Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

need urgent help. win32.exe virus?

Started by shinakuma9 , Nov 26 2012 10:04 PM

Please log in to reply

#1
shinakuma9

Posted 26 November 2012 - 10:04 PM

Member

Member
165 posts

Hello.

It seems that I have got the win32.exe virus. It has a startup from my C:/kernels folder and starts up on boot. So far I have managed to use msconfig to prevent it from starting up on boot but I don't know how to remove it completely. When it's running it will max out resources on the computer. Please help.

OTL log below

Thanks.

OTL logfile created on: 11/26/2012 11:07:19 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anuj\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.93 Gb Total Physical Memory | 3.51 Gb Available Physical Memory | 59.07% Memory free
11.87 Gb Paging File | 9.15 Gb Available in Paging File | 77.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 606.94 Gb Free Space | 86.89% Space Free | Partition Type: NTFS

Computer Name: ANUJ-PC | User Name: Anuj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/26 23:07:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anuj\Downloads\OTL.exe
PRC - [2012/11/09 21:07:46 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/11/09 19:33:51 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/10/31 17:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/10/25 15:45:50 | 016,052,192 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/10/17 05:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/16 06:07:14 | 003,478,936 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/05/25 07:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2009/10/26 10:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/10/09 10:27:44 | 006,937,216 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/22 20:25:00 | 000,102,400 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\D3DOverrider.exe
PRC - [2009/08/19 20:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/07/13 20:14:47 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe

========== Modules (No Company Name) ==========

MOD - [2012/11/26 22:51:53 | 001,024,024 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\windows._cacheinvalidation.pyd
MOD - [2012/11/26 22:51:53 | 000,792,576 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\wx._gdi_.pyd
MOD - [2012/11/26 22:51:53 | 000,731,136 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\wx._misc_.pyd
MOD - [2012/11/26 22:51:53 | 000,645,120 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\_ssl.pyd
MOD - [2012/11/26 22:51:53 | 000,571,392 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\pysqlite2._sqlite.pyd
MOD - [2012/11/26 22:51:53 | 000,354,304 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\pythoncom26.dll
MOD - [2012/11/26 22:51:53 | 000,263,168 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32com.shell.shell.pyd
MOD - [2012/11/26 22:51:53 | 000,110,592 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32security.pyd
MOD - [2012/11/26 22:51:53 | 000,110,592 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\PyWinTypes26.dll
MOD - [2012/11/26 22:51:53 | 000,096,256 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32api.pyd
MOD - [2012/11/26 22:51:53 | 000,086,016 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\_elementtree.pyd
MOD - [2012/11/26 22:51:53 | 000,073,728 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\_ctypes.pyd
MOD - [2012/11/26 22:51:53 | 000,070,656 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\wx._html2.pyd
MOD - [2012/11/26 22:51:53 | 000,040,448 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\_socket.pyd
MOD - [2012/11/26 22:51:53 | 000,023,040 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32ts.pyd
MOD - [2012/11/26 22:51:53 | 000,017,920 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32profile.pyd
MOD - [2012/11/26 22:51:53 | 000,011,776 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32crypt.pyd
MOD - [2012/11/26 22:51:49 | 000,022,528 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32pdh.pyd
MOD - [2012/11/26 22:51:47 | 001,169,408 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\wx._core_.pyd
MOD - [2012/11/26 22:51:47 | 000,036,352 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32process.pyd
MOD - [2012/11/26 22:51:46 | 000,807,424 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\wx._windows_.pyd
MOD - [2012/11/26 22:51:46 | 000,311,808 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\_hashlib.pyd
MOD - [2012/11/26 22:51:46 | 000,121,856 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\wx._wizard.pyd
MOD - [2012/11/26 22:51:44 | 000,111,104 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32file.pyd
MOD - [2012/11/26 22:51:43 | 000,039,424 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32inet.pyd
MOD - [2012/11/26 22:51:41 | 001,056,256 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\wx._controls_.pyd
MOD - [2012/11/26 22:51:41 | 000,585,728 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\unicodedata.pyd
MOD - [2012/11/26 22:51:41 | 000,153,088 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\pyexpat.pyd
MOD - [2012/11/26 22:51:41 | 000,017,920 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\win32event.pyd
MOD - [2012/11/26 22:51:41 | 000,011,776 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI23322\select.pyd
MOD - [2012/11/10 23:21:36 | 006,307,952 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\1033\grooveintlresource.dll
MOD - [2012/11/09 21:11:59 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/11/09 21:11:58 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/11/09 21:11:58 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/11/09 21:11:58 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/11/09 21:11:58 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/10/31 17:15:05 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll
MOD - [2012/10/31 17:15:04 | 012,455,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
MOD - [2012/10/31 17:15:02 | 004,007,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
MOD - [2012/10/31 17:13:47 | 000,587,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll
MOD - [2012/10/31 17:13:46 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll
MOD - [2012/10/31 17:13:35 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
MOD - [2012/10/31 17:13:34 | 000,274,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
MOD - [2012/10/31 17:13:32 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll
MOD - [2012/10/17 05:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
MOD - [2012/06/29 23:18:08 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTMUI.dll
MOD - [2012/06/29 23:18:04 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTHAL.dll
MOD - [2012/06/29 23:17:48 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTCore.dll
MOD - [2012/06/29 23:17:40 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTUI.dll
MOD - [2012/06/29 23:17:34 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTFC.dll
MOD - [2011/05/01 01:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTTSH.dll
MOD - [2009/08/22 20:25:00 | 000,106,496 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\RTUI.dll
MOD - [2009/08/22 20:25:00 | 000,102,400 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\D3DOverrider.exe
MOD - [2009/08/22 20:25:00 | 000,057,344 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\RTFC.dll
MOD - [2009/08/22 20:25:00 | 000,032,768 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\D3DOverriderHooks.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/09/11 18:13:02 | 001,494,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2011/09/27 14:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/01/12 15:57:54 | 001,430,800 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/01/12 15:38:18 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/01/12 15:36:22 | 000,840,976 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2012/11/09 17:58:23 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/11/09 21:10:11 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/07/03 10:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/02/07 20:13:32 | 000,149,640 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/09/02 01:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 01:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/01/19 02:28:56 | 008,080,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2009/10/28 00:09:33 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/13 09:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2007/07/24 11:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2012/10/17 05:21:00 | 000,015,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys -- (RTCore64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?r...opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A8 14 70 5F 57 CB CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Anuj\AppData\Roaming\IDM\idmmzcc5 [2012/11/10 00:26:11 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: AutoPatchWork = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeolcjbaammbkgaiagooljfdepnjmkfd\1.9.7_0\
CHR - Extension: Google Drive = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: NeoGAF Live Thread = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbfgndoggabppkoehpipfadjelcofmp\1.0.6_0\
CHR - Extension: YouTube = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Reddit Widget [ANTP] = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpcomccnnochpjdakpakbieihbglblcn\1.3.3.2_0\
CHR - Extension: Search by Image (by Google) = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.3.2_0\
CHR - Extension: Center Image = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiklnjkgjkmamgoaggongdmekajdlki\2.1_0\
CHR - Extension: imgur = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\1.1.3_0\
CHR - Extension: AdBlock = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: Fauxbar = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hibkhcnpkakjniplpfblaoikiggkopka\1.2.10_0\
CHR - Extension: TabJump - Intelligent Tab Navigator = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokofmgcicpnjchllaccgedmmmbbnbmf\0.7.9_0\
CHR - Extension: Wolfram|Alpha (Official) = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp\1.2.2_0\
CHR - Extension: Auto Replay for YouTube = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.20_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\
CHR - Extension: Auto HD For YouTube = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\3.3_0\
CHR - Extension: StayFocusd = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.3.7_0\
CHR - Extension: Awesome New Tab Page = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2012.147.2.0_0\
CHR - Extension: Google Mail Checker = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Antisocial = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pghncadecdbeoiklgemofaoampiiicmn\0.2.4_0\
CHR - Extension: Gmail = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [D3DOverrider] C:\Users\Anuj\D3DOverrider\D3DOverriderWrapper.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{469E2B3B-63F0-4692-B4BF-D9BAF35DB118}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1bc8d019-2ac0-11e2-b62a-0025d3ae5352}\Shell - "" = AutoRun
O33 - MountPoints2\{1bc8d019-2ac0-11e2-b62a-0025d3ae5352}\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/26 22:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/11/26 22:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/11/26 22:34:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/11/26 22:24:24 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X
[2012/11/26 22:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/11/25 23:25:32 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\NVIDIA
[2012/11/23 20:42:28 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Ubisoft Game Launcher
[2012/11/23 20:42:08 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\Assassin's Creed III
[2012/11/23 20:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
[2012/11/23 20:41:05 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Assassin's Creed III
[2012/11/23 01:09:32 | 000,000,000 | RHSD | C] -- C:\Kernels
[2012/11/23 01:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2012/11/23 00:58:16 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\GetRightToGo
[2012/11/23 00:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA 3D Vision driver
[2012/11/23 00:39:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012/11/22 01:23:06 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Theta
[2012/11/22 01:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012/11/22 01:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012/11/21 21:43:00 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Brice_Lambson
[2012/11/21 21:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows
[2012/11/21 21:41:43 | 000,000,000 | ---D | C] -- C:\Program Files\Image Resizer for Windows
[2012/11/21 21:41:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image Resizer for Windows
[2012/11/21 21:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2012/11/21 18:05:03 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\SCX-3200_PrintD_3.11.28.00
[2012/11/21 18:00:33 | 000,011,576 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\drivers\SSPORT.SYS
[2012/11/16 06:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/11/16 01:50:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/11/16 01:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2012/11/16 01:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/11/16 01:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/11/16 01:49:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/11/15 17:43:25 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Applications
[2012/11/13 16:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2012/11/13 16:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATKGFNEX
[2012/11/13 16:38:30 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/11/13 16:38:16 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\InstallShield
[2012/11/13 16:38:04 | 000,015,928 | ---- | C] (ASUS) -- C:\Windows\SysNative\drivers\ATK64AMD.sys
[2012/11/13 09:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
[2012/11/13 09:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\R
[2012/11/11 15:50:07 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\Diablo III
[2012/11/10 23:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2012/11/10 23:33:23 | 000,000,000 | R--D | C] -- C:\Users\Anuj\SkyDrive
[2012/11/10 23:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2012/11/10 23:23:42 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/11/10 23:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2012/11/10 23:16:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/11/10 23:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/11/10 23:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2012/11/10 22:36:16 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2012/11/10 22:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter Standard
[2012/11/10 22:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PingPlotter Standard
[2012/11/10 22:36:09 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\PingPlotter
[2012/11/10 22:35:47 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Downloaded Installations
[2012/11/10 22:30:35 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\My Cheat Tables
[2012/11/10 22:26:53 | 000,000,000 | ---D | C] -- C:\Users\Anuj\D3DOverrider
[2012/11/10 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/11/10 22:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/11/10 22:08:07 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\Games for Windows - LIVE Demos
[2012/11/10 22:03:59 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\CAPCOM
[2012/11/10 21:56:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/11/10 21:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShiftWindow
[2012/11/10 21:55:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ShiftWindow
[2012/11/10 05:21:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/11/10 05:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/11/10 05:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Capcom
[2012/11/10 05:07:48 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\ElevatedDiagnostics
[2012/11/10 05:07:39 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/11/10 01:05:40 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\LogiShrd
[2012/11/10 01:03:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/11/10 01:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012/11/10 01:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2012/11/10 01:01:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/11/10 01:00:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EVGA Precision X
[2012/11/10 00:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2012/11/10 00:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2012/11/10 00:26:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\IDM
[2012/11/10 00:26:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\DMCache
[2012/11/10 00:26:06 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/11/10 00:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/11/10 00:26:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2012/11/10 00:13:55 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\vlc
[2012/11/09 22:23:35 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/11/09 22:23:02 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/11/09 22:22:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/11/09 21:42:57 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/11/09 21:34:19 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\My Received Files
[2012/11/09 21:32:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd
[2012/11/09 21:17:31 | 000,000,000 | --SD | C] -- C:\Users\Anuj\Google Drive
[2012/11/09 21:14:30 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Tracing
[2012/11/09 21:11:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/11/09 21:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/11/09 21:10:11 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/11/09 21:10:06 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\DAEMON Tools Lite
[2012/11/09 21:10:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/11/09 21:09:23 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012/11/09 21:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/11/09 21:06:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/11/09 21:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2012/11/09 21:05:34 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Leadertech
[2012/11/09 21:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2012/11/09 21:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2012/11/09 20:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012/11/09 20:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/11/09 20:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/11/09 20:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/11/09 19:58:25 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT
[2012/11/09 19:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/11/09 19:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/11/09 19:40:55 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/11/09 19:40:55 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/11/09 19:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/11/09 19:39:03 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/11/09 19:36:08 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2012/11/09 19:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/11/09 19:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/11/09 19:33:48 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Google
[2012/11/09 19:33:34 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Apps
[2012/11/09 19:33:31 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Deployment
[2012/11/09 19:31:58 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Intel
[2012/11/09 19:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/11/09 19:30:10 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/11/09 19:29:00 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/11/09 19:29:00 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Searches
[2012/11/09 19:29:00 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/11/09 19:29:00 | 000,000,000 | -H-D | C] -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/11/09 19:28:51 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Identities
[2012/11/09 19:28:49 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Contacts
[2012/11/09 19:28:48 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\VirtualStore
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\AppData\Local\Temporary Internet Files
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Templates
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Start Menu
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\SendTo
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Recent
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\PrintHood
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\NetHood
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Documents\My Videos
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Documents\My Pictures
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Documents\My Music
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\My Documents
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Local Settings
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\AppData\Local\History
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Cookies
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Application Data
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\AppData\Local\Application Data
[2012/11/09 19:28:39 | 000,000,000 | --SD | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Videos
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Saved Games
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Pictures
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Music
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Links
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Favorites
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Downloads
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Documents
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Desktop
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/11/09 19:28:39 | 000,000,000 | -H-D | C] -- C:\Users\Anuj\AppData
[2012/11/09 19:28:39 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Temp
[2012/11/09 19:28:39 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Microsoft
[2012/11/09 19:28:39 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Media Center Programs
[2012/11/09 19:28:32 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/11/09 19:28:29 | 000,000,000 | ---D | C] -- C:\Windows\softwaredistribution.bak
[2012/11/09 18:02:21 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Windows Live
[2012/11/09 18:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/11/09 18:01:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/11/09 18:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/11/09 18:01:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/11/09 18:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012/11/09 18:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012/11/09 18:00:38 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/11/09 17:59:57 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Dropbox
[2012/11/09 17:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012/11/09 17:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2012/11/09 17:59:42 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2012/11/09 17:59:41 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Programs
[2012/11/09 17:59:27 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\WinRAR
[2012/11/09 17:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/11/09 17:59:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/11/09 17:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/11/09 17:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/11/09 17:59:20 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\uTorrent
[2012/11/09 17:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012/11/09 17:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/11/09 17:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/11/09 17:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/11/09 17:58:37 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Logitech
[2012/11/09 17:58:37 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Logishrd
[2012/11/09 17:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/11/09 17:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/11/09 17:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/11/09 17:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/11/09 17:58:30 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Macromedia
[2012/11/09 17:58:30 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Adobe
[2012/11/09 17:58:29 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Adobe
[2012/11/09 17:58:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/11/09 17:58:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/11/09 17:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/11/09 17:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/11/09 17:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/26 23:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/26 22:59:10 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/26 22:59:10 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/26 22:58:02 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/26 22:58:02 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/26 22:58:02 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/26 22:51:47 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/26 22:51:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/26 22:51:26 | 484,315,135 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/26 22:24:24 | 000,001,092 | ---- | M] () -- C:\Users\Anuj\Desktop\EVGA Precision X.lnk
[2012/11/26 13:38:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/23 01:09:32 | 006,830,087 | RHS- | M] () -- C:\win32.exe
[2012/11/16 02:53:21 | 000,001,358 | ---- | M] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2012/11/16 02:52:31 | 000,435,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/16 02:48:26 | 000,007,612 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Resmon.ResmonCfg
[2012/11/13 16:45:56 | 000,000,177 | ---- | M] () -- C:\Users\Anuj\Documents\.Rhistory
[2012/11/10 22:30:08 | 000,000,073 | ---- | M] () -- C:\Users\Anuj\Documents\ssf4.swr
[2012/11/10 04:04:23 | 000,772,682 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/09 22:26:42 | 000,041,962 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/11/09 22:26:42 | 000,041,962 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/11/09 21:12:46 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/11/09 21:10:11 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/11/09 20:03:04 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/11/09 20:03:04 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/11/09 19:36:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/09 19:33:04 | 000,001,441 | ---- | M] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/09 17:59:20 | 000,000,971 | ---- | M] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/26 22:36:54 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/11/26 22:24:24 | 000,001,092 | ---- | C] () -- C:\Users\Anuj\Desktop\EVGA Precision X.lnk
[2012/11/23 01:09:31 | 006,830,087 | RHS- | C] () -- C:\win32.exe
[2012/11/16 06:12:29 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012/11/16 02:48:26 | 000,007,612 | ---- | C] () -- C:\Users\Anuj\AppData\Local\Resmon.ResmonCfg
[2012/11/13 16:45:56 | 000,000,177 | ---- | C] () -- C:\Users\Anuj\Documents\.Rhistory
[2012/11/10 23:33:23 | 000,002,119 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2012/11/10 22:30:08 | 000,000,073 | ---- | C] () -- C:\Users\Anuj\Documents\ssf4.swr
[2012/11/09 22:26:36 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/11/09 22:26:31 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/11/09 22:23:02 | 484,315,135 | -HS- | C] () -- C:\hiberfil.sys
[2012/11/09 21:12:46 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/11/09 21:12:42 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/11/09 21:08:19 | 000,772,682 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/09 21:05:34 | 000,001,358 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2012/11/09 19:58:22 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/11/09 19:58:22 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/11/09 19:36:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/09 19:33:55 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/09 19:33:54 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/09 19:33:04 | 000,001,441 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/09 19:29:05 | 000,001,413 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/09 19:29:01 | 000,001,447 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/11/09 19:28:39 | 000,000,290 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/11/09 19:28:39 | 000,000,272 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/11/09 18:01:29 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012/11/09 18:01:01 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/11/09 17:59:44 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2012/11/09 17:59:44 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2012/11/09 17:59:43 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2012/11/09 17:59:20 | 000,000,971 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/11/09 17:58:24 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 20:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 20:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/23 20:41:05 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Assassin's Creed III
[2012/11/10 05:11:19 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\DAEMON Tools Lite
[2012/11/26 22:27:53 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\DMCache
[2012/11/10 22:35:47 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Downloaded Installations
[2012/11/09 21:32:59 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Dropbox
[2012/11/23 16:33:18 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\GetRightToGo
[2012/11/10 00:28:38 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\IDM
[2012/11/09 21:05:34 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Leadertech
[2012/11/10 22:36:09 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\PingPlotter
[2012/11/22 01:23:06 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Theta
[2012/11/26 05:40:42 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\uTorrent

========== Purity Check ==========

< End of report >

Edited by shinakuma9, 26 November 2012 - 10:15 PM.

#2
RKinner

Posted 28 November 2012 - 12:51 PM

Malware Expert

Expert
24,624 posts

Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Right click on TDSSKiller.exe and select Run As Administrator to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Download ESET's Service Repair http://kb.eset.com/l...vicesRepair.exe and Save it then right click on it and Run As Admin.

If it doesn't do it for you:
Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Ron

#3
shinakuma9

Posted 30 November 2012 - 07:33 PM

Member

Topic Starter
Member
165 posts

Hi. In the process of doing all the above. Will update when it's done.

Thanks.

#4
shinakuma9

Posted 02 December 2012 - 05:06 PM

Member

Topic Starter
Member
165 posts

Hello.

Here are all the logs. I have tried accessing the Malwarebytes one from /users/ApplicationData but windows says I cannot access the folder. When I scanned with Malwarebytes though after the first few steps, there were no threats found.

ASWMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-30 06:25:17
-----------------------------
06:25:17.318 OS Version: Windows x64 6.1.7600
06:25:17.318 Number of processors: 8 586 0x1E05
06:25:17.319 ComputerName: ANUJ-PC UserName: Anuj
06:25:19.170 Initialize success
06:25:58.907 AVAST engine defs: 12112901
06:26:24.069 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
06:26:24.073 Disk 0 Vendor: WDC_WD7500BPKT-00PK4T0 01.01A01 Size: 715404MB BusType: 11
06:26:24.078 Disk 0 MBR read successfully
06:26:24.083 Disk 0 MBR scan
06:26:24.089 Disk 0 Windows 7 default MBR code
06:26:24.094 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
06:26:24.132 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 715301 MB offset 206848
06:26:24.194 Disk 0 scanning C:\Windows\system32\drivers
06:26:33.063 Service scanning
06:26:53.730 Modules scanning
06:26:55.557 AVAST engine scan C:\Windows
06:26:58.435 AVAST engine scan C:\Windows\system32
06:30:08.384 AVAST engine scan C:\Windows\system32\drivers
06:30:19.459 AVAST engine scan C:\Users\Anuj
06:35:23.172 AVAST engine scan C:\ProgramData
06:35:50.107 Scan finished successfully
20:32:58.974 Disk 0 MBR has been saved successfully to "C:\Users\Anuj\Desktop\MBR.dat"
20:32:59.035 The log file has been saved successfully to "C:\Users\Anuj\Desktop\aswMBR.txt"

Combofix

ComboFix 12-12-02.01 - Anuj 12/02/2012 17:11:26.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6077.4365 [GMT -5:00]
Running from: c:\users\Anuj\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Anuj\AppData\Local\Temp\_MEI71562\_ctypes.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\_elementtree.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\_hashlib.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\_socket.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\_ssl.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\pyexpat.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\pysqlite2._sqlite.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\python26.dll
c:\users\Anuj\AppData\Local\Temp\_MEI71562\pythoncom26.dll
c:\users\Anuj\AppData\Local\Temp\_MEI71562\PyWinTypes26.dll
c:\users\Anuj\AppData\Local\Temp\_MEI71562\select.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\unicodedata.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32api.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32com.shell.shell.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32crypt.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32event.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32file.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32inet.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32pdh.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32process.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32profile.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32security.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\win32ts.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\windows._cacheinvalidation.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wx._controls_.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wx._core_.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wx._gdi_.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wx._html2.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wx._misc_.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wx._windows_.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wx._wizard.pyd
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wxbase293u_net_vc.dll
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wxbase293u_vc.dll
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wxmsw293u_adv_vc.dll
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wxmsw293u_core_vc.dll
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wxmsw293u_html_vc.dll
c:\users\Anuj\AppData\Local\Temp\_MEI71562\wxmsw293u_webview_vc.dll
c:\users\Anuj\AppData\Local\Temp\tmpowulp6\googledrivesync.exe
C:\win32.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-02 to 2012-12-02 )))))))))))))))))))))))))))))))
.
.
2012-12-02 22:16 . 2012-12-02 22:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-02 04:02 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9E137CE8-8B81-4BFA-9253-1CBEA42888A9}\mpengine.dll
2012-12-01 04:05 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-29 04:03 . 2012-11-12 03:35 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-11-29 04:03 . 2012-11-29 04:02 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{90A7A9C4-E92C-4F68-A2F6-44B01B2A4F47}\gapaengine.dll
2012-11-27 03:38 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-27 03:38 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-27 03:38 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-27 03:38 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-27 03:38 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-27 03:38 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-27 03:37 . 2012-11-27 03:37 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-11-27 03:34 . 2012-11-27 03:34 -------- d-----w- c:\program files\CCleaner
2012-11-27 03:24 . 2012-11-27 03:24 -------- d--h--w- c:\windows\msdownld.tmp
2012-11-27 03:13 . 2012-12-02 22:17 -------- d-----w- c:\programdata\NVIDIA
2012-11-23 06:09 . 2012-11-23 06:09 -------- d-----r- C:\Kernels
2012-11-23 06:05 . 2012-11-23 06:05 -------- d-----w- c:\programdata\Orbit
2012-11-23 05:39 . 2012-11-27 02:58 -------- d-----w- c:\program files (x86)\NVIDIA 3D Vision driver
2012-11-23 05:39 . 2012-11-23 05:39 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2012-11-22 06:20 . 2012-11-18 23:07 -------- d-----w- c:\program files (x86)\Ubisoft
2012-11-22 06:07 . 2012-11-24 01:26 -------- d-----w- c:\program files (x86)\R.G. Mechanics
2012-11-22 02:41 . 2012-11-22 02:41 -------- d-----w- c:\program files\Image Resizer for Windows
2012-11-22 02:41 . 2012-11-22 02:41 -------- d-----w- c:\program files (x86)\Image Resizer for Windows
2012-11-22 02:41 . 2012-11-22 02:41 -------- d-----w- c:\programdata\Package Cache
2012-11-21 23:14 . 2011-04-18 11:10 36864 ----a-w- c:\windows\system32\Spool\prtprocs\x64\ssb3mpc.dll
2012-11-21 23:00 . 2009-10-28 05:09 11576 ------w- c:\windows\system32\drivers\SSPORT.SYS
2012-11-16 06:50 . 2012-11-16 06:50 -------- d-----w- c:\program files (x86)\Microsoft
2012-11-16 06:50 . 2012-11-16 06:50 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive
2012-11-16 06:50 . 2012-11-16 06:51 -------- d-----w- c:\program files (x86)\Windows Live
2012-11-16 06:49 . 2012-11-16 06:49 -------- d-----w- c:\windows\PCHEALTH
2012-11-13 21:39 . 2012-11-18 21:50 -------- d-----w- c:\program files (x86)\ASUS
2012-11-13 21:38 . 2012-11-13 21:38 -------- d-----w- c:\program files\ATKGFNEX
2012-11-13 21:38 . 2012-11-13 21:38 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2012-11-13 21:38 . 2009-05-13 14:07 15928 ----a-w- c:\windows\system32\drivers\ATK64AMD.sys
2012-11-13 14:59 . 2012-11-13 14:59 -------- d-----w- c:\program files\R
2012-11-11 04:33 . 2012-11-11 04:33 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive
2012-11-11 04:33 . 2012-11-11 04:33 -------- d-----w- c:\programdata\Microsoft SkyDrive
2012-11-11 04:23 . 2012-11-11 04:23 -------- d-----r- C:\MSOCache
2012-11-11 04:11 . 2012-11-11 04:10 461464 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2012-11-11 04:05 . 2012-11-11 04:18 -------- d-----w- c:\program files\Microsoft Office 15
2012-11-11 03:36 . 2012-11-11 03:36 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2012-11-11 03:36 . 2012-11-09 15:36 44 ---h--w- c:\program files (x86)\36f81648.tmp
2012-11-11 03:36 . 2012-11-11 22:21 -------- d-----w- c:\program files (x86)\PingPlotter Standard
2012-11-11 02:55 . 2012-11-11 02:55 -------- d-----w- c:\program files (x86)\ShiftWindow
2012-11-10 10:21 . 2012-11-16 11:12 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-11-10 10:21 . 2012-11-10 10:21 -------- d-----w- c:\windows\SysWow64\xlive
2012-11-10 10:12 . 2012-11-10 10:12 -------- d-----w- c:\program files (x86)\Capcom
2012-11-10 06:04 . 2012-11-12 04:06 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-11-10 06:03 . 2012-11-10 06:03 -------- d-----w- c:\program files\Logitech
2012-11-10 06:02 . 2012-11-10 06:04 -------- d-----w- c:\program files\Common Files\Logishrd
2012-11-10 06:00 . 2012-11-28 22:13 -------- d-----w- c:\program files (x86)\EVGA Precision X
2012-11-10 05:57 . 2012-11-10 05:57 -------- d-----w- c:\program files\Core Temp
2012-11-10 05:40 . 2012-11-10 05:40 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-11-10 05:26 . 2012-11-10 05:26 -------- d-----w- c:\program files (x86)\Internet Download Manager
2012-11-10 03:22 . 2012-11-10 00:28 -------- d-----w- c:\windows\Panther
2012-11-10 03:12 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2012-11-10 03:12 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2012-11-10 03:03 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-11-10 03:03 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-11-10 02:27 . 2010-06-02 09:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-11-10 02:27 . 2010-06-02 09:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2012-11-10 02:27 . 2010-06-02 09:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2012-11-10 02:27 . 2010-06-02 09:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-11-10 02:27 . 2010-06-02 09:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll
2012-11-10 02:27 . 2010-06-02 09:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2012-11-10 02:27 . 2010-05-26 16:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-10 02:27 . 2010-05-26 16:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2012-11-10 02:25 . 2005-03-18 22:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2012-11-10 02:25 . 2005-02-06 00:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2012-11-10 02:11 . 2012-11-10 02:11 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-11-10 02:11 . 2012-11-10 02:12 -------- d-----w- c:\program files\Microsoft Security Client
2012-11-10 02:11 . 2010-04-09 11:06 1898376 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-10 02:11 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2012-11-10 02:10 . 2012-11-10 02:10 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-10 02:10 . 2012-11-10 02:10 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-11-10 02:09 . 2012-11-10 10:11 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-11-10 02:09 . 2012-11-28 00:58 -------- d-----w- c:\program files (x86)\Diablo III
2012-11-10 02:09 . 2012-11-10 02:09 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2012-11-10 02:09 . 2012-11-10 02:09 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-11-10 02:08 . 2012-11-10 02:08 -------- d-----w- c:\programdata\Battle.net
2012-11-10 02:03 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2012-11-10 02:03 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2012-11-10 02:03 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-11-10 02:03 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-11-10 02:03 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2012-11-10 02:03 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2012-11-10 02:03 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2012-11-10 01:02 . 2012-11-10 01:02 -------- d-----w- c:\program files\Common Files\Intel
2012-11-10 01:02 . 2012-11-10 01:02 -------- d-----w- c:\program files (x86)\Cisco
2012-11-10 01:02 . 2012-11-10 01:02 -------- d-----w- c:\programdata\Intel
2012-11-10 00:58 . 2012-11-10 00:58 -------- d-----w- C:\$WINDOWS.~BT
2012-11-10 00:45 . 2012-10-17 06:31 9291768 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6ADFCFCA-A45C-4004-8D44-F2FE871A000D}\mpengine.dll
2012-11-10 00:45 . 2012-01-31 12:44 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-11-10 00:41 . 2012-11-27 03:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-11-10 00:40 . 2012-10-02 22:21 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-10 00:40 . 2012-10-02 22:21 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-11-10 00:40 . 2012-07-03 15:25 31080 ----a-w- c:\windows\system32\nvhdap64.dll
2012-11-10 00:40 . 2012-07-03 15:25 189288 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2012-11-10 00:40 . 2012-07-03 07:37 1472360 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2012-11-10 00:39 . 2012-11-27 03:37 -------- d-----w- c:\program files\NVIDIA Corporation
2012-11-10 00:39 . 2012-11-10 00:39 -------- d-----w- C:\NVIDIA
2012-11-10 00:37 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-11-10 00:37 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-11-10 00:37 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2012-11-10 00:37 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2012-11-10 00:37 . 2012-02-15 04:47 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-11-10 00:37 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-11-10 00:33 . 2012-11-09 22:59 -------- d-----w- c:\program files (x86)\Google
2012-11-10 00:33 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-11-10 00:33 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-11-10 00:33 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-11-10 00:33 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-11-10 00:33 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-11-10 00:33 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-11-10 00:33 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-11-10 00:33 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-11-10 00:33 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-11-10 00:30 . 2012-11-10 00:30 -------- d-----w- c:\program files\Intel
2012-11-10 00:30 . 2012-11-28 00:39 -------- d-sh--w- c:\windows\Installer
2012-11-10 00:28 . 2012-12-02 22:17 -------- d-----w- c:\users\Anuj
2012-11-10 00:28 . 2012-11-10 00:28 -------- d-----w- C:\Recovery
2012-11-10 00:28 . 2012-11-09 23:02 -------- d-----w- c:\windows\softwaredistribution.bak
2012-11-09 23:02 . 2012-11-09 23:02 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2012-11-09 23:01 . 2012-11-09 23:01 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-11-09 23:01 . 2012-11-09 23:01 -------- d-----w- c:\program files (x86)\VideoLAN
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 11:12 . 2009-08-18 17:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-11-16 11:12 . 2009-08-18 16:24 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-02 18:15 . 2012-10-02 18:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-11 04:33 220632 ----a-w- c:\users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-11 04:33 220632 ----a-w- c:\users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-11 04:33 220632 ----a-w- c:\users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-11-11 04:27 2042528 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-11-11 04:27 2042528 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-11-11 04:27 2042528 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-05 23:12 94208 ----a-w- c:\users\Anuj\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-05 23:12 94208 ----a-w- c:\users\Anuj\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-05 23:12 94208 ----a-w- c:\users\Anuj\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-05 23:12 94208 ----a-w- c:\users\Anuj\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-11-10 1353080]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-03-16 3478936]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-11-08 16070136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-10-09 6937216]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"D3DOverrider"="c:\users\Anuj\D3DOverrider\D3DOverriderWrapper.exe" [2009-08-23 40960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-12 340240]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-10 283200]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 149640]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-09-11 1494144]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-10-28 11576]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
S3 RTCore64;RTCore64;c:\program files (x86)\EVGA Precision X\RTCore64.sys [2012-10-17 15176]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-09 22:58]
.
2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-10 00:33]
.
2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-10 00:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-11 04:33 244688 ----a-w- c:\users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-11 04:33 244688 ----a-w- c:\users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-11 04:33 244688 ----a-w- c:\users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-11-11 04:31 2860192 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-11-11 04:31 2860192 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-11-11 04:31 2860192 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-05 23:12 97792 ----a-w- c:\users\Anuj\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-05 23:12 97792 ----a-w- c:\users\Anuj\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-05 23:12 97792 ----a-w- c:\users\Anuj\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-05 23:12 97792 ----a-w- c:\users\Anuj\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 21:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 21:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 21:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 21:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-12 1931536]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1232935865-4235792297-1753832237-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):32,ef,41,ef,ab,b5,4b,11,4d,fd,33,c4,fb,f1,13,f3,67,36,81,b5,c7,
d0,ad,91,a4,f9,ed,6f,f0,24,e4,e3,65,58,40,d8,1f,9a,ef,6b,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1232935865-4235792297-1753832237-1000_Classes\Wow6432Node\CLSID\{e9c5bf6d-33d4-4d97-a42d-b57f1d827cac}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000150
"Therad"=dword:00000017
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files (x86)\EVGA Precision X\EVGAPrecision.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\users\Anuj\D3DOverrider\D3DOverrider.exe
c:\program files (x86)\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Completion time: 2012-12-02 17:22:20 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-02 22:22
.
Pre-Run: 632,494,342,144 bytes free
Post-Run: 632,680,517,632 bytes free
.
- - End Of File - - 03C849CB1577CED602A86C1A778E06C1

