:15.0377 0x0600 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
12:54:15.0377 0x0600 uliagpkx - ok
12:54:15.0407 0x0600 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
12:54:15.0417 0x0600 umbus - ok
12:54:15.0427 0x0600 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:54:15.0427 0x0600 UmPass - ok
12:54:15.0457 0x0600 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:54:15.0457 0x0600 UmRdpService - ok
12:54:15.0487 0x0600 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:54:15.0497 0x0600 upnphost - ok
12:54:15.0517 0x0600 [ 755A90F1C949B8260D7670AEF6DB4912, 0408112B3277D00C92BD9265DC9A7C8CA46FB160D0B4BB0318B86DB4A5EA2DA7 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
12:54:15.0517 0x0600 usbaudio - ok
12:54:15.0527 0x0600 [ 3432E857B8EC1C1316AB098F2BCCDFB6, D83B40E50C92B896855DE28BFEDE53F8DA9F705ED8484B898C04F381F3C85F65 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:54:15.0527 0x0600 usbccgp - ok
12:54:15.0547 0x0600 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:54:15.0547 0x0600 usbcir - ok
12:54:15.0567 0x0600 [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:54:15.0577 0x0600 usbehci - ok
12:54:15.0597 0x0600 [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:54:15.0607 0x0600 usbhub - ok
12:54:15.0637 0x0600 [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:54:15.0647 0x0600 USBHUB3 - ok
12:54:15.0667 0x0600 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:54:15.0667 0x0600 usbohci - ok
12:54:15.0677 0x0600 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:54:15.0687 0x0600 usbprint - ok
12:54:15.0697 0x0600 [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:54:15.0697 0x0600 usbscan - ok
12:54:15.0717 0x0600 [ B1230E9813B5C7E762DF27756AA23917, 985203D267C2BF5FA88FE043785DF3DDFD796CB3CC4007E171AF63F41C413239 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:54:15.0727 0x0600 USBSTOR - ok
12:54:15.0747 0x0600 [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:54:15.0747 0x0600 usbuhci - ok
12:54:15.0767 0x0600 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
12:54:15.0777 0x0600 usbvideo - ok
12:54:15.0787 0x0600 [ BCD8FC0A47AA31889C94168A4E56BB26, A7BB029DFED52EC8E9965C63A23CE946E3BD474F4111563492E76E5713025460 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:54:15.0797 0x0600 USBXHCI - ok
12:54:15.0817 0x0600 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:54:15.0817 0x0600 VaultSvc - ok
12:54:15.0827 0x0600 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:54:15.0827 0x0600 vdrvroot - ok
12:54:15.0887 0x0600 [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds C:\WINDOWS\System32\vds.exe
12:54:15.0917 0x0600 vds - ok
12:54:15.0947 0x0600 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:54:15.0957 0x0600 VerifierExt - ok
12:54:15.0977 0x0600 [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:54:15.0997 0x0600 vhdmp - ok
12:54:16.0017 0x0600 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
12:54:16.0017 0x0600 viaide - ok
12:54:16.0027 0x0600 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:54:16.0037 0x0600 vmbus - ok
12:54:16.0047 0x0600 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:54:16.0047 0x0600 VMBusHID - ok
12:54:16.0117 0x0600 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:54:16.0137 0x0600 vmicguestinterface - ok
12:54:16.0157 0x0600 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
12:54:16.0167 0x0600 vmicheartbeat - ok
12:54:16.0177 0x0600 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:54:16.0177 0x0600 vmickvpexchange - ok
12:54:16.0187 0x0600 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
12:54:16.0197 0x0600 vmicrdv - ok
12:54:16.0207 0x0600 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
12:54:16.0217 0x0600 vmicshutdown - ok
12:54:16.0237 0x0600 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
12:54:16.0237 0x0600 vmictimesync - ok
12:54:16.0257 0x0600 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
12:54:16.0257 0x0600 vmicvss - ok
12:54:16.0287 0x0600 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:54:16.0287 0x0600 volmgr - ok
12:54:16.0357 0x0600 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:54:16.0367 0x0600 volmgrx - ok
12:54:16.0387 0x0600 [ 9F9CE33B50611A1C61A46B8911E0B30B, FE4EDF16CE8FC36BB2125FC7D1CF45C65B06A2C31D426635115D879987DF2159 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:54:16.0397 0x0600 volsnap - ok
12:54:16.0427 0x0600 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
12:54:16.0427 0x0600 vpci - ok
12:54:16.0437 0x0600 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:54:16.0447 0x0600 vsmraid - ok
12:54:16.0517 0x0600 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS C:\WINDOWS\system32\vssvc.exe
12:54:16.0537 0x0600 VSS - ok
12:54:16.0567 0x0600 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:54:16.0577 0x0600 VSTXRAID - ok
12:54:16.0687 0x0600 [ 87DF7E6F9C07843DBA84F5F3859DD44C, 29959C0F4B747F126A1EB27FF26FC7585F57B1CA06AEB2508B9D38FCF2C61AE3 ] vToolbarUpdater17.0.12 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
12:54:16.0717 0x0600 vToolbarUpdater17.0.12 - ok
12:54:16.0727 0x0600 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:54:16.0737 0x0600 vwifibus - ok
12:54:16.0747 0x0600 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
12:54:16.0757 0x0600 vwififlt - ok
12:54:16.0767 0x0600 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
12:54:16.0767 0x0600 vwifimp - ok
12:54:16.0807 0x0600 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
12:54:16.0817 0x0600 W32Time - ok
12:54:16.0827 0x0600 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:54:16.0827 0x0600 WacomPen - ok
12:54:16.0887 0x0600 [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine C:\WINDOWS\system32\wbengine.exe
12:54:16.0907 0x0600 wbengine - ok
12:54:16.0967 0x0600 [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:54:16.0967 0x0600 WbioSrvc - ok
12:54:16.0997 0x0600 [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:54:17.0007 0x0600 Wcmsvc - ok
12:54:17.0037 0x0600 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:54:17.0047 0x0600 wcncsvc - ok
12:54:17.0077 0x0600 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:54:17.0077 0x0600 WcsPlugInService - ok
12:54:17.0097 0x0600 [ 694B28DE12AD47031FFB4B052662131A, FF3B1B1A69C82BB123073E10D9F1322ED8587F5BAC36F8AB7DAED22C7DD5C7DB ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
12:54:17.0097 0x0600 WdBoot - ok
12:54:17.0147 0x0600 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:54:17.0167 0x0600 Wdf01000 - ok
12:54:17.0177 0x0600 [ 0B99529A3BECC3528D865DDECB62503B, 28E6B44BDC52E212D2EB269491D3574B45EE9B19821FE15167D7FA05566C89F4 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
12:54:17.0187 0x0600 WdFilter - ok
12:54:17.0197 0x0600 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:54:17.0207 0x0600 WdiServiceHost - ok
12:54:17.0207 0x0600 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:54:17.0207 0x0600 WdiSystemHost - ok
12:54:17.0237 0x0600 [ 282E7D46310338FF4A6B7680440EB0DA, 04242798DD82F583154AEA3D775C9BFD574FC471D01CDEB9D070872425094D82 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:54:17.0267 0x0600 WdNisDrv - ok
12:54:17.0307 0x0600 WdNisSvc - ok
12:54:17.0347 0x0600 [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:54:17.0367 0x0600 WebClient - ok
12:54:17.0407 0x0600 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:54:17.0427 0x0600 Wecsvc - ok