TDSS

17:23:39.0706 6120 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:23:39.0957 6120 ============================================================
17:23:39.0957 6120 Current date / time: 2012/12/02 17:23:39.0957
17:23:39.0957 6120 SystemInfo:
17:23:39.0957 6120
17:23:39.0957 6120 OS Version: 6.1.7600 ServicePack: 0.0
17:23:39.0957 6120 Product type: Workstation
17:23:39.0957 6120 ComputerName: ANUJ-PC
17:23:39.0957 6120 UserName: Anuj
17:23:39.0957 6120 Windows directory: C:\Windows
17:23:39.0957 6120 System windows directory: C:\Windows
17:23:39.0957 6120 Running under WOW64
17:23:39.0957 6120 Processor architecture: Intel x64
17:23:39.0957 6120 Number of processors: 8
17:23:39.0957 6120 Page size: 0x1000
17:23:39.0957 6120 Boot type: Normal boot
17:23:39.0957 6120 ============================================================
17:23:41.0606 6120 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:23:41.0614 6120 ============================================================
17:23:41.0614 6120 \Device\Harddisk0\DR0:
17:23:41.0615 6120 MBR partitions:
17:23:41.0615 6120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:23:41.0615 6120 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57512800
17:23:41.0615 6120 ============================================================
17:23:41.0633 6120 C: <-> \Device\Harddisk0\DR0\Partition2
17:23:41.0633 6120 ============================================================
17:23:41.0633 6120 Initialize success
17:23:41.0633 6120 ============================================================
17:23:57.0134 5244 ============================================================
17:23:57.0134 5244 Scan started
17:23:57.0134 5244 Mode: Manual;
17:23:57.0134 5244 ============================================================
17:24:00.0159 5244 ================ Scan system memory ========================
17:24:00.0159 5244 System memory - ok
17:24:00.0159 5244 ================ Scan services =============================
17:24:00.0697 5244 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:24:00.0701 5244 1394ohci - ok
17:24:00.0720 5244 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:24:00.0724 5244 ACPI - ok
17:24:00.0743 5244 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:24:00.0745 5244 AcpiPmi - ok
17:24:00.0788 5244 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:24:00.0788 5244 AdobeARMservice - ok
17:24:00.0923 5244 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:24:00.0926 5244 AdobeFlashPlayerUpdateSvc - ok
17:24:00.0949 5244 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:24:00.0955 5244 adp94xx - ok
17:24:00.0972 5244 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:24:00.0977 5244 adpahci - ok
17:24:01.0007 5244 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:24:01.0010 5244 adpu320 - ok
17:24:01.0051 5244 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:24:01.0052 5244 AeLookupSvc - ok
17:24:01.0075 5244 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
17:24:01.0081 5244 AFD - ok
17:24:01.0094 5244 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:24:01.0096 5244 agp440 - ok
17:24:01.0110 5244 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:24:01.0112 5244 ALG - ok
17:24:01.0119 5244 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:24:01.0120 5244 aliide - ok
17:24:01.0127 5244 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:24:01.0128 5244 amdide - ok
17:24:01.0132 5244 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:24:01.0133 5244 AmdK8 - ok
17:24:01.0137 5244 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:24:01.0138 5244 AmdPPM - ok
17:24:01.0146 5244 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:24:01.0148 5244 amdsata - ok
17:24:01.0165 5244 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:24:01.0168 5244 amdsbs - ok
17:24:01.0176 5244 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:24:01.0177 5244 amdxata - ok
17:24:01.0194 5244 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:24:01.0196 5244 AppID - ok
17:24:01.0205 5244 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:24:01.0206 5244 AppIDSvc - ok
17:24:01.0220 5244 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:24:01.0221 5244 Appinfo - ok
17:24:01.0251 5244 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:24:01.0253 5244 arc - ok
17:24:01.0257 5244 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:24:01.0258 5244 arcsas - ok
17:24:01.0317 5244 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
17:24:01.0318 5244 ASLDRService - ok
17:24:01.0367 5244 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
17:24:01.0367 5244 ASMMAP64 - ok
17:24:01.0451 5244 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:24:01.0452 5244 aspnet_state - ok
17:24:01.0471 5244 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:24:01.0472 5244 AsyncMac - ok
17:24:01.0482 5244 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:24:01.0483 5244 atapi - ok
17:24:01.0493 5244 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
17:24:01.0494 5244 ATKGFNEXSrv - ok
17:24:01.0511 5244 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:24:01.0518 5244 AudioEndpointBuilder - ok
17:24:01.0527 5244 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:24:01.0530 5244 AudioSrv - ok
17:24:01.0537 5244 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:24:01.0539 5244 AxInstSV - ok
17:24:01.0565 5244 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:24:01.0570 5244 b06bdrv - ok
17:24:01.0591 5244 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:24:01.0591 5244 b57nd60a - ok
17:24:01.0611 5244 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:24:01.0621 5244 BDESVC - ok
17:24:01.0631 5244 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:24:01.0631 5244 Beep - ok
17:24:01.0661 5244 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:24:01.0671 5244 BFE - ok
17:24:01.0691 5244 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
17:24:01.0701 5244 BITS - ok
17:24:01.0711 5244 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:24:01.0711 5244 blbdrive - ok
17:24:01.0721 5244 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:24:01.0721 5244 bowser - ok
17:24:01.0731 5244 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:24:01.0731 5244 BrFiltLo - ok
17:24:01.0731 5244 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:24:01.0731 5244 BrFiltUp - ok
17:24:01.0771 5244 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:24:01.0771 5244 BridgeMP - ok
17:24:01.0781 5244 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
17:24:01.0781 5244 Browser - ok
17:24:01.0791 5244 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:24:01.0791 5244 Brserid - ok
17:24:01.0791 5244 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:24:01.0791 5244 BrSerWdm - ok
17:24:01.0801 5244 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:24:01.0801 5244 BrUsbMdm - ok
17:24:01.0811 5244 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:24:01.0811 5244 BrUsbSer - ok
17:24:01.0841 5244 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:24:01.0841 5244 BthEnum - ok
17:24:01.0841 5244 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:24:01.0851 5244 BTHMODEM - ok
17:24:01.0851 5244 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:24:01.0851 5244 BthPan - ok
17:24:01.0881 5244 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:24:01.0881 5244 BTHPORT - ok
17:24:01.0891 5244 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:24:01.0891 5244 bthserv - ok
17:24:01.0911 5244 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:24:01.0911 5244 BTHUSB - ok
17:24:01.0931 5244 catchme - ok
17:24:01.0931 5244 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:24:01.0941 5244 cdfs - ok
17:24:01.0961 5244 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:24:01.0961 5244 cdrom - ok
17:24:01.0981 5244 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:24:01.0981 5244 CertPropSvc - ok
17:24:02.0001 5244 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:24:02.0001 5244 circlass - ok
17:24:02.0021 5244 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:24:02.0021 5244 CLFS - ok
17:24:02.0061 5244 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:24:02.0061 5244 clr_optimization_v2.0.50727_32 - ok
17:24:02.0101 5244 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:24:02.0101 5244 clr_optimization_v2.0.50727_64 - ok
17:24:02.0141 5244 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:24:02.0141 5244 clr_optimization_v4.0.30319_32 - ok
17:24:02.0151 5244 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:24:02.0161 5244 clr_optimization_v4.0.30319_64 - ok
17:24:02.0171 5244 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:24:02.0171 5244 CmBatt - ok
17:24:02.0181 5244 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:24:02.0181 5244 cmdide - ok
17:24:02.0201 5244 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
17:24:02.0201 5244 CNG - ok
17:24:02.0211 5244 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:24:02.0211 5244 Compbatt - ok
17:24:02.0231 5244 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:24:02.0241 5244 CompositeBus - ok
17:24:02.0241 5244 COMSysApp - ok
17:24:02.0261 5244 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:24:02.0261 5244 crcdisk - ok
17:24:02.0271 5244 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:24:02.0271 5244 CryptSvc - ok
17:24:02.0301 5244 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:24:02.0301 5244 DcomLaunch - ok
17:24:02.0361 5244 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:24:02.0371 5244 defragsvc - ok
17:24:02.0381 5244 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:24:02.0381 5244 DfsC - ok
17:24:02.0401 5244 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:24:02.0411 5244 Dhcp - ok
17:24:02.0421 5244 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:24:02.0421 5244 discache - ok
17:24:02.0441 5244 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:24:02.0441 5244 Disk - ok
17:24:02.0451 5244 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:24:02.0451 5244 Dnscache - ok
17:24:02.0461 5244 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:24:02.0471 5244 dot3svc - ok
17:24:02.0471 5244 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:24:02.0471 5244 DPS - ok
17:24:02.0501 5244 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:24:02.0501 5244 drmkaud - ok
17:24:02.0531 5244 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:24:02.0531 5244 dtsoftbus01 - ok
17:24:02.0551 5244 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:24:02.0561 5244 DXGKrnl - ok
17:24:02.0571 5244 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:24:02.0571 5244 EapHost - ok
17:24:02.0630 5244 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:24:02.0678 5244 ebdrv - ok
17:24:02.0695 5244 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
17:24:02.0696 5244 EFS - ok
17:24:02.0746 5244 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:24:02.0753 5244 ehRecvr - ok
17:24:02.0762 5244 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:24:02.0764 5244 ehSched - ok
17:24:02.0785 5244 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:24:02.0791 5244 elxstor - ok
17:24:02.0802 5244 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:24:02.0803 5244 ErrDev - ok
17:24:02.0825 5244 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:24:02.0827 5244 EventSystem - ok
17:24:02.0884 5244 [ 3777AEC8CB30251E43BF0A2B4FEC07D5 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:24:02.0907 5244 EvtEng - ok
17:24:02.0921 5244 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:24:02.0924 5244 exfat - ok
17:24:02.0938 5244 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:24:02.0941 5244 fastfat - ok
17:24:02.0965 5244 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:24:02.0972 5244 Fax - ok
17:24:03.0005 5244 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:24:03.0007 5244 fdc - ok
17:24:03.0016 5244 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:24:03.0017 5244 fdPHost - ok
17:24:03.0026 5244 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:24:03.0028 5244 FDResPub - ok
17:24:03.0034 5244 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:24:03.0036 5244 FileInfo - ok
17:24:03.0048 5244 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:24:03.0049 5244 Filetrace - ok
17:24:03.0053 5244 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:24:03.0054 5244 flpydisk - ok
17:24:03.0064 5244 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:24:03.0067 5244 FltMgr - ok
17:24:03.0089 5244 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
17:24:03.0103 5244 FontCache - ok
17:24:03.0152 5244 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:24:03.0153 5244 FontCache3.0.0.0 - ok
17:24:03.0157 5244 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:24:03.0158 5244 FsDepends - ok
17:24:03.0170 5244 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:24:03.0171 5244 Fs_Rec - ok
17:24:03.0176 5244 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:24:03.0179 5244 fvevol - ok
17:24:03.0187 5244 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:24:03.0189 5244 gagp30kx - ok
17:24:03.0209 5244 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:24:03.0217 5244 gpsvc - ok
17:24:03.0254 5244 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:24:03.0256 5244 gupdate - ok
17:24:03.0259 5244 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:24:03.0260 5244 gupdatem - ok
17:24:03.0272 5244 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:24:03.0273 5244 hcw85cir - ok
17:24:03.0302 5244 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:24:03.0306 5244 HdAudAddService - ok
17:24:03.0326 5244 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:24:03.0328 5244 HDAudBus - ok
17:24:03.0331 5244 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:24:03.0332 5244 HidBatt - ok
17:24:03.0343 5244 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:24:03.0345 5244 HidBth - ok
17:24:03.0349 5244 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:24:03.0350 5244 HidIr - ok
17:24:03.0361 5244 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:24:03.0362 5244 hidserv - ok
17:24:03.0383 5244 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:24:03.0385 5244 HidUsb - ok
17:24:03.0397 5244 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:24:03.0399 5244 hkmsvc - ok
17:24:03.0408 5244 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:24:03.0411 5244 HomeGroupListener - ok
17:24:03.0431 5244 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:24:03.0434 5244 HomeGroupProvider - ok
17:24:03.0444 5244 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:24:03.0446 5244 HpSAMD - ok
17:24:03.0457 5244 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:24:03.0464 5244 HTTP - ok
17:24:03.0471 5244 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:24:03.0471 5244 hwpolicy - ok
17:24:03.0475 5244 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:24:03.0477 5244 i8042prt - ok
17:24:03.0487 5244 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
17:24:03.0492 5244 iaStorV - ok
17:24:03.0524 5244 [ 5534E14EF27EBE8563CDBCE6B88501A3 ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
17:24:03.0525 5244 IDMWFP - ok
17:24:03.0684 5244 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:24:03.0684 5244 idsvc - ok
17:24:03.0724 5244 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:24:03.0724 5244 iirsp - ok
17:24:03.0754 5244 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:24:03.0764 5244 IKEEXT - ok
17:24:03.0764 5244 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:24:03.0774 5244 intelide - ok
17:24:03.0794 5244 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:24:03.0794 5244 intelppm - ok
17:24:03.0804 5244 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:24:03.0814 5244 IPBusEnum - ok
17:24:03.0824 5244 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:24:03.0824 5244 IpFilterDriver - ok
17:24:03.0844 5244 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:24:03.0854 5244 iphlpsvc - ok
17:24:03.0854 5244 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:24:03.0854 5244 IPMIDRV - ok
17:24:03.0864 5244 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:24:03.0864 5244 IPNAT - ok
17:24:03.0884 5244 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:24:03.0884 5244 IRENUM - ok
17:24:03.0894 5244 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:24:03.0894 5244 isapnp - ok
17:24:03.0904 5244 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:24:03.0914 5244 iScsiPrt - ok
17:24:03.0924 5244 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:24:03.0924 5244 kbdclass - ok
17:24:03.0934 5244 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:24:03.0934 5244 kbdhid - ok
17:24:03.0944 5244 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
17:24:03.0944 5244 KeyIso - ok
17:24:03.0954 5244 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:24:03.0954 5244 KSecDD - ok
17:24:03.0954 5244 [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:24:03.0964 5244 KSecPkg - ok
17:24:03.0974 5244 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:24:03.0974 5244 ksthunk - ok
17:24:03.0994 5244 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:24:03.0994 5244 KtmRm - ok
17:24:04.0024 5244 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
17:24:04.0024 5244 L1C - ok
17:24:04.0054 5244 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:24:04.0054 5244 LanmanServer - ok
17:24:04.0074 5244 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:24:04.0074 5244 LanmanWorkstation - ok
17:24:04.0114 5244 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:24:04.0124 5244 LBTServ - ok
17:24:04.0144 5244 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:24:04.0144 5244 LHidFilt - ok
17:24:04.0164 5244 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:24:04.0174 5244 lltdio - ok
17:24:04.0184 5244 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:24:04.0184 5244 lltdsvc - ok
17:24:04.0194 5244 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:24:04.0194 5244 lmhosts - ok
17:24:04.0224 5244 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:24:04.0224 5244 LMouFilt - ok
17:24:04.0234 5244 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:24:04.0234 5244 LSI_FC - ok
17:24:04.0254 5244 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:24:04.0264 5244 LSI_SAS - ok
17:24:04.0264 5244 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:24:04.0274 5244 LSI_SAS2 - ok
17:24:04.0284 5244 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:24:04.0284 5244 LSI_SCSI - ok
17:24:04.0294 5244 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:24:04.0294 5244 luafv - ok
17:24:04.0314 5244 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:24:04.0314 5244 Mcx2Svc - ok
17:24:04.0324 5244 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:24:04.0324 5244 megasas - ok
17:24:04.0324 5244 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:24:04.0334 5244 MegaSR - ok
17:24:04.0344 5244 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:24:04.0344 5244 MMCSS - ok
17:24:04.0354 5244 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:24:04.0354 5244 Modem - ok
17:24:04.0364 5244 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:24:04.0364 5244 monitor - ok
17:24:04.0374 5244 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:24:04.0374 5244 mouclass - ok
17:24:04.0384 5244 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:24:04.0394 5244 mouhid - ok
17:24:04.0404 5244 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:24:04.0404 5244 mountmgr - ok
17:24:04.0434 5244 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:24:04.0434 5244 MpFilter - ok
17:24:04.0444 5244 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:24:04.0444 5244 mpio - ok
17:24:04.0454 5244 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:24:04.0454 5244 mpsdrv - ok
17:24:04.0474 5244 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:24:04.0484 5244 MpsSvc - ok
17:24:04.0494 5244 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:24:04.0494 5244 MRxDAV - ok
17:24:04.0504 5244 [ CFDCD8CA87C2A657DEBC150AC35B5E08 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:24:04.0504 5244 mrxsmb - ok
17:24:04.0524 5244 [ 1BEE517B220B7F024F411AEC1571DD5A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:24:04.0524 5244 mrxsmb10 - ok
17:24:04.0524 5244 [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:24:04.0524 5244 mrxsmb20 - ok
17:24:04.0544 5244 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:24:04.0544 5244 msahci - ok
17:24:04.0554 5244 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:24:04.0554 5244 msdsm - ok
17:24:04.0564 5244 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:24:04.0574 5244 MSDTC - ok
17:24:04.0594 5244 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:24:04.0596 5244 Msfs - ok
17:24:04.0609 5244 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:24:04.0610 5244 mshidkmdf - ok
17:24:04.0623 5244 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:24:04.0623 5244 msisadrv - ok
17:24:04.0641 5244 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:24:04.0644 5244 MSiSCSI - ok
17:24:04.0647 5244 msiserver - ok
17:24:04.0666 5244 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:24:04.0667 5244 MSKSSRV - ok
17:24:04.0706 5244 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:24:04.0706 5244 MsMpSvc - ok
17:24:04.0715 5244 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:24:04.0716 5244 MSPCLOCK - ok
17:24:04.0724 5244 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:24:04.0726 5244 MSPQM - ok
17:24:04.0738 5244 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:24:04.0741 5244 MsRPC - ok
17:24:04.0751 5244 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:24:04.0752 5244 mssmbios - ok
17:24:04.0761 5244 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:24:04.0762 5244 MSTEE - ok
17:24:04.0775 5244 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:24:04.0776 5244 MTConfig - ok
17:24:04.0804 5244 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
17:24:04.0805 5244 MTsensor - ok
17:24:04.0811 5244 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:24:04.0812 5244 Mup - ok
17:24:04.0839 5244 [ E8C8673E9A11B2C9DCAA7F954681DE79 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:24:04.0842 5244 MyWiFiDHCPDNS - ok
17:24:04.0866 5244 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:24:04.0872 5244 napagent - ok
17:24:04.0899 5244 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:24:04.0903 5244 NativeWifiP - ok
17:24:04.0923 5244 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:24:04.0927 5244 NDIS - ok
17:24:04.0941 5244 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:24:04.0942 5244 NdisCap - ok
17:24:04.0962 5244 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:24:04.0963 5244 NdisTapi - ok
17:24:04.0974 5244 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:24:04.0976 5244 Ndisuio - ok
17:24:04.0980 5244 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:24:04.0983 5244 NdisWan - ok
17:24:04.0994 5244 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:24:04.0996 5244 NDProxy - ok
17:24:05.0001 5244 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:24:05.0002 5244 NetBIOS - ok
17:24:05.0016 5244 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:24:05.0019 5244 NetBT - ok
17:24:05.0028 5244 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
17:24:05.0029 5244 Netlogon - ok
17:24:05.0048 5244 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:24:05.0051 5244 Netman - ok
17:24:05.0100 5244 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:24:05.0103 5244 NetMsmqActivator - ok
17:24:05.0106 5244 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:24:05.0107 5244 NetPipeActivator - ok
17:24:05.0125 5244 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:24:05.0130 5244 netprofm - ok
17:24:05.0133 5244 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:24:05.0135 5244 NetTcpActivator - ok
17:24:05.0138 5244 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:24:05.0139 5244 NetTcpPortSharing - ok
17:24:05.0608 5244 [ 9EC1EDEBBA8CF6A30899EE38AB1352CC ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
17:24:05.0728 5244 NETwNs64 - ok
17:24:05.0778 5244 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:24:05.0788 5244 nfrd960 - ok
17:24:05.0808 5244 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:24:05.0808 5244 NisDrv - ok
17:24:05.0838 5244 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:24:05.0838 5244 NisSrv - ok
17:24:05.0888 5244 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:24:05.0898 5244 NlaSvc - ok
17:24:05.0908 5244 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:24:05.0908 5244 Npfs - ok
17:24:05.0918 5244 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:24:05.0918 5244 nsi - ok
17:24:05.0938 5244 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:24:05.0938 5244 nsiproxy - ok
17:24:05.0958 5244 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:24:05.0968 5244 Ntfs - ok
17:24:05.0998 5244 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:24:05.0998 5244 Null - ok
17:24:06.0038 5244 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:24:06.0038 5244 NVHDA - ok
17:24:06.0801 5244 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:24:06.0864 5244 nvlddmkm - ok
17:24:06.0903 5244 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:24:06.0906 5244 nvraid - ok
17:24:06.0930 5244 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
17:24:06.0932 5244 nvstor - ok
17:24:06.0977 5244 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
17:24:06.0985 5244 nvsvc - ok
17:24:07.0031 5244 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:24:07.0034 5244 nv_agp - ok
17:24:07.0102 5244 [ 71C97F97A909A990C7F60C77908BAFF9 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
17:24:07.0126 5244 OfficeSvc - ok
17:24:07.0130 5244 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:24:07.0132 5244 ohci1394 - ok
17:24:07.0178 5244 [ FF93D67903FDEABCD4470CD82F44ACFA ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:24:07.0181 5244 ose - ok
17:24:07.0284 5244 [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:24:07.0359 5244 osppsvc - ok
17:24:07.0452 5244 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:24:07.0464 5244 p2pimsvc - ok
17:24:07.0484 5244 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:24:07.0490 5244 p2psvc - ok
17:24:07.0497 5244 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:24:07.0499 5244 Parport - ok
17:24:07.0512 5244 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:24:07.0513 5244 partmgr - ok
17:24:07.0526 5244 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:24:07.0529 5244 PcaSvc - ok
17:24:07.0543 5244 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:24:07.0545 5244 pci - ok
17:24:07.0556 5244 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:24:07.0557 5244 pciide - ok
17:24:07.0562 5244 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:24:07.0565 5244 pcmcia - ok
17:24:07.0571 5244 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:24:07.0571 5244 pcw - ok
17:24:07.0581 5244 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:24:07.0591 5244 PEAUTH - ok
17:24:07.0671 5244 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:24:07.0671 5244 PerfHost - ok
17:24:07.0701 5244 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:24:07.0761 5244 pla - ok
17:24:07.0771 5244 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:24:07.0781 5244 PlugPlay - ok
17:24:07.0781 5244 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:24:07.0791 5244 PNRPAutoReg - ok
17:24:07.0801 5244 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:24:07.0801 5244 PNRPsvc - ok
17:24:07.0821 5244 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:24:07.0831 5244 PolicyAgent - ok
17:24:07.0851 5244 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:24:07.0851 5244 Power - ok
17:24:07.0871 5244 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:24:07.0881 5244 PptpMiniport - ok
17:24:07.0891 5244 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:24:07.0891 5244 Processor - ok
17:24:07.0911 5244 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
17:24:07.0911 5244 ProfSvc - ok
17:24:07.0921 5244 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
17:24:07.0921 5244 ProtectedStorage - ok
17:24:07.0941 5244 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:24:07.0941 5244 Psched - ok
17:24:07.0981 5244 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:24:07.0991 5244 ql2300 - ok
17:24:08.0001 5244 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:24:08.0001 5244 ql40xx - ok
17:24:08.0011 5244 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:24:08.0011 5244 QWAVE - ok
17:24:08.0021 5244 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:24:08.0021 5244 QWAVEdrv - ok
17:24:08.0031 5244 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:24:08.0031 5244 RasAcd - ok
17:24:08.0061 5244 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:24:08.0061 5244 RasAgileVpn - ok
17:24:08.0071 5244 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:24:08.0071 5244 RasAuto - ok
17:24:08.0091 5244 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:24:08.0091 5244 Rasl2tp - ok
17:24:08.0101 5244 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:24:08.0101 5244 RasMan - ok
17:24:08.0111 5244 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:24:08.0111 5244 RasPppoe - ok
17:24:08.0111 5244 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:24:08.0111 5244 RasSstp - ok
17:24:08.0121 5244 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:24:08.0121 5244 rdbss - ok
17:24:08.0131 5244 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:24:08.0141 5244 rdpbus - ok
17:24:08.0161 5244 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:24:08.0161 5244 RDPCDD - ok
17:24:08.0171 5244 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:24:08.0171 5244 RDPENCDD - ok