12:54:17.0457 0x0600 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
12:54:17.0457 0x0600 WEPHOSTSVC - ok
12:54:17.0487 0x0600 [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:54:17.0487 0x0600 wercplsupport - ok
12:54:17.0527 0x0600 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:54:17.0537 0x0600 WerSvc - ok
12:54:17.0547 0x0600 [ CBD20360AAC0A071444CCCEFF3DCE3A2, B2A12D4A34A95CDE21B74A64CE273D6D89E8F58E9FF296877C6C3A714E38E642 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:54:17.0557 0x0600 WFPLWFS - ok
12:54:17.0607 0x0600 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:54:17.0617 0x0600 WiaRpc - ok
12:54:17.0647 0x0600 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:54:17.0657 0x0600 WIMMount - ok
12:54:17.0657 0x0600 WinDefend - ok
12:54:17.0727 0x0600 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:54:17.0747 0x0600 WinHttpAutoProxySvc - ok
12:54:17.0787 0x0600 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:54:17.0787 0x0600 Winmgmt - ok
12:54:17.0897 0x0600 [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:54:17.0957 0x0600 WinRM - ok
12:54:17.0987 0x0600 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
12:54:17.0987 0x0600 WINUSB - ok
12:54:18.0047 0x0600 [ 9378B4E7E4E3EAE2F05823CFFF2C6EF4, 66BE95F975FAF3825DFA22BD4DA8693D37B15B83DBFDD36C7896F7363A127513 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:54:18.0077 0x0600 WlanSvc - ok
12:54:18.0107 0x0600 [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:54:18.0137 0x0600 wlidsvc - ok
12:54:18.0147 0x0600 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:54:18.0147 0x0600 WmiAcpi - ok
12:54:18.0187 0x0600 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:54:18.0197 0x0600 wmiApSrv - ok
12:54:18.0237 0x0600 WMPNetworkSvc - ok
12:54:18.0327 0x0600 [ 53A36BD7ABD1E56C9A0C923F09C717E3, 6CF53F109DA4EB06918C3528816FDBE5EC2AE1A5BA3DC9B172958B99758955D0 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
12:54:18.0357 0x0600 workfolderssvc - ok
12:54:18.0377 0x0600 [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:54:18.0387 0x0600 wpcfltr - ok
12:54:18.0407 0x0600 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
12:54:18.0407 0x0600 WPCSvc - ok
12:54:18.0427 0x0600 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:54:18.0437 0x0600 WPDBusEnum - ok
12:54:18.0447 0x0600 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:54:18.0447 0x0600 WpdUpFltr - ok
12:54:18.0477 0x0600 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:54:18.0487 0x0600 ws2ifsl - ok
12:54:18.0507 0x0600 [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:54:18.0517 0x0600 wscsvc - ok
12:54:18.0517 0x0600 WSearch - ok
12:54:18.0597 0x0600 [ DD988D37D33574D02642E528C8CD8808, CBB38E06A85F87EAB93F5777B556C999D4282410B1394BED008F2354447F2A1E ] WSService C:\WINDOWS\System32\WSService.dll
12:54:18.0647 0x0600 WSService - ok
12:54:18.0677 0x0600 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
12:54:18.0687 0x0600 wsvd - ok
12:54:18.0797 0x0600 [ A4158154BABB7A29BF5639CFAB3CEC2C, CDAFB22CFB99860A3F20074BF011AB0C9CED6A89A52C2B442814A7A477C141AC ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:54:18.0867 0x0600 wuauserv - ok
12:54:18.0907 0x0600 [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:54:18.0907 0x0600 WudfPf - ok
12:54:18.0927 0x0600 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
12:54:18.0927 0x0600 WUDFRd - ok
12:54:18.0937 0x0600 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:54:18.0937 0x0600 WUDFSensorLP - ok
12:54:18.0957 0x0600 [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
12:54:18.0957 0x0600 wudfsvc - ok
12:54:18.0967 0x0600 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:54:18.0967 0x0600 WUDFWpdFs - ok
12:54:18.0977 0x0600 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:54:18.0977 0x0600 WUDFWpdMtp - ok
12:54:19.0007 0x0600 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:54:19.0017 0x0600 WwanSvc - ok
12:54:19.0057 0x0600 [ C6B289A70A2D36242A2CCAA2715E1747, B7B4762C16B0B9D25F4A20123CA16DA76A897460D2A20D8D1F347D618F49C8B3 ] X5XSEx_Pr148 C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys
12:54:19.0067 0x0600 X5XSEx_Pr148 - ok
12:54:19.0247 0x0600 [ A923222A8437E6C419AFC1A3BE32FF47, ED1132AE3548AC54D838F93B36A591F3EDB34A980409ED220077871DA5630E9A ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
12:54:19.0297 0x0600 ZeroConfigService - ok
12:54:19.0307 0x0600 ================ Scan global ===============================
12:54:19.0337 0x0600 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
12:54:19.0367 0x0600 [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
12:54:19.0397 0x0600 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
12:54:19.0417 0x0600 [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
12:54:19.0427 0x0600 [ Global ] - ok
12:54:19.0427 0x0600 ================ Scan MBR ==================================
12:54:19.0427 0x0600 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:54:19.0437 0x0600 \Device\Harddisk0\DR0 - ok
12:54:19.0447 0x0600 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:54:19.0447 0x0600 \Device\Harddisk1\DR1 - ok
12:54:19.0447 0x0600 ================ Scan VBR ==================================
12:54:19.0447 0x0600 [ 36375F6B34533DC74379956ACE27E827 ] \Device\Harddisk0\DR0\Partition1
12:54:19.0447 0x0600 \Device\Harddisk0\DR0\Partition1 - ok
12:54:19.0477 0x0600 [ CDF105ED358F8F57C0DB1D3593EB881E ] \Device\Harddisk1\DR1\Partition1
12:54:19.0477 0x0600 \Device\Harddisk1\DR1\Partition1 - ok
12:54:19.0487 0x0600 [ 5D2ED47091863CD197B8ADEF15EE44F5 ] \Device\Harddisk1\DR1\Partition2
12:54:19.0487 0x0600 \Device\Harddisk1\DR1\Partition2 - ok
12:54:19.0497 0x0600 [ 3A4BC44E981F0EBE567E5A4507623A04 ] \Device\Harddisk1\DR1\Partition3
12:54:19.0497 0x0600 \Device\Harddisk1\DR1\Partition3 - ok
12:54:19.0507 0x0600 [ E40204A888B93872E486768A0BD7FB07 ] \Device\Harddisk1\DR1\Partition4
12:54:19.0507 0x0600 \Device\Harddisk1\DR1\Partition4 - ok
12:54:19.0547 0x0600 [ 044D03DC4B318FBEFFE1D46FB3E97AF8 ] \Device\Harddisk1\DR1\Partition5
12:54:19.0547 0x0600 \Device\Harddisk1\DR1\Partition5 - ok
12:54:19.0577 0x0600 [ 8124BF5740CEAE1184AE69046940C332 ] \Device\Harddisk1\DR1\Partition6
12:54:19.0577 0x0600 \Device\Harddisk1\DR1\Partition6 - ok
12:54:19.0577 0x0600 [ 0BBD6B8C9DF3194F482C1A03EE79D6C8 ] \Device\Harddisk1\DR1\Partition7
12:54:19.0587 0x0600 \Device\Harddisk1\DR1\Partition7 - ok
12:54:19.0597 0x0600 [ 03DE6FCE1EBC78628F06132DFDE5490B ] \Device\Harddisk1\DR1\Partition8
12:54:19.0597 0x0600 \Device\Harddisk1\DR1\Partition8 - ok
12:54:19.0597 0x0600 Waiting for KSN requests completion. In queue: 90
12:54:20.0607 0x0600 Waiting for KSN requests completion. In queue: 90
12:54:21.0617 0x0600 Waiting for KSN requests completion. In queue: 90
12:54:22.0647 0x0600 AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareSecurityCenter.exe ( 11.0.4555.0 ), 0x41000 ( enabled : updated )
12:54:22.0677 0x0600 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x60100 ( disabled : updated )
12:54:22.0677 0x0600 FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareSecurityCenter.exe ( 11.0.4555.0 ), 0x40010 ( disabled )
12:54:22.0707 0x0600 Win FW state via NFP2: enabled
12:54:25.0287 0x0600 ============================================================
12:54:25.0287 0x0600 Scan finished
12:54:25.0287 0x0600 ============================================================
12:54:25.0287 0x32a0 Detected object count: 0
12:54:25.0287 0x32a0 Actual detected object count: 0