17:24:08.0171 5244 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:24:08.0171 5244 RDPREFMP - ok
17:24:08.0201 5244 [ 074AC702D8B8B660B0E1371555995386 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:24:08.0201 5244 RDPWD - ok
17:24:08.0211 5244 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:24:08.0211 5244 rdyboost - ok
17:24:08.0251 5244 [ A60A9F1720F5DA1431A3DEC14D8833F4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:24:08.0261 5244 RegSrvc - ok
17:24:08.0271 5244 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:24:08.0281 5244 RemoteAccess - ok
17:24:08.0291 5244 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:24:08.0291 5244 RemoteRegistry - ok
17:24:08.0321 5244 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:24:08.0321 5244 RFCOMM - ok
17:24:08.0341 5244 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:24:08.0341 5244 RpcEptMapper - ok
17:24:08.0361 5244 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:24:08.0371 5244 RpcLocator - ok
17:24:08.0391 5244 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll
17:24:08.0391 5244 RpcSs - ok
17:24:08.0401 5244 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:24:08.0401 5244 rspndr - ok
17:24:08.0441 5244 [ D63C9C1A427A134461258B7B8742858F ] RTCore64 C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
17:24:08.0441 5244 RTCore64 - ok
17:24:08.0451 5244 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
17:24:08.0451 5244 SamSs - ok
17:24:08.0461 5244 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:24:08.0461 5244 sbp2port - ok
17:24:08.0481 5244 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:24:08.0481 5244 SCardSvr - ok
17:24:08.0491 5244 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:24:08.0491 5244 scfilter - ok
17:24:08.0521 5244 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
17:24:08.0521 5244 Schedule - ok
17:24:08.0551 5244 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:24:08.0551 5244 SCPolicySvc - ok
17:24:08.0561 5244 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:24:08.0561 5244 sdbus - ok
17:24:08.0571 5244 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:24:08.0571 5244 SDRSVC - ok
17:24:08.0595 5244 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:24:08.0597 5244 secdrv - ok
17:24:08.0610 5244 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:24:08.0612 5244 seclogon - ok
17:24:08.0622 5244 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:24:08.0624 5244 SENS - ok
17:24:08.0631 5244 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:24:08.0633 5244 SensrSvc - ok
17:24:08.0652 5244 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:24:08.0654 5244 Serenum - ok
17:24:08.0675 5244 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:24:08.0677 5244 Serial - ok
17:24:08.0687 5244 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:24:08.0688 5244 sermouse - ok
17:24:08.0701 5244 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:24:08.0703 5244 SessionEnv - ok
17:24:08.0707 5244 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:24:08.0708 5244 sffdisk - ok
17:24:08.0711 5244 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:24:08.0712 5244 sffp_mmc - ok
17:24:08.0715 5244 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:24:08.0716 5244 sffp_sd - ok
17:24:08.0719 5244 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:24:08.0720 5244 sfloppy - ok
17:24:08.0750 5244 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:24:08.0755 5244 SharedAccess - ok
17:24:08.0776 5244 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:24:08.0779 5244 ShellHWDetection - ok
17:24:08.0788 5244 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:24:08.0790 5244 SiSRaid2 - ok
17:24:08.0798 5244 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:24:08.0800 5244 SiSRaid4 - ok
17:24:08.0811 5244 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:24:08.0812 5244 Smb - ok
17:24:08.0819 5244 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:24:08.0820 5244 SNMPTRAP - ok
17:24:08.0834 5244 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:24:08.0834 5244 spldr - ok
17:24:08.0848 5244 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
17:24:08.0851 5244 Spooler - ok
17:24:08.0906 5244 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:24:08.0958 5244 sppsvc - ok
17:24:08.0981 5244 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:24:08.0983 5244 sppuinotify - ok
17:24:08.0995 5244 [ EC8F67289105BF270498095F14963464 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:24:09.0000 5244 srv - ok
17:24:09.0007 5244 [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:24:09.0012 5244 srv2 - ok
17:24:09.0023 5244 [ 26E84D3649019C3244622E654DFCD75B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:24:09.0025 5244 srvnet - ok
17:24:09.0043 5244 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:24:09.0045 5244 SSDPSRV - ok
17:24:09.0080 5244 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
17:24:09.0089 5244 SSPORT - ok
17:24:09.0100 5244 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:24:09.0103 5244 SstpSvc - ok
17:24:09.0123 5244 Steam Client Service - ok
17:24:09.0175 5244 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:24:09.0178 5244 Stereo Service - ok
17:24:09.0191 5244 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:24:09.0192 5244 stexstor - ok
17:24:09.0219 5244 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:24:09.0226 5244 stisvc - ok
17:24:09.0235 5244 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:24:09.0235 5244 swenum - ok
17:24:09.0254 5244 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:24:09.0261 5244 swprv - ok
17:24:09.0294 5244 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:24:09.0320 5244 SysMain - ok
17:24:09.0329 5244 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:24:09.0332 5244 TabletInputService - ok
17:24:09.0347 5244 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:24:09.0349 5244 TapiSrv - ok
17:24:09.0358 5244 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:24:09.0359 5244 TBS - ok
17:24:09.0398 5244 [ 7FC877A25796D8ADF539E64703FCA7E1 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:24:09.0407 5244 Tcpip - ok
17:24:09.0448 5244 [ 7FC877A25796D8ADF539E64703FCA7E1 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:24:09.0456 5244 TCPIP6 - ok
17:24:09.0484 5244 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:24:09.0485 5244 tcpipreg - ok
17:24:09.0497 5244 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:24:09.0498 5244 TDPIPE - ok
17:24:09.0521 5244 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:24:09.0522 5244 TDTCP - ok
17:24:09.0541 5244 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:24:09.0542 5244 tdx - ok
17:24:09.0551 5244 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:24:09.0552 5244 TermDD - ok
17:24:09.0623 5244 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:24:09.0623 5244 TermService - ok
17:24:09.0643 5244 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:24:09.0643 5244 Themes - ok
17:24:09.0683 5244 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:24:09.0683 5244 THREADORDER - ok
17:24:09.0693 5244 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:24:09.0693 5244 TrkWks - ok
17:24:09.0723 5244 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:24:09.0723 5244 TrustedInstaller - ok
17:24:09.0743 5244 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:24:09.0743 5244 tssecsrv - ok
17:24:09.0773 5244 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:24:09.0773 5244 tunnel - ok
17:24:09.0793 5244 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:24:09.0793 5244 uagp35 - ok
17:24:09.0803 5244 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:24:09.0803 5244 udfs - ok
17:24:09.0813 5244 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:24:09.0823 5244 UI0Detect - ok
17:24:09.0833 5244 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:24:09.0833 5244 uliagpkx - ok
17:24:09.0843 5244 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:24:09.0843 5244 umbus - ok
17:24:09.0853 5244 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:24:09.0853 5244 UmPass - ok
17:24:09.0863 5244 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:24:09.0863 5244 upnphost - ok
17:24:09.0883 5244 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:24:09.0883 5244 usbccgp - ok
17:24:09.0883 5244 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:24:09.0883 5244 usbcir - ok
17:24:09.0893 5244 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:24:09.0893 5244 usbehci - ok
17:24:09.0903 5244 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:24:09.0903 5244 usbhub - ok
17:24:09.0913 5244 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:24:09.0913 5244 usbohci - ok
17:24:09.0923 5244 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:24:09.0923 5244 usbprint - ok
17:24:09.0933 5244 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:24:09.0953 5244 USBSTOR - ok
17:24:09.0953 5244 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:24:09.0953 5244 usbuhci - ok
17:24:09.0983 5244 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:24:09.0983 5244 usbvideo - ok
17:24:10.0003 5244 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:24:10.0003 5244 UxSms - ok
17:24:10.0013 5244 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
17:24:10.0013 5244 VaultSvc - ok
17:24:10.0033 5244 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:24:10.0033 5244 vdrvroot - ok
17:24:10.0043 5244 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:24:10.0053 5244 vds - ok
17:24:10.0063 5244 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:24:10.0073 5244 vga - ok
17:24:10.0083 5244 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:24:10.0083 5244 VgaSave - ok
17:24:10.0083 5244 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:24:10.0093 5244 vhdmp - ok
17:24:10.0093 5244 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:24:10.0093 5244 viaide - ok
17:24:10.0103 5244 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:24:10.0113 5244 volmgr - ok
17:24:10.0113 5244 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:24:10.0123 5244 volmgrx - ok
17:24:10.0133 5244 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:24:10.0143 5244 volsnap - ok
17:24:10.0143 5244 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:24:10.0143 5244 vsmraid - ok
17:24:10.0183 5244 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:24:10.0203 5244 VSS - ok
17:24:10.0223 5244 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:24:10.0223 5244 vwifibus - ok
17:24:10.0233 5244 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:24:10.0233 5244 vwififlt - ok
17:24:10.0243 5244 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:24:10.0243 5244 vwifimp - ok
17:24:10.0263 5244 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:24:10.0263 5244 W32Time - ok
17:24:10.0283 5244 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:24:10.0283 5244 WacomPen - ok
17:24:10.0283 5244 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:24:10.0293 5244 WANARP - ok
17:24:10.0293 5244 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:24:10.0293 5244 Wanarpv6 - ok
17:24:10.0323 5244 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:24:10.0343 5244 wbengine - ok
17:24:10.0353 5244 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:24:10.0363 5244 WbioSrvc - ok
17:24:10.0373 5244 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:24:10.0383 5244 wcncsvc - ok
17:24:10.0383 5244 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:24:10.0393 5244 WcsPlugInService - ok
17:24:10.0403 5244 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:24:10.0403 5244 Wd - ok
17:24:10.0413 5244 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:24:10.0423 5244 Wdf01000 - ok
17:24:10.0433 5244 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:24:10.0433 5244 WdiServiceHost - ok
17:24:10.0433 5244 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:24:10.0433 5244 WdiSystemHost - ok
17:24:10.0453 5244 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
17:24:10.0453 5244 WebClient - ok
17:24:10.0473 5244 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:24:10.0473 5244 Wecsvc - ok
17:24:10.0483 5244 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:24:10.0483 5244 wercplsupport - ok
17:24:10.0503 5244 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:24:10.0503 5244 WerSvc - ok
17:24:10.0503 5244 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:24:10.0503 5244 WfpLwf - ok
17:24:10.0523 5244 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:24:10.0523 5244 WIMMount - ok
17:24:10.0533 5244 WinDefend - ok
17:24:10.0533 5244 WinHttpAutoProxySvc - ok
17:24:10.0573 5244 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:24:10.0573 5244 Winmgmt - ok
17:24:10.0621 5244 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:24:10.0663 5244 WinRM - ok
17:24:10.0696 5244 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:24:10.0708 5244 Wlansvc - ok
17:24:10.0825 5244 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:24:10.0852 5244 wlidsvc - ok
17:24:10.0856 5244 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:24:10.0857 5244 WmiAcpi - ok
17:24:10.0871 5244 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:24:10.0874 5244 wmiApSrv - ok
17:24:10.0890 5244 WMPNetworkSvc - ok
17:24:10.0903 5244 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:24:10.0905 5244 WPCSvc - ok
17:24:10.0919 5244 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:24:10.0922 5244 WPDBusEnum - ok
17:24:10.0947 5244 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:24:10.0948 5244 ws2ifsl - ok
17:24:10.0960 5244 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:24:10.0962 5244 wscsvc - ok
17:24:10.0965 5244 WSearch - ok
17:24:11.0013 5244 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:24:11.0047 5244 wuauserv - ok
17:24:11.0063 5244 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:24:11.0065 5244 WudfPf - ok
17:24:11.0081 5244 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:24:11.0084 5244 WUDFRd - ok
17:24:11.0107 5244 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:24:11.0109 5244 wudfsvc - ok
17:24:11.0122 5244 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:24:11.0126 5244 WwanSvc - ok
17:24:11.0147 5244 ================ Scan global ===============================
17:24:11.0167 5244 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:24:11.0188 5244 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
17:24:11.0195 5244 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
17:24:11.0220 5244 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:24:11.0247 5244 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:24:11.0249 5244 [Global] - ok
17:24:11.0250 5244 ================ Scan MBR ==================================
17:24:11.0255 5244 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:24:11.0766 5244 \Device\Harddisk0\DR0 - ok
17:24:11.0766 5244 ================ Scan VBR ==================================
17:24:11.0806 5244 [ A6DF4AF51CEFF943DB94DDC8F588BD01 ] \Device\Harddisk0\DR0\Partition1
17:24:11.0806 5244 \Device\Harddisk0\DR0\Partition1 - ok
17:24:11.0816 5244 [ C5BB88F5E14546B6268BD1EABD7223B5 ] \Device\Harddisk0\DR0\Partition2
17:24:11.0816 5244 \Device\Harddisk0\DR0\Partition2 - ok
17:24:11.0816 5244 ============================================================
17:24:11.0816 5244 Scan finished
17:24:11.0816 5244 ============================================================
17:24:11.0826 5236 Detected object count: 0
17:24:11.0826 5236 Actual detected object count: 0
17:24:49.0159 5752 ============================================================
17:24:49.0159 5752 Scan started
17:24:49.0159 5752 Mode: Manual; SigCheck; TDLFS;
17:24:49.0159 5752 ============================================================
17:24:49.0829 5752 ================ Scan system memory ========================
17:24:49.0829 5752 System memory - ok
17:24:49.0829 5752 ================ Scan services =============================
17:24:49.0939 5752 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:24:49.0989 5752 1394ohci - ok
17:24:49.0989 5752 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:24:50.0009 5752 ACPI - ok
17:24:50.0019 5752 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:24:50.0069 5752 AcpiPmi - ok
17:24:50.0109 5752 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:24:50.0119 5752 AdobeARMservice - ok
17:24:50.0209 5752 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:24:50.0219 5752 AdobeFlashPlayerUpdateSvc - ok
17:24:50.0239 5752 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:24:50.0249 5752 adp94xx - ok
17:24:50.0249 5752 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:24:50.0269 5752 adpahci - ok
17:24:50.0269 5752 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:24:50.0279 5752 adpu320 - ok
17:24:50.0299 5752 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:24:50.0349 5752 AeLookupSvc - ok
17:24:50.0379 5752 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
17:24:50.0409 5752 AFD - ok
17:24:50.0419 5752 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:24:50.0429 5752 agp440 - ok
17:24:50.0449 5752 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:24:50.0479 5752 ALG - ok
17:24:50.0489 5752 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:24:50.0499 5752 aliide - ok
17:24:50.0509 5752 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:24:50.0509 5752 amdide - ok
17:24:50.0519 5752 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:24:50.0549 5752 AmdK8 - ok
17:24:50.0549 5752 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:24:50.0559 5752 AmdPPM - ok
17:24:50.0579 5752 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:24:50.0589 5752 amdsata - ok
17:24:50.0599 5752 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:24:50.0609 5752 amdsbs - ok
17:24:50.0619 5752 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:24:50.0629 5752 amdxata - ok
17:24:50.0639 5752 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:24:50.0679 5752 AppID - ok
17:24:50.0689 5752 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:24:50.0719 5752 AppIDSvc - ok
17:24:50.0759 5752 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:24:50.0779 5752 Appinfo - ok
17:24:50.0799 5752 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:24:50.0799 5752 arc - ok
17:24:50.0809 5752 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:24:50.0819 5752 arcsas - ok
17:24:50.0849 5752 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
17:24:50.0879 5752 ASLDRService - ok
17:24:50.0949 5752 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
17:24:50.0949 5752 ASMMAP64 - ok
17:24:51.0059 5752 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:24:51.0069 5752 aspnet_state - ok
17:24:51.0089 5752 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:24:51.0119 5752 AsyncMac - ok
17:24:51.0129 5752 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:24:51.0129 5752 atapi - ok
17:24:51.0149 5752 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
17:24:51.0179 5752 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
17:24:51.0179 5752 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
17:24:51.0209 5752 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:24:51.0239 5752 AudioEndpointBuilder - ok
17:24:51.0249 5752 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:24:51.0279 5752 AudioSrv - ok
17:24:51.0289 5752 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:24:51.0329 5752 AxInstSV - ok
17:24:51.0349 5752 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:24:51.0379 5752 b06bdrv - ok
17:24:51.0389 5752 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:24:51.0409 5752 b57nd60a - ok
17:24:51.0419 5752 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:24:51.0449 5752 BDESVC - ok
17:24:51.0449 5752 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:24:51.0489 5752 Beep - ok
17:24:51.0519 5752 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:24:51.0559 5752 BFE - ok
17:24:51.0589 5752 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
17:24:51.0629 5752 BITS - ok
17:24:51.0659 5752 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:24:51.0659 5752 blbdrive - ok
17:24:51.0679 5752 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:24:51.0709 5752 bowser - ok
17:24:51.0709 5752 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:24:51.0719 5752 BrFiltLo - ok
17:24:51.0729 5752 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:24:51.0739 5752 BrFiltUp - ok
17:24:51.0739 5752 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:24:51.0769 5752 BridgeMP - ok
17:24:51.0789 5752 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
17:24:51.0809 5752 Browser - ok
17:24:51.0829 5752 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:24:51.0859 5752 Brserid - ok
17:24:51.0869 5752 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:24:51.0879 5752 BrSerWdm - ok
17:24:51.0889 5752 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:24:51.0909 5752 BrUsbMdm - ok
17:24:51.0909 5752 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:24:51.0939 5752 BrUsbSer - ok
17:24:51.0959 5752 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:24:51.0989 5752 BthEnum - ok
17:24:51.0989 5752 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:24:52.0039 5752 BTHMODEM - ok
17:24:52.0049 5752 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:24:52.0059 5752 BthPan - ok
17:24:52.0079 5752 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:24:52.0109 5752 BTHPORT - ok
17:24:52.0129 5752 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:24:52.0179 5752 bthserv - ok
17:24:52.0229 5752 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:24:52.0249 5752 BTHUSB - ok
17:24:52.0249 5752 catchme - ok
17:24:52.0269 5752 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:24:52.0299 5752 cdfs - ok
17:24:52.0309 5752 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:24:52.0329 5752 cdrom - ok
17:24:52.0339 5752 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:24:52.0369 5752 CertPropSvc - ok
17:24:52.0379 5752 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:24:52.0389 5752 circlass - ok
17:24:52.0469 5752 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:24:52.0479 5752 CLFS - ok
17:24:52.0629 5752 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:24:52.0639 5752 clr_optimization_v2.0.50727_32 - ok
17:24:52.0729 5752 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:24:52.0739 5752 clr_optimization_v2.0.50727_64 - ok
17:24:52.0819 5752 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:24:52.0829 5752 clr_optimization_v4.0.30319_32 - ok
17:24:52.0849 5752 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:24:52.0849 5752 clr_optimization_v4.0.30319_64 - ok
17:24:52.0859 5752 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:24:52.0879 5752 CmBatt - ok
17:24:52.0899 5752 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:24:52.0909 5752 cmdide - ok
17:24:52.0939 5752 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
17:24:52.0959 5752 CNG - ok
17:24:52.0969 5752 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:24:52.0979 5752 Compbatt - ok
17:24:52.0989 5752 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:24:53.0009 5752 CompositeBus - ok
17:24:53.0009 5752 COMSysApp - ok
17:24:53.0019 5752 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:24:53.0029 5752 crcdisk - ok
17:24:53.0049 5752 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:24:53.0079 5752 CryptSvc - ok
17:24:53.0159 5752 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:24:53.0189 5752 DcomLaunch - ok
17:24:53.0239 5752 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:24:53.0279 5752 defragsvc - ok
17:24:53.0289 5752 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:24:53.0339 5752 DfsC - ok
17:24:53.0359 5752 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:24:53.0389 5752 Dhcp - ok
17:24:53.0399 5752 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:24:53.0429 5752 discache - ok
17:24:53.0439 5752 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:24:53.0439 5752 Disk - ok
17:24:53.0459 5752 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:24:53.0489 5752 Dnscache - ok
17:24:53.0509 5752 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:24:53.0549 5752 dot3svc - ok
17:24:53.0559 5752 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:24:53.0589 5752 DPS - ok
17:24:53.0599 5752 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:24:53.0609 5752 drmkaud - ok
17:24:53.0629 5752 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:24:53.0629 5752 dtsoftbus01 - ok
17:24:53.0659 5752 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:24:53.0689 5752 DXGKrnl - ok
17:24:53.0709 5752 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:24:53.0769 5752 EapHost - ok
17:24:54.0039 5752 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:24:54.0079 5752 ebdrv - ok
17:24:54.0109 5752 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
17:24:54.0119 5752 EFS - ok
17:24:54.0169 5752 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:24:54.0189 5752 ehRecvr - ok
17:24:54.0199 5752 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:24:54.0209 5752 ehSched - ok
17:24:54.0239 5752 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:24:54.0249 5752 elxstor - ok
17:24:54.0259 5752 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:24:54.0269 5752 ErrDev - ok
17:24:54.0359 5752 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:24:54.0389 5752 EventSystem - ok
17:24:54.0559 5752 [ 3777AEC8CB30251E43BF0A2B4FEC07D5 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:24:54.0579 5752 EvtEng - ok
17:24:54.0609 5752 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:24:54.0649 5752 exfat - ok
17:24:54.0659 5752 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:24:54.0699 5752 fastfat - ok
17:24:54.0719 5752 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:24:54.0739 5752 Fax - ok
17:24:54.0749 5752 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:24:54.0769 5752 fdc - ok
17:24:54.0779 5752 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:24:54.0809 5752 fdPHost - ok
17:24:54.0819 5752 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:24:54.0849 5752 FDResPub - ok
17:24:54.0859 5752 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:24:54.0869 5752 FileInfo - ok
17:24:54.0889 5752 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:24:54.0939 5752 Filetrace - ok
17:24:54.0949 5752 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:24:54.0959 5752 flpydisk - ok
17:24:54.0979 5752 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:24:54.0989 5752 FltMgr - ok
17:24:55.0129 5752 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
17:24:55.0167 5752 FontCache - ok
17:24:55.0234 5752 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:24:55.0240 5752 FontCache3.0.0.0 - ok
17:24:55.0243 5752 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:24:55.0251 5752 FsDepends - ok
17:24:55.0277 5752 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:24:55.0285 5752 Fs_Rec - ok
17:24:55.0330 5752 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:24:55.0342 5752 fvevol - ok
17:24:55.0361 5752 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:24:55.0369 5752 gagp30kx - ok
17:24:55.0500 5752 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:24:55.0519 5752 gpsvc - ok
17:24:55.0586 5752 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:24:55.0592 5752 gupdate - ok
17:24:55.0619 5752 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:24:55.0625 5752 gupdatem - ok
17:24:55.0654 5752 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:24:55.0699 5752 hcw85cir - ok
17:24:55.0725 5752 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:24:55.0739 5752 HdAudAddService - ok
17:24:55.0766 5752 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:24:55.0783 5752 HDAudBus - ok
17:24:55.0798 5752 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:24:55.0816 5752 HidBatt - ok
17:24:55.0820 5752 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:24:55.0841 5752 HidBth - ok
17:24:55.0844 5752 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:24:55.0857 5752 HidIr - ok
17:24:55.0876 5752 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:24:55.0905 5752 hidserv - ok
17:24:55.0915 5752 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:24:55.0924 5752 HidUsb - ok
17:24:55.0945 5752 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:24:55.0973 5752 hkmsvc - ok
17:24:56.0016 5752 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:24:56.0044 5752 HomeGroupListener - ok
17:24:56.0063 5752 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:24:56.0080 5752 HomeGroupProvider - ok
17:24:56.0092 5752 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:24:56.0101 5752 HpSAMD - ok
17:24:56.0116 5752 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:24:56.0151 5752 HTTP - ok
17:24:56.0161 5752 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:24:56.0168 5752 hwpolicy - ok
17:24:56.0171 5752 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:24:56.0181 5752 i8042prt - ok
17:24:56.0211 5752 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
17:24:56.0221 5752 iaStorV - ok
17:24:56.0241 5752 [ 5534E14EF27EBE8563CDBCE6B88501A3 ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
17:24:56.0251 5752 IDMWFP - ok
17:24:56.0381 5752 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:24:56.0391 5752 idsvc - ok
17:24:56.0411 5752 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:24:56.0411 5752 iirsp - ok
17:24:56.0521 5752 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:24:56.0571 5752 IKEEXT - ok
17:24:56.0571 5752 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:24:56.0581 5752 intelide - ok
17:24:56.0591 5752 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:24:56.0601 5752 intelppm - ok
17:24:56.0621 5752 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:24:56.0651 5752 IPBusEnum - ok
17:24:56.0661 5752 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:24:56.0691 5752 IpFilterDriver - ok
17:24:56.0771 5752 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:24:56.0811 5752 iphlpsvc - ok
17:24:56.0811 5752 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:24:56.0821 5752 IPMIDRV - ok
17:24:56.0821 5752 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:24:56.0861 5752 IPNAT - ok
17:24:56.0871 5752 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:24:56.0881 5752 IRENUM - ok
17:24:56.0901 5752 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:24:56.0911 5752 isapnp - ok
17:24:56.0931 5752 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:24:56.0941 5752 iScsiPrt - ok
17:24:56.0961 5752 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:24:56.0961 5752 kbdclass - ok
17:24:56.0981 5752 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:24:56.0991 5752 kbdhid - ok
17:24:57.0001 5752 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
17:24:57.0011 5752 KeyIso - ok
17:24:57.0011 5752 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:24:57.0021 5752 KSecDD - ok
17:24:57.0031 5752 [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:24:57.0031 5752 KSecPkg - ok
17:24:57.0041 5752 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:24:57.0091 5752 ksthunk - ok
17:24:57.0121 5752 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:24:57.0161 5752 KtmRm - ok
17:24:57.0171 5752 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
17:24:57.0181 5752 L1C - ok
17:24:57.0201 5752 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:24:57.0231 5752 LanmanServer - ok
17:24:57.0251 5752 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:24:57.0271 5752 LanmanWorkstation - ok
17:24:57.0441 5752 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:24:57.0451 5752 LBTServ - ok
17:24:57.0521 5752 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:24:57.0531 5752 LHidFilt - ok
17:24:57.0561 5752 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:24:57.0581 5752 lltdio - ok
17:24:57.0711 5752 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:24:57.0771 5752 lltdsvc - ok
17:24:57.0791 5752 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:24:57.0811 5752 lmhosts - ok
17:24:57.0851 5752 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:24:57.0861 5752 LMouFilt - ok
17:24:57.0911 5752 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:24:57.0941 5752 LSI_FC - ok
17:24:57.0961 5752 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:24:57.0971 5752 LSI_SAS - ok
17:24:57.0981 5752 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:24:57.0991 5752 LSI_SAS2 - ok
17:24:58.0011 5752 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:24:58.0021 5752 LSI_SCSI - ok
17:24:58.0051 5752 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:24:58.0081 5752 luafv - ok
17:24:58.0101 5752 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:24:58.0131 5752 Mcx2Svc - ok
17:24:58.0141 5752 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:24:58.0151 5752 megasas - ok
17:24:58.0161 5752 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:24:58.0171 5752 MegaSR - ok
17:24:58.0201 5752 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:24:58.0221 5752 MMCSS - ok
17:24:58.0281 5752 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:24:58.0331 5752 Modem - ok
17:24:58.0341 5752 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:24:58.0391 5752 monitor - ok
17:24:58.0401 5752 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:24:58.0411 5752 mouclass - ok
17:24:58.0421 5752 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:24:58.0431 5752 mouhid - ok
17:24:58.0431 5752 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:24:58.0441 5752 mountmgr - ok
17:24:58.0471 5752 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:24:58.0481 5752 MpFilter - ok
17:24:58.0481 5752 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:24:58.0491 5752 mpio - ok
17:24:58.0501 5752 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:24:58.0531 5752 mpsdrv - ok
17:24:58.0611 5752 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:24:58.0641 5752 MpsSvc - ok
17:24:58.0701 5752 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:24:58.0721 5752 MRxDAV - ok
17:24:58.0731 5752 [ CFDCD8CA87C2A657DEBC150AC35B5E08 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:24:58.0791 5752 mrxsmb - ok
17:24:58.0801 5752 [ 1BEE517B220B7F024F411AEC1571DD5A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:24:58.0831 5752 mrxsmb10 - ok
17:24:58.0831 5752 [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:24:58.0861 5752 mrxsmb20 - ok
17:24:58.0881 5752 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:24:58.0891 5752 msahci - ok
17:24:58.0901 5752 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:24:58.0911 5752 msdsm - ok
17:24:58.0941 5752 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:24:58.0951 5752 MSDTC - ok
17:24:58.0961 5752 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:24:58.0991 5752 Msfs - ok
17:24:59.0001 5752 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:24:59.0121 5752 mshidkmdf - ok
17:24:59.0141 5752 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:24:59.0151 5752 msisadrv - ok
17:24:59.0171 5752 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:24:59.0201 5752 MSiSCSI - ok
17:24:59.0201 5752 msiserver - ok
17:24:59.0221 5752 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:24:59.0261 5752 MSKSSRV - ok
17:24:59.0291 5752 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:24:59.0301 5752 MsMpSvc - ok
17:24:59.0311 5752 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:24:59.0331 5752 MSPCLOCK - ok
17:24:59.0341 5752 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:24:59.0371 5752 MSPQM - ok
17:24:59.0411 5752 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:24:59.0421 5752 MsRPC - ok
17:24:59.0451 5752 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:24:59.0461 5752 mssmbios - ok
17:24:59.0491 5752 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:24:59.0551 5752 MSTEE - ok
17:24:59.0561 5752 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:24:59.0601 5752 MTConfig - ok
17:24:59.0651 5752 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
17:24:59.0651 5752 MTsensor - ok
17:24:59.0661 5752 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:24:59.0671 5752 Mup - ok
17:24:59.0751 5752 [ E8C8673E9A11B2C9DCAA7F954681DE79 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:24:59.0761 5752 MyWiFiDHCPDNS - ok
17:24:59.0781 5752 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:24:59.0811 5752 napagent - ok
17:24:59.0831 5752 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:24:59.0851 5752 NativeWifiP - ok
17:24:59.0961 5752 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:24:59.0981 5752 NDIS - ok
17:24:59.0991 5752 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:25:00.0031 5752 NdisCap - ok
17:25:00.0041 5752 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:25:00.0091 5752 NdisTapi - ok
17:25:00.0111 5752 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:25:00.0151 5752 Ndisuio - ok
17:25:00.0171 5752 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:25:00.0211 5752 NdisWan - ok
17:25:00.0221 5752 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:25:00.0261 5752 NDProxy - ok
17:25:00.0281 5752 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:25:00.0341 5752 NetBIOS - ok
17:25:00.0351 5752 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:25:00.0381 5752 NetBT - ok
17:25:00.0401 5752 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
17:25:00.0401 5752 Netlogon - ok
17:25:00.0431 5752 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:25:00.0461 5752 Netman - ok
17:25:00.0501 5752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:25:00.0511 5752 NetMsmqActivator - ok
17:25:00.0521 5752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:25:00.0531 5752 NetPipeActivator - ok
17:25:00.0541 5752 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:25:00.0591 5752 netprofm - ok
17:25:00.0591 5752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:25:00.0601 5752 NetTcpActivator - ok
17:25:00.0621 5752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:25:00.0621 5752 NetTcpPortSharing - ok
17:25:00.0811 5752 [ 9EC1EDEBBA8CF6A30899EE38AB1352CC ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
17:25:00.0891 5752 NETwNs64 - ok
17:25:00.0911 5752 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:25:00.0921 5752 nfrd960 - ok
17:25:00.0941 5752 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:25:00.0951 5752 NisDrv - ok
17:25:00.0981 5752 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:25:00.0991 5752 NisSrv - ok
17:25:01.0011 5752 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:25:01.0051 5752 NlaSvc - ok
17:25:01.0071 5752 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:25:01.0101 5752 Npfs - ok
17:25:01.0111 5752 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:25:01.0161 5752 nsi - ok
17:25:01.0181 5752 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:25:01.0221 5752 nsiproxy - ok
17:25:01.0271 5752 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:25:01.0291 5752 Ntfs - ok
17:25:01.0321 5752 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:25:01.0341 5752 Null - ok
17:25:01.0371 5752 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:25:01.0381 5752 NVHDA - ok
17:25:01.0541 5752 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:25:01.0701 5752 nvlddmkm - ok
17:25:01.0721 5752 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:25:01.0731 5752 nvraid - ok
17:25:01.0731 5752 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
17:25:01.0741 5752 nvstor - ok
17:25:01.0781 5752 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
17:25:01.0791 5752 nvsvc - ok
17:25:01.0811 5752 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:25:01.0821 5752 nv_agp - ok
17:25:01.0871 5752 [ 71C97F97A909A990C7F60C77908BAFF9 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
17:25:01.0891 5752 OfficeSvc - ok
17:25:01.0901 5752 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:25:01.0911 5752 ohci1394 - ok
17:25:01.0951 5752 [ FF93D67903FDEABCD4470CD82F44ACFA ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:25:01.0951 5752 ose - ok
17:25:02.0051 5752 [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:25:02.0121 5752 osppsvc - ok
17:25:02.0151 5752 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:25:02.0161 5752 p2pimsvc - ok
17:25:02.0181 5752 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:25:02.0191 5752 p2psvc - ok
17:25:02.0191 5752 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:25:02.0201 5752 Parport - ok
17:25:02.0211 5752 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:25:02.0221 5752 partmgr - ok
17:25:02.0241 5752 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:25:02.0261 5752 PcaSvc - ok
17:25:02.0261 5752 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:25:02.0271 5752 pci - ok
17:25:02.0281 5752 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:25:02.0291 5752 pciide - ok
17:25:02.0301 5752 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:25:02.0311 5752 pcmcia - ok
17:25:02.0321 5752 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:25:02.0331 5752 pcw - ok
17:25:02.0341 5752 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:25:02.0371 5752 PEAUTH - ok
17:25:02.0441 5752 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:25:02.0461 5752 PerfHost - ok
17:25:02.0501 5752 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:25:02.0541 5752 pla - ok
17:25:02.0561 5752 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:25:02.0591 5752 PlugPlay - ok
17:25:02.0611 5752 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:25:02.0611 5752 PNRPAutoReg - ok
17:25:02.0631 5752 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:25:02.0641 5752 PNRPsvc - ok
17:25:02.0661 5752 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:25:02.0701 5752 PolicyAgent - ok
17:25:02.0711 5752 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:25:02.0751 5752 Power - ok
17:25:02.0761 5752 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:25:02.0791 5752 PptpMiniport - ok
17:25:02.0801 5752 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:25:02.0811 5752 Processor - ok
17:25:02.0811 5752 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
17:25:02.0841 5752 ProfSvc - ok
17:25:02.0851 5752 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
17:25:02.0861 5752 ProtectedStorage - ok
17:25:02.0881 5752 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:25:02.0901 5752 Psched - ok
17:25:02.0921 5752 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:25:02.0951 5752 ql2300 - ok
17:25:02.0961 5752 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:25:02.0961 5752 ql40xx - ok
17:25:02.0981 5752 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:25:02.0991 5752 QWAVE - ok
17:25:03.0001 5752 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:25:03.0011 5752 QWAVEdrv - ok
17:25:03.0021 5752 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:25:03.0051 5752 RasAcd - ok
17:25:03.0061 5752 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:25:03.0091 5752 RasAgileVpn - ok
17:25:03.0101 5752 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:25:03.0131 5752 RasAuto - ok
17:25:03.0141 5752 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:25:03.0181 5752 Rasl2tp - ok
17:25:03.0201 5752 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:25:03.0231 5752 RasMan - ok
17:25:03.0231 5752 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:25:03.0261 5752 RasPppoe - ok
17:25:03.0261 5752 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:25:03.0291 5752 RasSstp - ok
17:25:03.0291 5752 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:25:03.0321 5752 rdbss - ok
17:25:03.0331 5752 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:25:03.0351 5752 rdpbus - ok
17:25:03.0361 5752 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:25:03.0401 5752 RDPCDD - ok
17:25:03.0411 5752 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:25:03.0431 5752 RDPENCDD - ok
17:25:03.0441 5752 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:25:03.0461 5752 RDPREFMP - ok
17:25:03.0491 5752 [ 074AC702D8B8B660B0E1371555995386 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:25:03.0511 5752 RDPWD - ok
17:25:03.0521 5752 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:25:03.0531 5752 rdyboost - ok
17:25:03.0571 5752 [ A60A9F1720F5DA1431A3DEC14D8833F4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:25:03.0581 5752 RegSrvc - ok
17:25:03.0601 5752 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:25:03.0631 5752 RemoteAccess - ok
17:25:03.0641 5752 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:25:03.0671 5752 RemoteRegistry - ok
17:25:03.0691 5752 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:25:03.0701 5752 RFCOMM - ok
17:25:03.0701 5752 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:25:03.0731 5752 RpcEptMapper - ok
17:25:03.0751 5752 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:25:03.0761 5752 RpcLocator - ok
17:25:03.0781 5752 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll
17:25:03.0811 5752 RpcSs - ok
17:25:03.0831 5752 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:25:03.0851 5752 rspndr - ok
17:25:03.0881 5752 [ D63C9C1A427A134461258B7B8742858F ] RTCore64 C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
17:25:03.0891 5752 RTCore64 - ok
17:25:03.0901 5752 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
17:25:03.0911 5752 SamSs - ok
17:25:03.0921 5752 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:25:03.0931 5752 sbp2port - ok
17:25:03.0931 5752 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:25:03.0971 5752 SCardSvr - ok
17:25:03.0981 5752 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:25:04.0011 5752 scfilter - ok
17:25:04.0031 5752 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
17:25:04.0071 5752 Schedule - ok
17:25:04.0091 5752 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:25:04.0111 5752 SCPolicySvc - ok
17:25:04.0121 5752 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:25:04.0151 5752 sdbus - ok
17:25:04.0171 5752 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:25:04.0201 5752 SDRSVC - ok
17:25:04.0211 5752 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:25:04.0231 5752 secdrv - ok
17:25:04.0241 5752 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:25:04.0271 5752 seclogon - ok
17:25:04.0281 5752 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:25:04.0311 5752 SENS - ok
17:25:04.0321 5752 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:25:04.0351 5752 SensrSvc - ok
17:25:04.0361 5752 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:25:04.0371 5752 Serenum - ok
17:25:04.0381 5752 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:25:04.0401 5752 Serial - ok
17:25:04.0401 5752 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:25:04.0411 5752 sermouse - ok
17:25:04.0431 5752 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:25:04.0471 5752 SessionEnv - ok
17:25:04.0471 5752 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:25:04.0491 5752 sffdisk - ok
17:25:04.0491 5752 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:25:04.0501 5752 sffp_mmc - ok
17:25:04.0501 5752 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:25:04.0511 5752 sffp_sd - ok
17:25:04.0521 5752 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:25:04.0531 5752 sfloppy - ok
17:25:04.0551 5752 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:25:04.0591 5752 SharedAccess - ok
17:25:04.0611 5752 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:25:04.0631 5752 ShellHWDetection - ok
17:25:04.0641 5752 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:25:04.0651 5752 SiSRaid2 - ok
17:25:04.0661 5752 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:25:04.0671 5752 SiSRaid4 - ok
17:25:04.0671 5752 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:25:04.0711 5752 Smb - ok
17:25:04.0761 5752 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:25:04.0781 5752 SNMPTRAP - ok
17:25:04.0801 5752 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:25:04.0811 5752 spldr - ok
17:25:04.0821 5752 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
17:25:04.0841 5752 Spooler - ok
17:25:04.0891 5752 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:25:04.0941 5752 sppsvc - ok
17:25:04.0961 5752 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:25:04.0981 5752 sppuinotify - ok
17:25:05.0001 5752 [ EC8F67289105BF270498095F14963464 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:25:05.0031 5752 srv - ok
17:25:05.0031 5752 [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:25:05.0071 5752 srv2 - ok
17:25:05.0071 5752 [ 26E84D3649019C3244622E654DFCD75B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:25:05.0111 5752 srvnet - ok
17:25:05.0131 5752 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:25:05.0161 5752 SSDPSRV - ok
17:25:05.0181 5752 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
17:25:05.0191 5752 SSPORT - ok
17:25:05.0191 5752 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:25:05.0221 5752 SstpSvc - ok
17:25:05.0231 5752 Steam Client Service - ok
17:25:05.0271 5752 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:25:05.0281 5752 Stereo Service - ok
17:25:05.0281 5752 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:25:05.0291 5752 stexstor - ok
17:25:05.0321 5752 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:25:05.0341 5752 stisvc - ok
17:25:05.0341 5752 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:25:05.0351 5752 swenum - ok
17:25:05.0361 5752 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:25:05.0391 5752 swprv - ok
17:25:05.0421 5752 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:25:05.0451 5752 SysMain - ok
17:25:05.0461 5752 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:25:05.0471 5752 TabletInputService - ok
17:25:05.0481 5752 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:25:05.0511 5752 TapiSrv - ok
17:25:05.0521 5752 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:25:05.0541 5752 TBS - ok
17:25:05.0581 5752 [ 7FC877A25796D8ADF539E64703FCA7E1 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:25:05.0611 5752 Tcpip - ok
17:25:05.0641 5752 [ 7FC877A25796D8ADF539E64703FCA7E1 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:25:05.0671 5752 TCPIP6 - ok
17:25:05.0681 5752 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:25:05.0701 5752 tcpipreg - ok
17:25:05.0711 5752 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:25:05.0731 5752 TDPIPE - ok
17:25:05.0761 5752 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:25:05.0761 5752 TDTCP - ok
17:25:05.0781 5752 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:25:05.0801 5752 tdx - ok
17:25:05.0821 5752 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:25:05.0831 5752 TermDD - ok
17:25:05.0841 5752 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:25:05.0881 5752 TermService - ok
17:25:05.0881 5752 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:25:05.0901 5752 Themes - ok
17:25:05.0921 5752 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:25:05.0951 5752 THREADORDER - ok
17:25:05.0991 5752 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:25:06.0031 5752 TrkWks - ok
17:25:06.0061 5752 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:25:06.0071 5752 TrustedInstaller - ok
17:25:06.0081 5752 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:25:06.0121 5752 tssecsrv - ok
17:25:06.0151 5752 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:25:06.0171 5752 tunnel - ok
17:25:06.0191 5752 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:25:06.0201 5752 uagp35 - ok
17:25:06.0201 5752 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:25:06.0231 5752 udfs - ok
17:25:06.0261 5752 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:25:06.0271 5752 UI0Detect - ok
17:25:06.0271 5752 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:25:06.0281 5752 uliagpkx - ok
17:25:06.0281 5752 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:25:06.0291 5752 umbus - ok
17:25:06.0301 5752 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:25:06.0311 5752 UmPass - ok
17:25:06.0321 5752 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:25:06.0351 5752 upnphost - ok
17:25:06.0361 5752 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:25:06.0381 5752 usbccgp - ok
17:25:06.0391 5752 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:25:06.0401 5752 usbcir - ok
17:25:06.0421 5752 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:25:06.0431 5752 usbehci - ok
17:25:06.0431 5752 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:25:06.0441 5752 usbhub - ok
17:25:06.0451 5752 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:25:06.0461 5752 usbohci - ok
17:25:06.0471 5752 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:25:06.0481 5752 usbprint - ok
17:25:06.0481 5752 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:25:06.0491 5752 USBSTOR - ok
17:25:06.0491 5752 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:25:06.0501 5752 usbuhci - ok
17:25:06.0521 5752 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:25:06.0531 5752 usbvideo - ok
17:25:06.0551 5752 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:25:06.0571 5752 UxSms - ok
17:25:06.0581 5752 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
17:25:06.0591 5752 VaultSvc - ok
17:25:06.0591 5752 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:25:06.0601 5752 vdrvroot - ok
17:25:06.0611 5752 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:25:06.0631 5752 vds - ok
17:25:06.0641 5752 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:25:06.0651 5752 vga - ok
17:25:06.0651 5752 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:25:06.0691 5752 VgaSave - ok
17:25:06.0691 5752 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:25:06.0701 5752 vhdmp - ok
17:25:06.0711 5752 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:25:06.0721 5752 viaide - ok
17:25:06.0731 5752 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:25:06.0741 5752 volmgr - ok
17:25:06.0751 5752 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:25:06.0761 5752 volmgrx - ok
17:25:06.0771 5752 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:25:06.0781 5752 volsnap - ok
17:25:06.0791 5752 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:25:06.0801 5752 vsmraid - ok
17:25:06.0841 5752 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:25:06.0861 5752 VSS - ok
17:25:06.0871 5752 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:25:06.0881 5752 vwifibus - ok
17:25:06.0891 5752 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:25:06.0911 5752 vwififlt - ok
17:25:06.0921 5752 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:25:06.0941 5752 vwifimp - ok
17:25:06.0961 5752 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:25:06.0991 5752 W32Time - ok
17:25:07.0001 5752 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:25:07.0011 5752 WacomPen - ok
17:25:07.0021 5752 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:25:07.0051 5752 WANARP - ok
17:25:07.0061 5752 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:25:07.0081 5752 Wanarpv6 - ok
17:25:07.0121 5752 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:25:07.0141 5752 wbengine - ok
17:25:07.0151 5752 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:25:07.0171 5752 WbioSrvc - ok
17:25:07.0181 5752 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:25:07.0201 5752 wcncsvc - ok
17:25:07.0211 5752 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:25:07.0241 5752 WcsPlugInService - ok
17:25:07.0251 5752 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:25:07.0261 5752 Wd - ok
17:25:07.0271 5752 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:25:07.0281 5752 Wdf01000 - ok
17:25:07.0291 5752 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:25:07.0321 5752 WdiServiceHost - ok
17:25:07.0321 5752 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:25:07.0341 5752 WdiSystemHost - ok
17:25:07.0351 5752 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
17:25:07.0371 5752 WebClient - ok
17:25:07.0381 5752 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:25:07.0411 5752 Wecsvc - ok
17:25:07.0431 5752 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:25:07.0451 5752 wercplsupport - ok
17:25:07.0461 5752 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:25:07.0491 5752 WerSvc - ok
17:25:07.0501 5752 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:25:07.0531 5752 WfpLwf - ok
17:25:07.0541 5752 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:25:07.0551 5752 WIMMount - ok
17:25:07.0561 5752 WinDefend - ok
17:25:07.0571 5752 WinHttpAutoProxySvc - ok
17:25:07.0601 5752 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:25:07.0631 5752 Winmgmt - ok
17:25:07.0681 5752 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:25:07.0731 5752 WinRM - ok
17:25:07.0761 5752 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:25:07.0781 5752 Wlansvc - ok
17:25:07.0831 5752 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:25:07.0861 5752 wlidsvc - ok
17:25:07.0871 5752 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:25:07.0881 5752 WmiAcpi - ok
17:25:07.0901 5752 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:25:07.0911 5752 wmiApSrv - ok
17:25:07.0921 5752 WMPNetworkSvc - ok
17:25:07.0921 5752 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:25:07.0941 5752 WPCSvc - ok
17:25:07.0941 5752 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:25:07.0971 5752 WPDBusEnum - ok
17:25:07.0971 5752 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:25:08.0011 5752 ws2ifsl - ok
17:25:08.0081 5752 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:25:08.0101 5752 wscsvc - ok
17:25:08.0101 5752 WSearch - ok
17:25:08.0141 5752 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:25:08.0171 5752 wuauserv - ok
17:25:08.0181 5752 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:25:08.0211 5752 WudfPf - ok
17:25:08.0221 5752 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:25:08.0251 5752 WUDFRd - ok
17:25:08.0271 5752 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:25:08.0311 5752 wudfsvc - ok
17:25:08.0321 5752 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:25:08.0341 5752 WwanSvc - ok
17:25:08.0351 5752 ================ Scan global ===============================
17:25:08.0381 5752 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:25:08.0391 5752 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
17:25:08.0391 5752 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
17:25:08.0411 5752 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:25:08.0441 5752 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:25:08.0441 5752 [Global] - ok
17:25:08.0441 5752 ================ Scan MBR ==================================
17:25:08.0451 5752 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:25:08.0811 5752 \Device\Harddisk0\DR0 - ok
17:25:08.0811 5752 ================ Scan VBR ==================================
17:25:08.0811 5752 [ A6DF4AF51CEFF943DB94DDC8F588BD01 ] \Device\Harddisk0\DR0\Partition1
17:25:08.0821 5752 \Device\Harddisk0\DR0\Partition1 - ok
17:25:08.0851 5752 [ C5BB88F5E14546B6268BD1EABD7223B5 ] \Device\Harddisk0\DR0\Partition2
17:25:08.0851 5752 \Device\Harddisk0\DR0\Partition2 - ok
17:25:08.0851 5752 ============================================================
17:25:08.0851 5752 Scan finished
17:25:08.0851 5752 ============================================================
17:25:08.0861 5592 Detected object count: 1
17:25:08.0861 5592 Actual detected object count: 1
17:25:38.0937 5592 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:25:38.0937 5592 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