aswMBR Log:

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-10-28 12:49:28
-----------------------------
12:49:28.115 OS Version: Windows x64 6.2.9200
12:49:28.115 Number of processors: 8 586 0x3C03
12:49:28.115 ComputerName: BILLYBADASS UserName: Brandon
12:49:28.135 Initialze error 1
12:51:29.266 AVAST engine defs: 13102800
12:51:38.777 Disk 0 \Device\Harddisk0\DR0 -> \Device\00000034
12:51:38.777 Disk 0 Vendor: LITEONIT_LSS-24L6G DSR2204 Size: 22902MB BusType: 11
12:51:38.777 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000035
12:51:38.777 Disk 1 Vendor: ST1000LM024_HN-M101MBB 2AR20002 Size: 953869MB BusType: 11
12:51:38.797 Disk 1 MBR read successfully
12:51:38.807 Disk 1 MBR scan
12:51:38.807 Disk 1 unknown MBR code
12:51:38.807 Disk 1 Partition 1 00 EE GPT 2097151 MB offset 1
12:51:38.817 Disk 1 scanning C:\WINDOWS\system32\drivers
12:51:38.817 Service scanning
12:51:39.337 Modules scanning
12:51:39.337 Disk 1 trace - called modules:
12:51:39.337 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
12:51:39.337 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xffffe00003799060]
12:51:39.347 3 CLASSPNP.SYS[fffff80000f6dabb] -> nt!IofCallDriver -> \Device\00000035[0xffffe00002005060]
12:51:39.347 AVAST engine scan C:\WINDOWS
12:51:39.347 AVAST engine scan C:\WINDOWS\system32
12:51:39.357 AVAST engine scan C:\WINDOWS\system32\drivers
12:51:39.357 AVAST engine scan C:\Users\Brandon
12:51:39.357 AVAST engine scan C:\ProgramData
12:51:39.357 Scan finished successfully
12:51:56.548 Disk 1 MBR has been saved successfully to "C:\Users\Brandon\Desktop\MBR.dat"
12:51:56.548 The log file has been saved successfully to "C:\Users\Brandon\Desktop\aswMBR.txt"