The event viewer logs: After I cleared the windows logs as asked.

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 02/12/2012 5:44:31 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 02/12/2012 5:44:53 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OTL log

OTL logfile created on: 12/2/2012 5:45:50 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anuj\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.93 Gb Total Physical Memory | 3.29 Gb Available Physical Memory | 55.38% Memory free
11.87 Gb Paging File | 8.73 Gb Available in Paging File | 73.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 589.23 Gb Free Space | 84.35% Space Free | Partition Type: NTFS

Computer Name: ANUJ-PC | User Name: Anuj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/11/26 23:07:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anuj\Downloads\OTL.exe
PRC - [2012/11/09 21:07:46 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/11/09 19:33:51 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/11/08 16:58:24 | 016,070,136 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/10/17 05:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/16 06:07:14 | 003,478,936 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/05/25 07:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2009/10/26 10:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/10/09 10:27:44 | 006,937,216 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/22 20:25:00 | 000,102,400 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\D3DOverrider.exe
PRC - [2009/08/19 20:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe

========== Modules (No Company Name) ==========

MOD - [2012/12/02 17:40:38 | 000,571,392 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\pysqlite2._sqlite.pyd
MOD - [2012/12/02 17:40:38 | 000,096,256 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32api.pyd
MOD - [2012/12/02 17:40:38 | 000,086,016 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\_elementtree.pyd
MOD - [2012/12/02 17:40:38 | 000,040,448 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\_socket.pyd
MOD - [2012/12/02 17:40:38 | 000,023,040 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32ts.pyd
MOD - [2012/12/02 17:40:37 | 001,169,408 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\wx._core_.pyd
MOD - [2012/12/02 17:40:37 | 001,024,024 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\windows._cacheinvalidation.pyd
MOD - [2012/12/02 17:40:37 | 000,807,424 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\wx._windows_.pyd
MOD - [2012/12/02 17:40:37 | 000,792,576 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\wx._gdi_.pyd
MOD - [2012/12/02 17:40:37 | 000,731,136 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\wx._misc_.pyd
MOD - [2012/12/02 17:40:37 | 000,645,120 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\_ssl.pyd
MOD - [2012/12/02 17:40:37 | 000,354,304 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\pythoncom26.dll
MOD - [2012/12/02 17:40:37 | 000,311,808 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\_hashlib.pyd
MOD - [2012/12/02 17:40:37 | 000,263,168 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32com.shell.shell.pyd
MOD - [2012/12/02 17:40:37 | 000,121,856 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\wx._wizard.pyd
MOD - [2012/12/02 17:40:37 | 000,111,104 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32file.pyd
MOD - [2012/12/02 17:40:37 | 000,110,592 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32security.pyd
MOD - [2012/12/02 17:40:37 | 000,110,592 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\PyWinTypes26.dll
MOD - [2012/12/02 17:40:37 | 000,073,728 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\_ctypes.pyd
MOD - [2012/12/02 17:40:37 | 000,070,656 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\wx._html2.pyd
MOD - [2012/12/02 17:40:37 | 000,039,424 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32inet.pyd
MOD - [2012/12/02 17:40:37 | 000,036,352 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32process.pyd
MOD - [2012/12/02 17:40:37 | 000,022,528 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32pdh.pyd
MOD - [2012/12/02 17:40:37 | 000,017,920 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32profile.pyd
MOD - [2012/12/02 17:40:37 | 000,011,776 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32crypt.pyd
MOD - [2012/12/02 17:40:36 | 001,056,256 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\wx._controls_.pyd
MOD - [2012/12/02 17:40:36 | 000,585,728 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\unicodedata.pyd
MOD - [2012/12/02 17:40:36 | 000,153,088 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\pyexpat.pyd
MOD - [2012/12/02 17:40:36 | 000,017,920 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\win32event.pyd
MOD - [2012/12/02 17:40:36 | 000,011,776 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI29162\select.pyd
MOD - [2012/11/27 22:43:17 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll
MOD - [2012/11/27 22:43:16 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
MOD - [2012/11/27 22:43:15 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
MOD - [2012/11/27 22:42:30 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
MOD - [2012/11/27 22:42:29 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libegl.dll
MOD - [2012/11/27 22:42:22 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
MOD - [2012/11/27 22:42:21 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
MOD - [2012/11/27 22:42:21 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
MOD - [2012/11/10 23:21:36 | 006,307,952 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\1033\grooveintlresource.dll
MOD - [2012/11/09 21:11:59 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/11/09 21:11:58 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/11/09 21:11:58 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/11/09 21:11:58 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/11/09 21:11:58 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/10/17 05:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
MOD - [2012/06/29 23:18:08 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTMUI.dll
MOD - [2012/06/29 23:18:04 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTHAL.dll
MOD - [2012/06/29 23:17:48 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTCore.dll
MOD - [2012/06/29 23:17:40 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTUI.dll
MOD - [2012/06/29 23:17:34 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTFC.dll
MOD - [2011/05/01 01:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTTSH.dll
MOD - [2009/08/22 20:25:00 | 000,106,496 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\RTUI.dll
MOD - [2009/08/22 20:25:00 | 000,102,400 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\D3DOverrider.exe
MOD - [2009/08/22 20:25:00 | 000,057,344 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\RTFC.dll
MOD - [2009/08/22 20:25:00 | 000,032,768 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\D3DOverriderHooks.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/09/11 18:13:02 | 001,494,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2011/09/27 14:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/01/12 15:57:54 | 001,430,800 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/01/12 15:38:18 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/01/12 15:36:22 | 000,840,976 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2012/11/09 17:58:23 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/11/09 21:10:11 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/07/03 10:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/02/07 20:13:32 | 000,149,640 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/09/02 01:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 01:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/01/19 02:28:56 | 008,080,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2009/10/28 00:09:33 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/13 09:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2007/07/24 11:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2012/10/17 05:21:00 | 000,015,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys -- (RTCore64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A8 14 70 5F 57 CB CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Anuj\AppData\Roaming\IDM\idmmzcc5 [2012/11/10 00:26:11 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: AutoPatchWork = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeolcjbaammbkgaiagooljfdepnjmkfd\1.9.7_0\
CHR - Extension: Google Drive = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: NeoGAF Live Thread = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbfgndoggabppkoehpipfadjelcofmp\1.0.6_0\
CHR - Extension: YouTube = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Reddit Widget [ANTP] = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpcomccnnochpjdakpakbieihbglblcn\1.3.3.2_0\
CHR - Extension: Search by Image (by Google) = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.3.2_0\
CHR - Extension: Center Image = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiklnjkgjkmamgoaggongdmekajdlki\2.1_0\
CHR - Extension: imgur = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\1.1.3_0\
CHR - Extension: AdBlock = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.48_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: Fauxbar = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hibkhcnpkakjniplpfblaoikiggkopka\1.2.10_0\
CHR - Extension: TabJump - Intelligent Tab Navigator = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokofmgcicpnjchllaccgedmmmbbnbmf\0.7.9_0\
CHR - Extension: Wolfram|Alpha (Official) = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp\1.2.2_0\
CHR - Extension: Auto Replay for YouTube = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.20_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\
CHR - Extension: Auto HD For YouTube = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\3.3_0\
CHR - Extension: StayFocusd = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.3.7_0\
CHR - Extension: Awesome New Tab Page = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2012.147.2.0_0\
CHR - Extension: Google Mail Checker = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Antisocial = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pghncadecdbeoiklgemofaoampiiicmn\0.2.4_0\
CHR - Extension: Gmail = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/02 17:18:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [D3DOverrider] C:\Users\Anuj\D3DOverrider\D3DOverriderWrapper.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{469E2B3B-63F0-4692-B4BF-D9BAF35DB118}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpFolder: C:^Users^Anuj^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Anuj\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: win32 - hkey= - key= - C:\kernels\drivers.vbs ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/12/02 17:38:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2012/12/02 17:26:46 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Malwarebytes
[2012/12/02 17:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/02 17:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/12/02 17:26:28 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/02 17:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/12/02 17:18:04 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/12/02 17:09:22 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/12/02 17:09:22 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/12/02 17:09:22 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/12/02 17:06:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/02 17:06:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/11/29 02:02:45 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\HD Tune Pro
[2012/11/27 19:39:11 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/11/27 11:34:29 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\FLiNGTrainer
[2012/11/26 22:38:06 | 006,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/11/26 22:38:06 | 003,293,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/11/26 22:38:06 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/11/26 22:38:06 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/11/26 22:38:06 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/11/26 22:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/11/26 22:36:58 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/11/26 22:36:58 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/11/26 22:36:58 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012/11/26 22:36:58 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/11/26 22:36:58 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012/11/26 22:36:57 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/11/26 22:36:57 | 014,922,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/11/26 22:36:57 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/11/26 22:36:57 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/11/26 22:36:57 | 002,428,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/11/26 22:36:56 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/11/26 22:36:56 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/11/26 22:36:56 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/11/26 22:36:56 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/11/26 22:36:56 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012/11/26 22:36:56 | 002,731,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/11/26 22:36:56 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/11/26 22:36:56 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/11/26 22:36:56 | 001,760,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/11/26 22:36:55 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/11/26 22:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/11/26 22:34:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/11/26 22:24:24 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X
[2012/11/26 22:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/11/25 23:25:32 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\NVIDIA
[2012/11/23 20:42:28 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Ubisoft Game Launcher
[2012/11/23 20:42:08 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\Assassin's Creed III
[2012/11/23 20:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
[2012/11/23 20:41:05 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Assassin's Creed III
[2012/11/23 01:09:32 | 000,000,000 | R--D | C] -- C:\Kernels
[2012/11/23 01:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2012/11/23 00:58:16 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\GetRightToGo
[2012/11/23 00:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA 3D Vision driver
[2012/11/23 00:39:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012/11/22 01:23:06 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Theta
[2012/11/22 01:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012/11/22 01:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012/11/21 21:43:00 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Brice_Lambson
[2012/11/21 21:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows
[2012/11/21 21:41:43 | 000,000,000 | ---D | C] -- C:\Program Files\Image Resizer for Windows
[2012/11/21 21:41:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image Resizer for Windows
[2012/11/21 21:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2012/11/21 18:05:03 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\SCX-3200_PrintD_3.11.28.00
[2012/11/21 18:00:33 | 000,011,576 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\drivers\SSPORT.SYS
[2012/11/16 06:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/11/16 01:50:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/11/16 01:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2012/11/16 01:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/11/16 01:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/11/16 01:49:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/11/15 17:43:25 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Applications
[2012/11/13 16:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2012/11/13 16:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATKGFNEX
[2012/11/13 16:38:30 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/11/13 16:38:16 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\InstallShield
[2012/11/13 16:38:04 | 000,015,928 | ---- | C] (ASUS) -- C:\Windows\SysNative\drivers\ATK64AMD.sys
[2012/11/13 09:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
[2012/11/13 09:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\R
[2012/11/11 15:50:07 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\Diablo III
[2012/11/10 23:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2012/11/10 23:33:23 | 000,000,000 | R--D | C] -- C:\Users\Anuj\SkyDrive
[2012/11/10 23:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2012/11/10 23:23:42 | 000,000,000 | R--D | C] -- C:\MSOCache
[2012/11/10 23:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2012/11/10 23:16:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/11/10 23:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/11/10 23:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2012/11/10 22:36:16 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2012/11/10 22:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter Standard
[2012/11/10 22:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PingPlotter Standard
[2012/11/10 22:36:09 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\PingPlotter
[2012/11/10 22:35:47 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Downloaded Installations
[2012/11/10 22:30:35 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\My Cheat Tables
[2012/11/10 22:26:53 | 000,000,000 | ---D | C] -- C:\Users\Anuj\D3DOverrider
[2012/11/10 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/11/10 22:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/11/10 22:08:07 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\Games for Windows - LIVE Demos
[2012/11/10 22:03:59 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\CAPCOM
[2012/11/10 21:56:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/11/10 21:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShiftWindow
[2012/11/10 21:55:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ShiftWindow
[2012/11/10 05:21:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/11/10 05:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/11/10 05:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Capcom
[2012/11/10 05:07:48 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\ElevatedDiagnostics
[2012/11/10 05:07:39 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/11/10 01:05:40 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\LogiShrd
[2012/11/10 01:04:21 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2012/11/10 01:03:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/11/10 01:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012/11/10 01:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2012/11/10 01:01:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/11/10 01:00:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EVGA Precision X
[2012/11/10 00:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2012/11/10 00:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2012/11/10 00:26:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\IDM
[2012/11/10 00:26:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\DMCache
[2012/11/10 00:26:06 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/11/10 00:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/11/10 00:26:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2012/11/10 00:13:55 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\vlc
[2012/11/09 22:23:35 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/11/09 22:23:02 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/11/09 22:22:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/11/09 22:12:12 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/11/09 22:12:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/11/09 22:03:32 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/11/09 22:03:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/11/09 21:42:57 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/11/09 21:34:19 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\My Received Files
[2012/11/09 21:32:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd
[2012/11/09 21:27:02 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/11/09 21:27:02 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/11/09 21:27:02 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/11/09 21:27:02 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/11/09 21:27:00 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/11/09 21:27:00 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/11/09 21:27:00 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/11/09 21:27:00 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/11/09 21:26:59 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/11/09 21:26:59 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/11/09 21:26:58 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/11/09 21:26:58 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/11/09 21:26:57 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/11/09 21:26:57 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/11/09 21:26:56 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/11/09 21:26:56 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/11/09 21:26:55 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/11/09 21:26:55 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/11/09 21:26:55 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/11/09 21:26:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/11/09 21:26:54 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/11/09 21:26:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/11/09 21:26:53 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/11/09 21:26:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/11/09 21:26:49 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/11/09 21:26:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/11/09 21:26:48 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/11/09 21:26:48 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/11/09 21:26:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/11/09 21:26:48 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/11/09 21:26:47 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/11/09 21:26:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/11/09 21:26:47 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/11/09 21:26:47 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/11/09 21:26:46 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/11/09 21:26:46 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/11/09 21:26:46 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/11/09 21:26:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/11/09 21:26:43 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/11/09 21:26:43 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/11/09 21:26:42 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/11/09 21:26:42 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/11/09 21:26:42 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/11/09 21:26:42 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/11/09 21:26:42 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/11/09 21:26:42 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/11/09 21:26:41 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/11/09 21:26:41 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/11/09 21:26:41 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/11/09 21:26:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/11/09 21:26:40 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/11/09 21:26:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/11/09 21:26:40 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/11/09 21:26:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/11/09 21:26:39 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/11/09 21:26:39 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/11/09 21:26:39 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/11/09 21:26:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/11/09 21:26:39 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/11/09 21:26:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/11/09 21:26:38 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/11/09 21:26:38 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/11/09 21:26:38 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/11/09 21:26:38 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/11/09 21:26:37 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/11/09 21:26:37 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/11/09 21:26:37 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/11/09 21:26:37 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/11/09 21:26:36 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/11/09 21:26:36 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/11/09 21:26:36 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/11/09 21:26:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/11/09 21:26:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/11/09 21:26:36 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/11/09 21:26:35 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/11/09 21:26:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/11/09 21:26:34 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/11/09 21:26:34 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/11/09 21:26:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/11/09 21:26:34 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/11/09 21:26:34 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/11/09 21:26:34 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/11/09 21:26:33 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/11/09 21:26:33 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/11/09 21:26:33 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/11/09 21:26:33 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/11/09 21:26:33 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/11/09 21:26:33 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/11/09 21:26:32 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/11/09 21:26:32 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/11/09 21:26:31 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/11/09 21:26:31 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/11/09 21:26:30 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/11/09 21:26:30 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/11/09 21:26:30 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/11/09 21:26:30 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/11/09 21:26:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/11/09 21:26:30 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/11/09 21:26:30 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/11/09 21:26:30 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/11/09 21:26:29 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/11/09 21:26:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/11/09 21:26:28 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/11/09 21:26:28 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/11/09 21:26:26 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/11/09 21:26:26 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/11/09 21:26:26 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/11/09 21:26:26 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/11/09 21:26:25 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/11/09 21:26:25 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/11/09 21:26:23 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/11/09 21:26:23 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/11/09 21:26:22 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/11/09 21:26:22 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/11/09 21:26:22 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/11/09 21:26:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/11/09 21:26:22 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/11/09 21:26:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/11/09 21:26:21 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/11/09 21:26:21 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/11/09 21:26:21 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/11/09 21:26:21 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/11/09 21:26:20 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/11/09 21:26:20 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/11/09 21:26:20 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/11/09 21:26:20 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/11/09 21:26:19 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/11/09 21:26:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/11/09 21:26:18 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/11/09 21:26:18 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/11/09 21:26:17 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/11/09 21:26:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/11/09 21:26:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/11/09 21:26:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/11/09 21:26:17 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/11/09 21:26:17 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/11/09 21:26:16 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/11/09 21:26:16 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/11/09 21:26:15 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/11/09 21:26:15 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/11/09 21:26:14 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/11/09 21:26:14 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/11/09 21:26:14 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/11/09 21:26:14 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/11/09 21:26:13 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/11/09 21:26:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/11/09 21:26:12 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/11/09 21:26:12 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/11/09 21:26:12 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/11/09 21:26:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/11/09 21:26:12 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/11/09 21:26:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/11/09 21:26:11 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/11/09 21:26:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/11/09 21:26:10 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/11/09 21:26:10 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/11/09 21:26:09 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/11/09 21:26:09 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/11/09 21:26:09 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/11/09 21:26:09 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/11/09 21:26:06 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/11/09 21:26:06 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/11/09 21:26:06 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/11/09 21:26:06 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/11/09 21:26:02 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/11/09 21:26:02 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/11/09 21:26:02 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/11/09 21:26:02 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/11/09 21:26:02 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/11/09 21:26:02 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/11/09 21:26:01 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/11/09 21:26:01 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/11/09 21:26:00 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/11/09 21:26:00 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/11/09 21:26:00 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/11/09 21:26:00 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/11/09 21:25:59 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/11/09 21:25:59 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/11/09 21:25:58 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/11/09 21:25:58 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/11/09 21:17:31 | 000,000,000 | --SD | C] -- C:\Users\Anuj\Google Drive
[2012/11/09 21:14:30 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Tracing
[2012/11/09 21:11:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/11/09 21:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/11/09 21:11:35 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/11/09 21:10:11 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/11/09 21:10:06 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\DAEMON Tools Lite
[2012/11/09 21:10:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/11/09 21:09:23 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012/11/09 21:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/11/09 21:06:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/11/09 21:05:44 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012/11/09 21:05:44 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2012/11/09 21:05:43 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2012/11/09 21:05:43 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012/11/09 21:05:43 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2012/11/09 21:05:43 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012/11/09 21:05:43 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2012/11/09 21:05:43 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012/11/09 21:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2012/11/09 21:05:34 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Leadertech
[2012/11/09 21:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2012/11/09 21:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2012/11/09 21:03:10 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2012/11/09 21:03:10 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2012/11/09 21:03:10 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012/11/09 21:03:10 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/11/09 21:03:10 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2012/11/09 21:03:10 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/11/09 21:03:09 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012/11/09 20:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012/11/09 20:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/11/09 20:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/11/09 20:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/11/09 19:58:25 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2012/11/09 19:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/11/09 19:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/11/09 19:40:55 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/11/09 19:40:55 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/11/09 19:40:07 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012/11/09 19:40:07 | 000,189,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012/11/09 19:40:07 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012/11/09 19:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/11/09 19:39:03 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/11/09 19:37:25 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/11/09 19:37:25 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/11/09 19:37:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012/11/09 19:37:25 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/11/09 19:36:08 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2012/11/09 19:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/11/09 19:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/11/09 19:33:48 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Google
[2012/11/09 19:33:42 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/11/09 19:33:42 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/11/09 19:33:42 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/11/09 19:33:36 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/11/09 19:33:36 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/11/09 19:33:36 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/11/09 19:33:34 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Apps
[2012/11/09 19:33:31 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Deployment
[2012/11/09 19:33:22 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/11/09 19:33:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/11/09 19:31:58 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Intel
[2012/11/09 19:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/11/09 19:30:10 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/11/09 19:29:00 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/11/09 19:29:00 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Searches
[2012/11/09 19:29:00 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/11/09 19:29:00 | 000,000,000 | -H-D | C] -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/11/09 19:28:51 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Identities
[2012/11/09 19:28:49 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Contacts
[2012/11/09 19:28:48 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\VirtualStore
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\AppData\Local\Temporary Internet Files
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Templates
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Start Menu
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\SendTo
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Recent
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\PrintHood
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\NetHood
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Documents\My Videos
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Documents\My Pictures
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Documents\My Music
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\My Documents
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Local Settings
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\AppData\Local\History
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Cookies
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Application Data
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\AppData\Local\Application Data
[2012/11/09 19:28:39 | 000,000,000 | --SD | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Videos
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Saved Games
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Pictures
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Music
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Links
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Favorites
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Downloads
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Documents
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Desktop
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/11/09 19:28:39 | 000,000,000 | -H-D | C] -- C:\Users\Anuj\AppData
[2012/11/09 19:28:39 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Temp
[2012/11/09 19:28:39 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Microsoft
[2012/11/09 19:28:39 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Media Center Programs
[2012/11/09 19:28:32 | 000,000,000 | ---D | C] -- C:\Recovery
[2012/11/09 19:28:29 | 000,000,000 | ---D | C] -- C:\Windows\softwaredistribution.bak
[2012/11/09 18:02:21 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Windows Live
[2012/11/09 18:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/11/09 18:01:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/11/09 18:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/11/09 18:01:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/11/09 18:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012/11/09 18:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012/11/09 18:00:38 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/11/09 17:59:57 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Dropbox
[2012/11/09 17:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012/11/09 17:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2012/11/09 17:59:42 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2012/11/09 17:59:41 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Programs
[2012/11/09 17:59:27 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\WinRAR
[2012/11/09 17:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/11/09 17:59:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/11/09 17:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/11/09 17:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/11/09 17:59:20 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\uTorrent
[2012/11/09 17:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012/11/09 17:59:17 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/11/09 17:59:17 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/11/09 17:59:17 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/11/09 17:59:14 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/11/09 17:59:14 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/11/09 17:59:14 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/11/09 17:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/11/09 17:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/11/09 17:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/11/09 17:58:52 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/11/09 17:58:52 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/11/09 17:58:52 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/11/09 17:58:44 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/11/09 17:58:44 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/11/09 17:58:44 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/09 17:58:37 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Logitech
[2012/11/09 17:58:37 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Logishrd
[2012/11/09 17:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/11/09 17:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/11/09 17:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/11/09 17:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/11/09 17:58:30 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Macromedia
[2012/11/09 17:58:30 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Adobe
[2012/11/09 17:58:29 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Adobe
[2012/11/09 17:58:23 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/09 17:58:23 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/11/09 17:58:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/11/09 17:58:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/11/09 17:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/11/09 17:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/11/09 17:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/02 17:47:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/02 17:47:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/02 17:46:41 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/02 17:46:41 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/02 17:46:41 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/02 17:44:06 | 005,312,512 | ---- | M] () -- C:\Users\Anuj\Documents\win.evtx
[2012/12/02 17:40:31 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/02 17:40:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/02 17:40:14 | 484,315,135 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/02 17:38:06 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/02 17:18:01 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/12/02 17:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/30 20:32:59 | 000,000,512 | ---- | M] () -- C:\Users\Anuj\Desktop\MBR.dat
[2012/11/26 22:24:24 | 000,001,092 | ---- | M] () -- C:\Users\Anuj\Desktop\EVGA Precision X.lnk
[2012/11/16 02:52:31 | 000,435,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/16 02:48:26 | 000,007,612 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Resmon.ResmonCfg
[2012/11/13 16:45:56 | 000,000,177 | ---- | M] () -- C:\Users\Anuj\Documents\.Rhistory
[2012/11/11 23:06:51 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2012/11/10 22:30:08 | 000,000,073 | ---- | M] () -- C:\Users\Anuj\Documents\ssf4.swr
[2012/11/10 04:04:23 | 000,772,682 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/09 22:26:42 | 000,041,962 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/11/09 22:26:42 | 000,041,962 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/11/09 21:12:46 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/11/09 21:10:11 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/11/09 20:03:04 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/11/09 20:03:04 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/11/09 19:36:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/09 19:33:04 | 000,001,441 | ---- | M] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/09 17:59:20 | 000,000,971 | ---- | M] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/11/09 17:59:11 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/11/09 17:59:11 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/11/09 17:59:11 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/11/09 17:59:11 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/11/09 17:59:11 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/11/09 17:59:11 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/11/09 17:58:39 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/11/09 17:58:39 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/11/09 17:58:39 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/09 17:58:38 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/11/09 17:58:38 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/11/09 17:58:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/11/09 17:58:23 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/09 17:58:23 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/02 17:44:06 | 005,312,512 | ---- | C] () -- C:\Users\Anuj\Documents\win.evtx
[2012/12/02 17:09:22 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/02 17:09:22 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/02 17:09:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/02 17:09:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/02 17:09:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/11/30 20:32:58 | 000,000,512 | ---- | C] () -- C:\Users\Anuj\Desktop\MBR.dat
[2012/11/26 22:36:54 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/11/26 22:24:24 | 000,001,092 | ---- | C] () -- C:\Users\Anuj\Desktop\EVGA Precision X.lnk
[2012/11/16 06:12:29 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012/11/16 02:48:26 | 000,007,612 | ---- | C] () -- C:\Users\Anuj\AppData\Local\Resmon.ResmonCfg
[2012/11/13 16:45:56 | 000,000,177 | ---- | C] () -- C:\Users\Anuj\Documents\.Rhistory
[2012/11/10 23:33:23 | 000,002,119 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2012/11/10 22:30:08 | 000,000,073 | ---- | C] () -- C:\Users\Anuj\Documents\ssf4.swr
[2012/11/09 22:26:36 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/11/09 22:26:31 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/11/09 22:23:02 | 484,315,135 | -HS- | C] () -- C:\hiberfil.sys
[2012/11/09 21:12:46 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/11/09 21:12:42 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/11/09 21:08:19 | 000,772,682 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/09 19:58:22 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/11/09 19:58:22 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/11/09 19:36:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/09 19:33:55 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/09 19:33:54 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/09 19:33:04 | 000,001,441 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/09 19:29:05 | 000,001,413 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/09 19:29:01 | 000,001,447 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/11/09 19:28:39 | 000,000,290 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/11/09 19:28:39 | 000,000,272 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/11/09 18:01:29 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012/11/09 18:01:01 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/11/09 17:59:44 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2012/11/09 17:59:44 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2012/11/09 17:59:43 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2012/11/09 17:59:20 | 000,000,971 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/11/09 17:58:24 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 20:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 20:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD7500BPKT-00PK4T0 ATA Device
Partitions: 2
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 699.00GB
Starting Offset: 105906176
Hidden sectors: 0