#6 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 29 October 2013 - 02:03 AM

Combofix

Combofix should only be run when adviced by a team member!

Link

Important - Save the file to your desktop!

Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
Run Combofix.exe

When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.

Proud Member of UNITE & TB

#7 Manbearpig79

New Member

Authentic Member
12 posts

Posted 29 October 2013 - 01:10 PM

I downloaded the program to the desktop, but when I try to run it I get an error that says "Combofix is not meant to run in Compatibility mode and the program will now exit." I tried to see how to turn off compatibility mode, but it seems like it's tied to a program and I don't know which one is running in that mode.

#8 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 29 October 2013 - 01:43 PM

Please reboot into safe mode and try again

Proud Member of UNITE & TB

#9 Manbearpig79

New Member

Authentic Member
12 posts

Posted 29 October 2013 - 03:48 PM

I did the reboot but it said the program was not compatible with my software operating system. I believed this was due to me running Windows 8.1 update so I refreshed my machine to get it back to Windows 8. Please confirm I am still ok to run Combofix at this time since I reverted back to Windows 8. Thanks

#10 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 30 October 2013 - 02:30 AM

I didn´t see you ran 8.1. CF runs fine on Windows 8, please proceed.

Proud Member of UNITE & TB

Advertisements

Register to Remove

#11 Manbearpig79

New Member

Authentic Member
12 posts

Posted 30 October 2013 - 12:22 PM

Scan completed. I turned back on the anti virus and firewall--let me know if that's not ok. There is a Maintenance message in my action center that wants to scan drive for errors....should I do this? Thanks for your help! ComboFix 13-10-30.01 - Brandon 10/30/2013 10:59:24.1.8 - x64 Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7912.3595 [GMT -7:00] Running from: c:\users\Brandon\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\END c:\programdata\Lenovo-24262.vbs c:\programdata\Roaming c:\windows.old\Program Files\Lenovo\Lenovo Solution Center\Microsoft Fix it\FixitUi\_desktop.ini . . ((((((((((((((((((((((((( Files Created from 2013-09-28 to 2013-10-30 ))))))))))))))))))))))))))))))) . . 2013-10-30 17:52 . 2013-10-30 17:52 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2013-10-29 22:24 . 2013-10-29 22:24 315568 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10222.bin 2013-10-29 22:11 . 2013-10-29 22:11 -------- d-----w- C:\Windows.old 2013-10-29 22:01 . 2013-10-29 22:01 -------- d-----w- c:\windows\PCHEALTH 2013-10-29 22:01 . 2013-10-29 22:01 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin 2013-10-29 22:00 . 2013-10-29 22:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin 2013-10-29 21:57 . 2013-10-29 21:57 -------- d-----w- c:\program files\Microsoft Office 2013-10-29 21:57 . 2013-10-29 21:57 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2013-10-29 21:56 . 2013-10-30 18:03 -------- d-----w- c:\programdata\Microsoft Help 2013-10-29 21:55 . 2013-10-29 21:55 -------- d-----w- C:\$WINDOWS.~BT 2013-10-29 21:41 . 2013-10-29 21:41 -------- d-----w- c:\program files (x86)\Microsoft LifeCam 2013-10-29 21:41 . 2013-10-29 21:41 -------- d-----w- c:\program files\Microsoft LifeCam 2013-10-29 21:38 . 2013-09-23 20:49 197704 ----a-w- c:\windows\system32\drivers\HipShieldK.sys 2013-10-29 21:22 . 2013-10-29 21:22 -------- d-----w- c:\programdata\Energy Management 2013-10-29 21:21 . 2013-10-29 21:21 -------- d-----w- c:\programdata\eBay 2013-10-29 21:13 . 2013-10-29 21:21 -------- d-----w- c:\users\Brandon 2013-10-29 21:13 . 2013-10-29 21:14 -------- d-----w- c:\users\Guest 2013-10-29 21:13 . 2013-10-29 21:14 -------- d-----w- c:\users\jabon_000 2013-10-29 20:50 . 2013-10-29 21:55 -------- d-----w- C:\$SysReset 2013-10-17 18:48 . 2013-10-17 18:48 -------- d-----w- C:\Recovery 2013-10-14 23:32 . 2013-10-14 23:32 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll 2013-10-14 23:32 . 2013-10-14 23:32 674408 ----a-w- c:\windows\system32\LCCoin425.dll 2013-10-14 23:32 . 2013-10-14 23:32 34408 ----a-w- c:\windows\system32\drivers\LcUvcUpper.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-29 21:28 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-09-25 03:29 . 2012-06-22 14:40 70112 ----a-w- c:\windows\system32\drivers\cfwids.sys 2013-09-25 03:25 . 2012-06-22 14:38 343568 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2013-09-25 03:25 . 2013-05-30 15:39 182752 ----a-w- c:\windows\system32\mfevtps.exe 2013-09-25 03:22 . 2012-06-22 14:36 781312 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2013-09-25 03:21 . 2012-06-22 14:35 519192 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2013-09-25 03:20 . 2012-06-22 14:34 310224 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2013-09-25 03:19 . 2012-06-22 14:34 179664 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2013-09-25 03:03 . 2012-06-18 19:29 69264 ----a-w- c:\windows\system32\drivers\mfeelamk.sys 2013-09-20 16:38 . 2013-09-20 16:38 10856 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys 2013-09-20 16:38 . 2013-09-20 16:38 95984 ----a-w- c:\windows\system32\drivers\mfencrk.sys 2013-09-20 16:37 . 2013-09-20 16:37 390552 ----a-w- c:\windows\system32\drivers\mfencbdc.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-10-31 168464] "UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088] "RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512] "Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-07-12 155488] "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "EnableUIADesktopToggle"= 0 (0x0) "EnableCursorSuppression"= 1 (0x1) "ConsentPromptBehaviorUser"= 3 (0x3) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] @="" . R0 mfeelamk;McAfee Inc. mfeelamk;c:\windows\system32\drivers\mfeelamk.sys;c:\windows\SYSNATIVE\drivers\mfeelamk.sys [x] R2 0234221383083241mcinstcleanup;McAfee Application Installer Cleanup (0234221383083241);c:\windows\TEMP\023422~1.EXE;c:\windows\TEMP\023422~1.EXE [x] R2 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x] R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x] R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe;c:\progra~1\mcafee\msc\mcawfwk.exe [x] R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x] R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x] S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x] S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x] S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x] S2 ExpressCache;ExpressCache;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe [x] S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x] S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x] S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x] S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x] S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [x] S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x] S2 X5XSEx_Pr148;X5XSEx_Pr148;c:\program files (x86)\FreeRide Games\X5XSEx_Pr148.Sys;c:\program files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [x] S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x] S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x] S3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x] S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x] S3 LcUvcUpper;LcUvcUpper Service;c:\windows\system32\DRIVERS\LcUvcUpper.sys;c:\windows\SYSNATIVE\DRIVERS\LcUvcUpper.sys [x] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x] S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x] S3 NETwNe64;@oem17.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x] S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x] S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x] S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x] . . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp] @="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}" [HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending] @="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}" [HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot] @="{A759AFF6-5851-457D-A540-F4ECED148351}" [HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared] @="{1574C9EF-7D58-488F-B358-8B78C1538F51}" [HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 36352] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-01-29 13267016] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-01-18 1276488] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-09-30 11582848] "RtsFT"="RTFTrack.exe" [2013-03-15 6346312] "UMonit64"="c:\windows\SysWOW64\UMonit64.exe" [2013-03-14 40960] "OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-09-14 4196432] "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-05-30 17080376] "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-05-30 191544] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://lenovo13.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm TCP: DhcpNameServer = 192.168.1.1 DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} - . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) @SACL=(02 0000) . Completion time: 2013-10-30 11:07:16 ComboFix-quarantined-files.txt 2013-10-30 18:07 . Pre-Run: 835,893,985,280 bytes free Post-Run: 835,492,769,792 bytes free . - - End Of File - - 4F33AEF61CBE4810F2EB909551C83EF0 5FB38429D5D77768867C76DCBDB35194