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/11/13 09:42:50 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Adobe
[2012/11/23 20:41:05 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Assassin's Creed III
[2012/11/10 05:11:19 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\DAEMON Tools Lite
[2012/12/02 17:39:35 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\DMCache
[2012/11/10 22:35:47 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Downloaded Installations
[2012/11/09 21:32:59 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Dropbox
[2012/11/23 16:33:18 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\GetRightToGo
[2012/11/29 02:02:56 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\HD Tune Pro
[2012/11/09 19:28:51 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Identities
[2012/11/10 00:28:38 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\IDM
[2012/11/13 16:38:16 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\InstallShield
[2012/11/09 19:31:58 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Intel
[2012/11/09 21:05:34 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Leadertech
[2012/11/09 17:58:43 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Logishrd
[2012/11/09 21:32:34 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Logitech
[2012/11/09 17:58:30 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Macromedia
[2012/12/02 17:26:46 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Malwarebytes
[2009/07/14 02:44:38 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Media Center Programs
[2012/11/13 16:41:51 | 000,000,000 | --SD | M] -- C:\Users\Anuj\AppData\Roaming\Microsoft
[2012/11/25 23:25:32 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\NVIDIA
[2012/11/10 22:36:09 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\PingPlotter
[2012/11/22 01:23:06 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\Theta
[2012/11/30 05:19:52 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\uTorrent
[2012/11/23 01:06:49 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\vlc
[2012/11/09 21:20:09 | 000,000,000 | ---D | M] -- C:\Users\Anuj\AppData\Roaming\WinRAR

< MD5 for: ATAPI.SYS >
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CSRSS.EXE >
[2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\erdnt\cache86\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2009/07/13 20:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\erdnt\cache86\mswsock.dll
[2009/07/13 20:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\SysWOW64\mswsock.dll
[2009/07/13 20:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
[2009/07/13 20:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\erdnt\cache64\mswsock.dll
[2009/07/13 20:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\SysNative\mswsock.dll
[2009/07/13 20:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\SysNative\NapiNSP.dll
[2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2009/07/13 20:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\SysWOW64\nlaapi.dll
[2009/07/13 20:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_cdcf91c058fc0e07\nlaapi.dll
[2009/07/13 20:41:52 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=86E3822A34D454032D8E88C72AE8CF2D -- C:\Windows\SysNative\nlaapi.dll
[2009/07/13 20:41:52 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=86E3822A34D454032D8E88C72AE8CF2D -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_c37ae76e249b4c0c\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\SysNative\pnrpnsp.dll
[2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\SysNative\PrintIsolationHost.exe
[2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache86\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\erdnt\cache64\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\erdnt\cache64\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\SysNative\winrnr.dll
[2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 20:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 20:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 20:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2009/07/13 20:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2009/07/13 20:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/13 20:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/13 20:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/13 20:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2009/07/13 20:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2009/07/13 20:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >

FSS log.

Farbar Service Scanner Version: 01-12-2012 02
Ran by Anuj (administrator) on 02-12-2012 at 17:58:23
Running from "C:\Users\Anuj\Downloads"
Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-09 21:11] - [2010-04-09 06:06] - 1898376 ____A (Microsoft Corporation) 7FC877A25796D8ADF539E64703FCA7E1

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll
[2009-07-13 19:09] - [2009-07-13 20:41] - 0565760 ____A (Microsoft Corporation) F8E058D17363EC580E4B7232778B6CB5

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Thanks!

#5
RKinner

Posted 02 December 2012 - 07:16 PM

Malware Expert

Expert
24,624 posts

After clearing the event logs did you reboot once before running VEW?

#6
shinakuma9

Posted 02 December 2012 - 07:27 PM

Member

Topic Starter
Member
165 posts

Oh no I didn't, should I do it again?

#7
RKinner

Posted 02 December 2012 - 07:39 PM

Malware Expert

Expert
24,624 posts

yes

#8
shinakuma9

Posted 06 December 2012 - 01:34 PM

Member

Topic Starter
Member
165 posts

Sorry on the wait. I rebooted and ran VEW as instructed. Here are the log files

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 06/12/2012 2:33:19 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 06/12/2012 7:29:03 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 15 user registry handles leaked from \Registry\User\S-1-5-21-1232935865-4235792297-1753832237-1000:
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Microsoft\SystemCertificates\Root
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Microsoft\SystemCertificates\trust
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Policies\Microsoft\SystemCertificates
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Policies\Microsoft\SystemCertificates
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Policies\Microsoft\SystemCertificates
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Policies\Microsoft\SystemCertificates
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Microsoft\SystemCertificates\My
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Microsoft\SystemCertificates\CA
Process 2824 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-1232935865-4235792297-1753832237-1000\Software\Microsoft\SystemCertificates\SmartCardRoot

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 06/12/2012 2:33:04 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/12/2012 7:29:29 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

#9
RKinner

Posted 06 December 2012 - 09:18 PM

Malware Expert

Expert
24,624 posts

Looks OK. The registry leak is caused by Windows Live. If you don't use it uninstall it. It's possible that a newer version might not have the leak.

Otherwise I don't see anything to worry about. How is it running now?

#10
shinakuma9

Posted 07 December 2012 - 02:38 AM

Member

Topic Starter
Member
165 posts

Everything is fine, but win32 still shows up under msconfig under startup. It is unchecked so it doesn't run during a restart obviously. Is it gone for sure?

Thanks.

#11
RKinner

Posted 07 December 2012 - 09:37 AM

Malware Expert

Expert
24,624 posts

I see it in OTL:

MsConfig:64bit - StartUpReg: win32 - hkey= - key= - C:\kernels\drivers.vbs ()

but it didn't show up in Combofix tho it did say it removed C:\win32.exe.

OTL says it is associated with C:\kernels\drivers.vbs so let's see if we can find the C:\kernels\drivers.vbs file.

Copy the text in the code box:

%SYSTEMDRIVE%\*.exe
msconfig
/md5stop
win32.exe
C:\kernels\drivers.vbs

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

then Run Scan.

You should get 1 log. Please copy and paste it.

#12
shinakuma9

Posted 07 December 2012 - 06:36 PM

Member

Topic Starter
Member
165 posts

Here is the OTL log:

OTL logfile created on: 12/7/2012 7:28:08 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anuj\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.93 Gb Total Physical Memory | 2.62 Gb Available Physical Memory | 44.13% Memory free
11.87 Gb Paging File | 7.52 Gb Available in Paging File | 63.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 588.65 Gb Free Space | 84.27% Space Free | Partition Type: NTFS

Computer Name: ANUJ-PC | User Name: Anuj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/11/26 23:07:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anuj\Downloads\OTL.exe
PRC - [2012/11/09 19:33:51 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/11/08 16:58:24 | 016,070,136 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/10/17 05:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/09/23 20:43:34 | 001,343,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/06 00:27:08 | 002,994,344 | ---- | M] (Nessoft, LLC) -- C:\Program Files (x86)\PingPlotter Standard\PingPlotter.exe
PRC - [2012/03/16 06:07:14 | 003,478,936 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2011/04/15 05:19:00 | 000,426,496 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Anuj\Downloads\Odin3-v1.85\Odin3 v1.85.exe
PRC - [2010/05/25 07:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2009/10/26 10:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/10/09 10:27:44 | 006,937,216 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/22 20:25:00 | 000,102,400 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\D3DOverrider.exe
PRC - [2009/08/19 20:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe

========== Modules (No Company Name) ==========

MOD - [2012/12/06 14:30:30 | 001,024,024 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\windows._cacheinvalidation.pyd
MOD - [2012/12/06 14:30:30 | 000,792,576 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\wx._gdi_.pyd
MOD - [2012/12/06 14:30:30 | 000,571,392 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\pysqlite2._sqlite.pyd
MOD - [2012/12/06 14:30:30 | 000,263,168 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32com.shell.shell.pyd
MOD - [2012/12/06 14:30:30 | 000,096,256 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32api.pyd
MOD - [2012/12/06 14:30:30 | 000,086,016 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\_elementtree.pyd
MOD - [2012/12/06 14:30:30 | 000,070,656 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\wx._html2.pyd
MOD - [2012/12/06 14:30:30 | 000,040,448 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\_socket.pyd
MOD - [2012/12/06 14:30:30 | 000,023,040 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32ts.pyd
MOD - [2012/12/06 14:30:30 | 000,011,776 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32crypt.pyd
MOD - [2012/12/06 14:30:29 | 001,169,408 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\wx._core_.pyd
MOD - [2012/12/06 14:30:29 | 001,056,256 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\wx._controls_.pyd
MOD - [2012/12/06 14:30:29 | 000,807,424 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\wx._windows_.pyd
MOD - [2012/12/06 14:30:29 | 000,731,136 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\wx._misc_.pyd
MOD - [2012/12/06 14:30:29 | 000,645,120 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\_ssl.pyd
MOD - [2012/12/06 14:30:29 | 000,354,304 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\pythoncom26.dll
MOD - [2012/12/06 14:30:29 | 000,311,808 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\_hashlib.pyd
MOD - [2012/12/06 14:30:29 | 000,121,856 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\wx._wizard.pyd
MOD - [2012/12/06 14:30:29 | 000,111,104 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32file.pyd
MOD - [2012/12/06 14:30:29 | 000,110,592 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32security.pyd
MOD - [2012/12/06 14:30:29 | 000,110,592 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\PyWinTypes26.dll
MOD - [2012/12/06 14:30:29 | 000,073,728 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\_ctypes.pyd
MOD - [2012/12/06 14:30:29 | 000,039,424 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32inet.pyd
MOD - [2012/12/06 14:30:29 | 000,036,352 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32process.pyd
MOD - [2012/12/06 14:30:29 | 000,022,528 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32pdh.pyd
MOD - [2012/12/06 14:30:29 | 000,017,920 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32profile.pyd
MOD - [2012/12/06 14:30:28 | 000,585,728 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\unicodedata.pyd
MOD - [2012/12/06 14:30:28 | 000,153,088 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\pyexpat.pyd
MOD - [2012/12/06 14:30:28 | 000,017,920 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\win32event.pyd
MOD - [2012/12/06 14:30:28 | 000,011,776 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Temp\_MEI35842\select.pyd
MOD - [2012/11/27 22:43:17 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll
MOD - [2012/11/27 22:43:16 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
MOD - [2012/11/27 22:43:15 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
MOD - [2012/11/27 22:42:30 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
MOD - [2012/11/27 22:42:29 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libegl.dll
MOD - [2012/11/27 22:42:22 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
MOD - [2012/11/27 22:42:21 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
MOD - [2012/11/27 22:42:21 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
MOD - [2012/11/10 23:21:36 | 006,307,952 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\1033\grooveintlresource.dll
MOD - [2012/10/17 05:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
MOD - [2012/09/23 20:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2012/06/29 23:18:08 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTMUI.dll
MOD - [2012/06/29 23:18:04 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTHAL.dll
MOD - [2012/06/29 23:17:48 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTCore.dll
MOD - [2012/06/29 23:17:40 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTUI.dll
MOD - [2012/06/29 23:17:34 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTFC.dll
MOD - [2011/05/01 01:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTTSH.dll
MOD - [2009/08/22 20:25:00 | 000,106,496 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\RTUI.dll
MOD - [2009/08/22 20:25:00 | 000,102,400 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\D3DOverrider.exe
MOD - [2009/08/22 20:25:00 | 000,057,344 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\RTFC.dll
MOD - [2009/08/22 20:25:00 | 000,032,768 | ---- | M] () -- C:\Users\Anuj\D3DOverrider\D3DOverriderHooks.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/09/11 18:13:02 | 001,494,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2011/09/27 14:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/01/12 15:57:54 | 001,430,800 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/01/12 15:38:18 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/01/12 15:36:22 | 000,840,976 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2012/11/09 17:58:23 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/11/09 21:10:11 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/09/19 10:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 10:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/07/03 10:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/02/07 20:13:32 | 000,149,640 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/09/02 01:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 01:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/01/19 02:28:56 | 008,080,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2009/10/28 00:09:33 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/13 09:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2007/07/24 11:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2012/10/17 05:21:00 | 000,015,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys -- (RTCore64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A8 14 70 5F 57 CB CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Anuj\AppData\Roaming\IDM\idmmzcc5 [2012/11/10 00:26:11 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: AutoPatchWork = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeolcjbaammbkgaiagooljfdepnjmkfd\1.9.7_0\
CHR - Extension: Google Drive = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: NeoGAF Live Thread = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbfgndoggabppkoehpipfadjelcofmp\1.0.6_0\
CHR - Extension: YouTube = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Reddit Widget [ANTP] = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpcomccnnochpjdakpakbieihbglblcn\1.3.3.2_0\
CHR - Extension: Search by Image (by Google) = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.3.2_0\
CHR - Extension: Center Image = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiklnjkgjkmamgoaggongdmekajdlki\2.1_0\
CHR - Extension: imgur = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\1.1.3_0\
CHR - Extension: AdBlock = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.49_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: Fauxbar = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hibkhcnpkakjniplpfblaoikiggkopka\1.2.10_0\
CHR - Extension: TabJump - Intelligent Tab Navigator = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokofmgcicpnjchllaccgedmmmbbnbmf\0.7.9_0\
CHR - Extension: Wolfram|Alpha (Official) = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp\1.2.2_0\
CHR - Extension: Auto Replay for YouTube = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.20_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\
CHR - Extension: Auto HD For YouTube = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\3.3_0\
CHR - Extension: StayFocusd = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.3.7_0\
CHR - Extension: Awesome New Tab Page = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2012.147.2.0_0\
CHR - Extension: Google Mail Checker = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Antisocial = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pghncadecdbeoiklgemofaoampiiicmn\0.2.4_0\
CHR - Extension: Gmail = C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/02 17:18:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [D3DOverrider] C:\Users\Anuj\D3DOverrider\D3DOverriderWrapper.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{469E2B3B-63F0-4692-B4BF-D9BAF35DB118}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpFolder: C:^Users^Anuj^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Anuj\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: win32 - hkey= - key= - C:\kernels\drivers.vbs ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.

========== Files/Folders - Created Within 30 Days ==========

[2012/12/04 22:38:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\SCE
[2012/12/04 22:38:10 | 000,000,000 | ---D | C] -- C:\Crash
[2012/12/04 22:38:09 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Sony Online Entertainment
[2012/12/02 17:38:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2012/12/02 17:26:46 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Malwarebytes
[2012/12/02 17:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/02 17:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/12/02 17:26:28 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/02 17:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/12/02 17:18:04 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/12/02 17:09:22 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/12/02 17:09:22 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/12/02 17:09:22 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/12/02 17:06:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/02 17:06:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/11/29 02:02:45 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\HD Tune Pro
[2012/11/27 19:39:11 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/11/27 11:34:29 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\FLiNGTrainer
[2012/11/26 22:38:06 | 006,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/11/26 22:38:06 | 003,293,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/11/26 22:38:06 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/11/26 22:38:06 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/11/26 22:38:06 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/11/26 22:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/11/26 22:36:58 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/11/26 22:36:58 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/11/26 22:36:58 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012/11/26 22:36:58 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/11/26 22:36:58 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012/11/26 22:36:57 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/11/26 22:36:57 | 014,922,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/11/26 22:36:57 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/11/26 22:36:57 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/11/26 22:36:57 | 002,428,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/11/26 22:36:56 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/11/26 22:36:56 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/11/26 22:36:56 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/11/26 22:36:56 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/11/26 22:36:56 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012/11/26 22:36:56 | 002,731,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/11/26 22:36:56 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/11/26 22:36:56 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/11/26 22:36:56 | 001,760,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/11/26 22:36:55 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/11/26 22:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/11/26 22:34:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/11/26 22:24:24 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X
[2012/11/26 22:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/11/25 23:25:32 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\NVIDIA
[2012/11/23 20:42:28 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Ubisoft Game Launcher
[2012/11/23 20:42:08 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\Assassin's Creed III
[2012/11/23 20:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
[2012/11/23 20:41:05 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Assassin's Creed III
[2012/11/23 01:09:32 | 000,000,000 | R--D | C] -- C:\Kernels
[2012/11/23 01:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2012/11/23 00:58:16 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\GetRightToGo
[2012/11/23 00:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA 3D Vision driver
[2012/11/23 00:39:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012/11/22 01:23:06 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Theta
[2012/11/22 01:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012/11/22 01:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012/11/21 21:43:00 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Brice_Lambson
[2012/11/21 21:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows
[2012/11/21 21:41:43 | 000,000,000 | ---D | C] -- C:\Program Files\Image Resizer for Windows
[2012/11/21 21:41:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image Resizer for Windows
[2012/11/21 21:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2012/11/21 18:05:03 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\SCX-3200_PrintD_3.11.28.00
[2012/11/21 18:00:33 | 000,011,576 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\drivers\SSPORT.SYS
[2012/11/16 06:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/11/16 01:50:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/11/16 01:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2012/11/16 01:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/11/16 01:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/11/16 01:49:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/11/15 17:43:25 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Applications
[2012/11/13 16:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2012/11/13 16:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATKGFNEX
[2012/11/13 16:38:30 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/11/13 16:38:16 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\InstallShield
[2012/11/13 16:38:04 | 000,015,928 | ---- | C] (ASUS) -- C:\Windows\SysNative\drivers\ATK64AMD.sys
[2012/11/13 09:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
[2012/11/13 09:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\R
[2012/11/11 15:50:07 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\Diablo III
[2012/11/10 23:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2012/11/10 23:33:23 | 000,000,000 | R--D | C] -- C:\Users\Anuj\SkyDrive
[2012/11/10 23:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2012/11/10 23:23:42 | 000,000,000 | R--D | C] -- C:\MSOCache
[2012/11/10 23:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2012/11/10 23:16:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/11/10 23:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/11/10 23:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2012/11/10 22:36:16 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2012/11/10 22:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter Standard
[2012/11/10 22:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PingPlotter Standard
[2012/11/10 22:36:09 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\PingPlotter
[2012/11/10 22:35:47 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Downloaded Installations
[2012/11/10 22:30:35 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\My Cheat Tables
[2012/11/10 22:26:53 | 000,000,000 | ---D | C] -- C:\Users\Anuj\D3DOverrider
[2012/11/10 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/11/10 22:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/11/10 22:08:07 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\Games for Windows - LIVE Demos
[2012/11/10 22:03:59 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\CAPCOM
[2012/11/10 21:56:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/11/10 21:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShiftWindow
[2012/11/10 21:55:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ShiftWindow
[2012/11/10 05:21:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/11/10 05:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/11/10 05:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Capcom
[2012/11/10 05:07:48 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\ElevatedDiagnostics
[2012/11/10 05:07:39 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/11/10 01:05:40 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\LogiShrd
[2012/11/10 01:04:21 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2012/11/10 01:03:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/11/10 01:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012/11/10 01:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2012/11/10 01:01:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/11/10 01:00:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EVGA Precision X
[2012/11/10 00:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2012/11/10 00:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2012/11/10 00:26:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\IDM
[2012/11/10 00:26:10 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\DMCache
[2012/11/10 00:26:06 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/11/10 00:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/11/10 00:26:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2012/11/10 00:13:55 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\vlc
[2012/11/09 22:23:35 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/11/09 22:23:02 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/11/09 22:22:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/11/09 22:12:12 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/11/09 22:12:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/11/09 22:03:32 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/11/09 22:03:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/11/09 21:42:57 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/11/09 21:34:19 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Documents\My Received Files
[2012/11/09 21:32:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd
[2012/11/09 21:27:02 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/11/09 21:27:02 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/11/09 21:27:02 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/11/09 21:27:02 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/11/09 21:27:00 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/11/09 21:27:00 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/11/09 21:27:00 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/11/09 21:27:00 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/11/09 21:26:59 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/11/09 21:26:59 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/11/09 21:26:58 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/11/09 21:26:58 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/11/09 21:26:57 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/11/09 21:26:57 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/11/09 21:26:56 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/11/09 21:26:56 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/11/09 21:26:55 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/11/09 21:26:55 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/11/09 21:26:55 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/11/09 21:26:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/11/09 21:26:54 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/11/09 21:26:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/11/09 21:26:53 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/11/09 21:26:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/11/09 21:26:49 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/11/09 21:26:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/11/09 21:26:48 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/11/09 21:26:48 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/11/09 21:26:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/11/09 21:26:48 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/11/09 21:26:47 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/11/09 21:26:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/11/09 21:26:47 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/11/09 21:26:47 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/11/09 21:26:46 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/11/09 21:26:46 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/11/09 21:26:46 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/11/09 21:26:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/11/09 21:26:43 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/11/09 21:26:43 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/11/09 21:26:42 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/11/09 21:26:42 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/11/09 21:26:42 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/11/09 21:26:42 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/11/09 21:26:42 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/11/09 21:26:42 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/11/09 21:26:41 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/11/09 21:26:41 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/11/09 21:26:41 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/11/09 21:26:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/11/09 21:26:40 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/11/09 21:26:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/11/09 21:26:40 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/11/09 21:26:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/11/09 21:26:39 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/11/09 21:26:39 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/11/09 21:26:39 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/11/09 21:26:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/11/09 21:26:39 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/11/09 21:26:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/11/09 21:26:38 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/11/09 21:26:38 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/11/09 21:26:38 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/11/09 21:26:38 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/11/09 21:26:37 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/11/09 21:26:37 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/11/09 21:26:37 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/11/09 21:26:37 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/11/09 21:26:36 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/11/09 21:26:36 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/11/09 21:26:36 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/11/09 21:26:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/11/09 21:26:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/11/09 21:26:36 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/11/09 21:26:35 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/11/09 21:26:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/11/09 21:26:34 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/11/09 21:26:34 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/11/09 21:26:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/11/09 21:26:34 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/11/09 21:26:34 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/11/09 21:26:34 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/11/09 21:26:33 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/11/09 21:26:33 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/11/09 21:26:33 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/11/09 21:26:33 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/11/09 21:26:33 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/11/09 21:26:33 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/11/09 21:26:32 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/11/09 21:26:32 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/11/09 21:26:31 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/11/09 21:26:31 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/11/09 21:26:30 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/11/09 21:26:30 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/11/09 21:26:30 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/11/09 21:26:30 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/11/09 21:26:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/11/09 21:26:30 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/11/09 21:26:30 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/11/09 21:26:30 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/11/09 21:26:29 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/11/09 21:26:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/11/09 21:26:28 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/11/09 21:26:28 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/11/09 21:26:26 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/11/09 21:26:26 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/11/09 21:26:26 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/11/09 21:26:26 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/11/09 21:26:25 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/11/09 21:26:25 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/11/09 21:26:23 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/11/09 21:26:23 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/11/09 21:26:22 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/11/09 21:26:22 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/11/09 21:26:22 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/11/09 21:26:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/11/09 21:26:22 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/11/09 21:26:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/11/09 21:26:21 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/11/09 21:26:21 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/11/09 21:26:21 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/11/09 21:26:21 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/11/09 21:26:20 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/11/09 21:26:20 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/11/09 21:26:20 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/11/09 21:26:20 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/11/09 21:26:19 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/11/09 21:26:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/11/09 21:26:18 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/11/09 21:26:18 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/11/09 21:26:17 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/11/09 21:26:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/11/09 21:26:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/11/09 21:26:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/11/09 21:26:17 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/11/09 21:26:17 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/11/09 21:26:16 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/11/09 21:26:16 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/11/09 21:26:15 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/11/09 21:26:15 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/11/09 21:26:14 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/11/09 21:26:14 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/11/09 21:26:14 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/11/09 21:26:14 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/11/09 21:26:13 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/11/09 21:26:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/11/09 21:26:12 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/11/09 21:26:12 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/11/09 21:26:12 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/11/09 21:26:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/11/09 21:26:12 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/11/09 21:26:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/11/09 21:26:11 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/11/09 21:26:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/11/09 21:26:10 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/11/09 21:26:10 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/11/09 21:26:09 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/11/09 21:26:09 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/11/09 21:26:09 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/11/09 21:26:09 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/11/09 21:26:06 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/11/09 21:26:06 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/11/09 21:26:06 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/11/09 21:26:06 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/11/09 21:26:02 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/11/09 21:26:02 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/11/09 21:26:02 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/11/09 21:26:02 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/11/09 21:26:02 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/11/09 21:26:02 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/11/09 21:26:01 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/11/09 21:26:01 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/11/09 21:26:00 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/11/09 21:26:00 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/11/09 21:26:00 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/11/09 21:26:00 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/11/09 21:25:59 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/11/09 21:25:59 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/11/09 21:25:58 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/11/09 21:25:58 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/11/09 21:17:31 | 000,000,000 | --SD | C] -- C:\Users\Anuj\Google Drive
[2012/11/09 21:14:30 | 000,000,000 | ---D | C] -- C:\Users\Anuj\Tracing
[2012/11/09 21:11:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/11/09 21:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/11/09 21:11:35 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/11/09 21:10:11 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/11/09 21:10:06 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\DAEMON Tools Lite
[2012/11/09 21:10:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/11/09 21:09:23 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012/11/09 21:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/11/09 21:06:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/11/09 21:05:44 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012/11/09 21:05:44 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2012/11/09 21:05:43 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2012/11/09 21:05:43 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012/11/09 21:05:43 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2012/11/09 21:05:43 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012/11/09 21:05:43 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2012/11/09 21:05:43 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012/11/09 21:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2012/11/09 21:05:34 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Leadertech
[2012/11/09 21:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2012/11/09 21:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2012/11/09 21:03:10 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2012/11/09 21:03:10 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2012/11/09 21:03:10 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012/11/09 21:03:10 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/11/09 21:03:10 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2012/11/09 21:03:10 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/11/09 21:03:09 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012/11/09 20:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012/11/09 20:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/11/09 20:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/11/09 20:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/11/09 19:58:25 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2012/11/09 19:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/11/09 19:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/11/09 19:40:55 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/11/09 19:40:55 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/11/09 19:40:07 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012/11/09 19:40:07 | 000,189,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012/11/09 19:40:07 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012/11/09 19:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/11/09 19:39:03 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/11/09 19:37:25 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/11/09 19:37:25 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/11/09 19:37:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012/11/09 19:37:25 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/11/09 19:36:08 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2012/11/09 19:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/11/09 19:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/11/09 19:33:48 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Google
[2012/11/09 19:33:42 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/11/09 19:33:42 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/11/09 19:33:42 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/11/09 19:33:36 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/11/09 19:33:36 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/11/09 19:33:36 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/11/09 19:33:34 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Apps
[2012/11/09 19:33:31 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Deployment
[2012/11/09 19:33:22 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/11/09 19:33:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/11/09 19:31:58 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Intel
[2012/11/09 19:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/11/09 19:30:10 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/11/09 19:29:00 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/11/09 19:29:00 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Searches
[2012/11/09 19:29:00 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/11/09 19:29:00 | 000,000,000 | -H-D | C] -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/11/09 19:28:51 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Identities
[2012/11/09 19:28:49 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Contacts
[2012/11/09 19:28:48 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\VirtualStore
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\AppData\Local\Temporary Internet Files
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Templates
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Start Menu
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\SendTo
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Recent
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\PrintHood
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\NetHood
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Documents\My Videos
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Documents\My Pictures
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Documents\My Music
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\My Documents
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Local Settings
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\AppData\Local\History
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Cookies
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\Application Data
[2012/11/09 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Anuj\AppData\Local\Application Data
[2012/11/09 19:28:39 | 000,000,000 | --SD | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Videos
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Saved Games
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Pictures
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Music
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Links
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Favorites
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Downloads
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Documents
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\Desktop
[2012/11/09 19:28:39 | 000,000,000 | R--D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/11/09 19:28:39 | 000,000,000 | -H-D | C] -- C:\Users\Anuj\AppData
[2012/11/09 19:28:39 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Temp
[2012/11/09 19:28:39 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Microsoft
[2012/11/09 19:28:39 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Media Center Programs
[2012/11/09 19:28:32 | 000,000,000 | ---D | C] -- C:\Recovery
[2012/11/09 19:28:29 | 000,000,000 | ---D | C] -- C:\Windows\softwaredistribution.bak
[2012/11/09 18:02:21 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Windows Live
[2012/11/09 18:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/11/09 18:01:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/11/09 18:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/11/09 18:01:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/11/09 18:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012/11/09 18:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012/11/09 18:00:38 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/11/09 17:59:57 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Dropbox
[2012/11/09 17:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012/11/09 17:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2012/11/09 17:59:42 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2012/11/09 17:59:41 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Programs
[2012/11/09 17:59:27 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\WinRAR
[2012/11/09 17:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/11/09 17:59:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/11/09 17:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/11/09 17:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/11/09 17:59:20 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\uTorrent
[2012/11/09 17:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012/11/09 17:59:17 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/11/09 17:59:17 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/11/09 17:59:17 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/11/09 17:59:14 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/11/09 17:59:14 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/11/09 17:59:14 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/11/09 17:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/11/09 17:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/11/09 17:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/11/09 17:58:52 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/11/09 17:58:52 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/11/09 17:58:52 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/11/09 17:58:44 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/11/09 17:58:44 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/11/09 17:58:44 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/09 17:58:37 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Logitech
[2012/11/09 17:58:37 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Logishrd
[2012/11/09 17:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/11/09 17:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/11/09 17:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/11/09 17:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/11/09 17:58:30 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Macromedia
[2012/11/09 17:58:30 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Local\Adobe
[2012/11/09 17:58:29 | 000,000,000 | ---D | C] -- C:\Users\Anuj\AppData\Roaming\Adobe
[2012/11/09 17:58:23 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/09 17:58:23 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/11/09 17:58:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/11/09 17:58:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/11/09 17:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/11/09 17:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/11/09 17:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/07 19:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/07 18:51:06 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/07 18:51:06 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/07 18:51:06 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/07 18:38:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/06 19:49:03 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/06 14:37:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/06 14:37:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/06 14:30:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/06 14:29:50 | 484,315,135 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/04 16:49:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2012/12/02 17:44:06 | 005,312,512 | ---- | M] () -- C:\Users\Anuj\Documents\win.evtx
[2012/12/02 17:18:01 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/11/30 20:32:59 | 000,000,512 | ---- | M] () -- C:\Users\Anuj\Desktop\MBR.dat
[2012/11/26 22:24:24 | 000,001,092 | ---- | M] () -- C:\Users\Anuj\Desktop\EVGA Precision X.lnk
[2012/11/16 02:52:31 | 000,435,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/16 02:48:26 | 000,007,612 | ---- | M] () -- C:\Users\Anuj\AppData\Local\Resmon.ResmonCfg
[2012/11/13 16:45:56 | 000,000,177 | ---- | M] () -- C:\Users\Anuj\Documents\.Rhistory
[2012/11/11 23:06:51 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2012/11/10 22:30:08 | 000,000,073 | ---- | M] () -- C:\Users\Anuj\Documents\ssf4.swr
[2012/11/10 04:04:23 | 000,772,682 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/09 22:26:42 | 000,041,962 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/11/09 22:26:42 | 000,041,962 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/11/09 21:12:46 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/11/09 21:10:11 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/11/09 20:03:04 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/11/09 20:03:04 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/11/09 19:36:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/09 19:33:04 | 000,001,441 | ---- | M] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/09 17:59:20 | 000,000,971 | ---- | M] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/11/09 17:59:11 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/11/09 17:59:11 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/11/09 17:59:11 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/11/09 17:59:11 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/11/09 17:59:11 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/11/09 17:59:11 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/11/09 17:58:39 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/11/09 17:58:39 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/11/09 17:58:39 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/09 17:58:38 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/11/09 17:58:38 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/11/09 17:58:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/11/09 17:58:23 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/09 17:58:23 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/04 16:49:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2012/12/02 17:44:06 | 005,312,512 | ---- | C] () -- C:\Users\Anuj\Documents\win.evtx
[2012/12/02 17:09:22 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/02 17:09:22 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/02 17:09:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/02 17:09:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/02 17:09:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/11/30 20:32:58 | 000,000,512 | ---- | C] () -- C:\Users\Anuj\Desktop\MBR.dat
[2012/11/26 22:36:54 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/11/26 22:24:24 | 000,001,092 | ---- | C] () -- C:\Users\Anuj\Desktop\EVGA Precision X.lnk
[2012/11/16 06:12:29 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012/11/16 02:48:26 | 000,007,612 | ---- | C] () -- C:\Users\Anuj\AppData\Local\Resmon.ResmonCfg
[2012/11/13 16:45:56 | 000,000,177 | ---- | C] () -- C:\Users\Anuj\Documents\.Rhistory
[2012/11/10 23:33:23 | 000,002,119 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2012/11/10 22:30:08 | 000,000,073 | ---- | C] () -- C:\Users\Anuj\Documents\ssf4.swr
[2012/11/09 22:26:36 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/11/09 22:26:31 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/11/09 22:23:02 | 484,315,135 | -HS- | C] () -- C:\hiberfil.sys
[2012/11/09 21:12:46 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/11/09 21:12:42 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/11/09 21:08:19 | 000,772,682 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/09 19:58:22 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/11/09 19:58:22 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/11/09 19:36:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/09 19:33:55 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/09 19:33:54 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/09 19:33:04 | 000,001,441 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/09 19:29:05 | 000,001,413 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/09 19:29:01 | 000,001,447 | ---- | C] () -- C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/11/09 19:28:39 | 000,000,290 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/11/09 19:28:39 | 000,000,272 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/11/09 18:01:29 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012/11/09 18:01:01 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/11/09 17:59:44 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2012/11/09 17:59:44 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2012/11/09 17:59:43 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2012/11/09 17:59:20 | 000,000,971 | ---- | C] () -- C:\Users\Anuj\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/11/09 17:58:24 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 20:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 20:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< /md5stop >
Invalid Switch: md5stop

< win32.exe >

< C:\kernels\drivers.vbs >
[2012/11/23 01:09:33 | 000,000,474 | ---- | M] () -- C:\kernels\drivers.vbs

< End of report >

Thanks

#13
RKinner

Posted 07 December 2012 - 07:20 PM

Malware Expert

Expert
24,624 posts

C:\kernels\drivers.vbs is still there. I'm curious as to what it does so see if you can find it then right click on it and change the .vbs to .txt then attach it to a reply. After you do that you can delete it.

#14
shinakuma9

Posted 07 December 2012 - 08:00 PM

Member

Topic Starter
Member
165 posts

drivers.txt 474bytes 128 downloads

Okay here is the file.

Any idea what it does?

Attached Files

drivers.txt 474bytes 98 downloads

Edited by shinakuma9, 07 December 2012 - 08:02 PM.

#15
RKinner

Posted 07 December 2012 - 09:34 PM

Malware Expert

Expert
24,624 posts

Appears that it just opens a hidden window and runs the file C:/kernels/processor.bat. Can you find C:/kernels/processor.bat? and rename it to C:/kernels/processor.txt and attach it? Are there any other files in the C:/kernels folder?