#12 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 31 October 2013 - 02:20 AM

You may perform the disk scan task, if you want.

Full System Scan with Malwarebytes Antimalware

If not existing, please download Malwarebytes' Anti-Malware to your desktop.
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

Run Malwarebytes Antimalware
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location.
The log can also be found here:
C:Documents and SettingsUsernameApplication DataMalwarebytesMalwarebytes' Anti-MalwareLogslog-date.txt
Or at C:Program FilesMalwarebytes' Anti-MalwareLogslog-date.txt
Post that log back here.

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is unticked
Click on Advanced Settings and ensure these options are ticked:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Click Scan
Wait for the scan to finish
If any threats were found, click the 'List of found threats' , then click Export to text file....
Save it to your desktop, then please copy and paste that log as a reply to this topic.

Proud Member of UNITE & TB

#13 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 04 November 2013 - 06:53 AM

Are you still there?

Proud Member of UNITE & TB

#14 Manbearpig79

New Member

Authentic Member
12 posts

Posted 04 November 2013 - 11:01 AM

Hi--yes I am here, but I am away from my computer at home while out of state. I meant to say that before I left--I will continue the steps when I get back on Wednesday. Thank you for your continued support.

#15 Manbearpig79

New Member

Authentic Member
12 posts

Posted 06 November 2013 - 10:22 PM

From Malwarebytes

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.07.01

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Brandon :: BILLYBADASS [administrator]

Protection: Enabled

11/6/2013 5:27:50 PM
mbam-log-2013-11-06 (17-27-50).txt

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Brandon\Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.

Files Detected: 94
C:\Users\Brandon\Desktop\BringMeSports.exe (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
C:\Users\Brandon\Downloads\FlashPlayer__3650_i104938884_il12.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\0VYCH029\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\0VYCH029\conduitinstaller[2].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\0VYCH029\Setup.exe (PUP.Optional.Firseria) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\0VYCH029\SkywalkerSetup[1].exe (PUP.Optional.Sweetpacks) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\0VYCH029\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\0VYCH029\SweetPacks_A15_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\3HCUVKDI\checktbexist[1].exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\3HCUVKDI\mgsqlite3[1].7z (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\3HCUVKDI\Setup[1].exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\3HCUVKDI\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\3HCUVKDI\SweetPacks_A1[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\AXOQS2F9\appbario13[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\AXOQS2F9\BringMeSports.exe (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\AXOQS2F9\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\AXOQS2F9\component_libcef_1.1364.1123[1].exe (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\AXOQS2F9\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\AXOQS2F9\Setup[1].exe (PUP.Optional.Glindorus.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\AXOQS2F9\stublogic[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\AXOQS2F9\SweetPacks_A15[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\AXOQS2F9\SweetPacks_A1_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\O7LR2RQY\appbario13_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\O7LR2RQY\bundlesweetimsetup[1].exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\O7LR2RQY\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Microsoft\Windows\INetCache\IE\O7LR2RQY\FlashPlayer__3650_i104717669_il12.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\Installer.exe (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nsd5B6.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nseB995.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nseF7A7.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nsf51C1.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nsf780D.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nsfA4D.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nsgD2C0.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nst72EA.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nstB1B7.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nsvBE3B.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nswACF1.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\nszCDBC.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\Shortcut_IMsetup.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\SweetIMInstallValidator.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\WSSetup.exe (PUP.Optional.InstallBrain.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\Сodec Performer803975.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3279412\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3279412\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3279412\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3279412\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3279412\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3279412\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3314198\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3314198\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3314198\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3314198\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3314198\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3314198\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3316075\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3316075\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3316075\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3316075\sl.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3316075\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3316075\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ct3316075\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\Desk365\eInstall\eInstall.exe (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ins4960\QuickShare_0909-b3f69b35.exe (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\ins4960\SweetIMCO_0710_EN-bbf1713f.exe (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\Player_Setup.exe\51571970a9fc4d18892400afb8e78788\Player_Setup.exe (PUP.Optional.DomaIQ) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\Player_Setup.exe\51571970a9fc4d18892400afb8e78788\software\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\Player_Setup.exe\51571970a9fc4d18892400afb8e78788\software\plus-hd-1-3.exe (PUP.Optional.CrossRider) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Local\Temp\Player_Setup.exe\51571970a9fc4d18892400afb8e78788\software\swa1_23.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\SearchProtect\bin\SPHook64.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\Brandon\AppData\Roaming\SearchProtect\bin\SPTool64.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\SPHook64.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\SPTool64.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows.old\Users\jabon_000\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Brandon\Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.

(end)

Body Background

skin color theme