Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please help! my hardrive GB is going down every min!

Started by Maize , Oct 20 2014 08:18 AM

  • Please log in to reply

#1
Maize
Posted 20 October 2014 - 08:18 AM

Maize

    New Member

  • Member
  • Pip
  • 3 posts

It was a lot of GB left before and then week by week go by it started going down n down n down please help!!!


  • 0

Advertisements

#2
Maize
Posted 20 October 2014 - 08:35 AM

Maize

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

I used OTL to scan and this was it OTL logfile created on: 10/21/2014 3:09:44 AM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\jessi kavi\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 30.62% Memory free
6.49 Gb Paging File | 2.63 Gb Available in Paging File | 40.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 51.06 Gb Total Space | 0.04 Gb Free Space | 0.07% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 67.05 Gb Free Space | 68.66% Space Free | Partition Type: NTFS
 
Computer Name: MAIZESLAPTOPG | User Name: Maize | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/21 03:09:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jessi kavi\Downloads\OTL.exe
PRC - [2014/10/16 01:41:12 | 009,270,216 | ---- | M] () -- D:\PWI_en\element\elementclient.exe
PRC - [2014/10/14 01:01:36 | 000,228,688 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
PRC - [2014/10/11 16:58:42 | 002,869,584 | ---- | M] (Perfect World Entertainment Inc) -- D:\Arc\Arc.exe
PRC - [2014/10/09 16:22:36 | 001,194,320 | ---- | M] (Perfect World Entertainment) -- D:\Arc\ArcOSOverlay.exe
PRC - [2014/10/09 16:22:12 | 001,239,376 | ---- | M] () -- D:\Arc\ArcOSBrowser.exe
PRC - [2014/09/23 17:07:06 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/09/13 07:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/06/28 01:02:54 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2014/06/28 01:02:43 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/05/21 12:49:20 | 000,036,864 | ---- | M] () -- D:\PWI_en\element\reportbugs\pwprotector.exe
PRC - [2012/09/06 04:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2011/02/08 09:42:10 | 000,477,560 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\mcuicnt.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/16 15:39:31 | 016,832,176 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
MOD - [2014/10/16 01:54:32 | 000,072,704 | ---- | M] () -- D:\PWI_en\element\zlibwapi.dll
MOD - [2014/10/16 01:41:57 | 000,024,576 | ---- | M] () -- D:\PWI_en\element\immwrapper.dll
MOD - [2014/10/16 01:41:12 | 009,270,216 | ---- | M] () -- D:\PWI_en\element\elementclient.exe
MOD - [2014/10/09 16:35:54 | 000,174,416 | ---- | M] () -- D:\Arc\ZUnZip.dll
MOD - [2014/10/09 16:34:24 | 000,568,552 | ---- | M] () -- D:\Arc\sqlite3.dll
MOD - [2014/10/09 16:31:20 | 000,742,736 | ---- | M] () -- D:\Arc\libGLESv2.dll
MOD - [2014/10/09 16:31:08 | 000,136,528 | ---- | M] () -- D:\Arc\libEGL.dll
MOD - [2014/10/09 16:30:54 | 024,984,912 | ---- | M] () -- D:\Arc\libcef.dll
MOD - [2014/10/09 16:26:38 | 001,517,904 | ---- | M] () -- D:\Arc\CoreUI.dll
MOD - [2014/10/09 16:22:46 | 000,178,512 | ---- | M] () -- D:\Arc\ArcOverlayStub.dll
MOD - [2014/10/09 16:22:12 | 001,239,376 | ---- | M] () -- D:\Arc\ArcOSBrowser.exe
MOD - [2014/09/23 17:07:05 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppgooglenaclpluginchrome.dll
MOD - [2014/09/23 17:07:04 | 014,891,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
MOD - [2014/09/23 17:07:02 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
MOD - [2014/09/23 17:06:58 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
MOD - [2014/09/23 17:06:56 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
MOD - [2014/09/23 17:06:55 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
MOD - [2014/08/20 10:57:46 | 000,164,696 | ---- | M] () -- D:\PWI_en\element\logiccheck.dll
MOD - [2014/08/20 10:55:52 | 003,063,808 | ---- | M] () -- D:\PWI_en\element\elementskill.dll
MOD - [2013/09/25 10:12:56 | 000,098,304 | ---- | M] () -- D:\PWI_en\element\arcsdk.dll
MOD - [2013/05/21 12:50:32 | 000,450,560 | ---- | M] () -- D:\PWI_en\element\speedtreert.dll
MOD - [2013/05/21 12:49:20 | 000,036,864 | ---- | M] () -- D:\PWI_en\element\reportbugs\pwprotector.exe
MOD - [2013/05/21 12:37:58 | 000,155,648 | ---- | M] () -- D:\PWI_en\element\ftdriver.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/21 02:11:07 | 000,384,336 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
SRV:64bit: - [2014/10/14 01:01:27 | 000,155,984 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll -- (BsCache)
SRV:64bit: - [2014/10/14 01:01:24 | 000,420,688 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
SRV:64bit: - [2014/10/14 01:01:24 | 000,280,912 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
SRV:64bit: - [2014/10/14 01:01:23 | 000,749,392 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
SRV:64bit: - [2014/10/14 01:01:23 | 000,747,856 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll -- (BsBackup)
SRV:64bit: - [2014/10/14 01:01:23 | 000,591,184 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe -- (BsBhvScan)
SRV:64bit: - [2014/10/14 01:01:23 | 000,530,768 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
SRV:64bit: - [2014/10/14 01:01:22 | 000,751,440 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
SRV:64bit: - [2014/09/14 15:29:47 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/16 16:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 13:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 13:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 20:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/04/07 00:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/03/24 15:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 15:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 19:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 18:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 20:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/23 04:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 22:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 22:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 22:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 22:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/12 11:59:12 | 001,050,904 | ---- | M] () [Auto | Stopped] -- C:\Program Files\KMSpico\Service_KMS.exe -- (Service KMSELDI)
SRV:64bit: - [2013/12/10 20:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/23 08:11:18 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013/08/23 08:11:17 | 000,090,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013/08/23 00:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/23 00:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/23 00:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/23 00:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/23 00:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 23:36:01 | 000,321,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2013/08/22 23:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 23:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 22:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 22:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 22:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 22:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 22:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 22:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 22:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 22:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/10/16 15:39:31 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/10/09 16:23:46 | 000,088,400 | ---- | M] (Perfect World Entertainment Inc) [On_Demand | Stopped] -- D:\Arc\ArcService.exe -- (ArcService)
SRV - [2014/09/23 17:32:08 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/09/13 07:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/08/16 16:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/07/29 06:38:42 | 003,373,912 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2014/06/28 01:02:54 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2014/06/28 01:02:43 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014/05/07 15:27:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/06 03:57:56 | 000,762,194 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2014/03/14 19:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 16:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 15:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/09/06 04:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/10/14 01:01:28 | 000,259,312 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NSKernel.sys -- (NovaShieldFilterDriver)
DRV:64bit: - [2014/09/08 23:47:38 | 000,041,680 | R--- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (AFW)
DRV:64bit: - [2014/09/08 23:47:22 | 000,469,712 | R--- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore)
DRV:64bit: - [2014/09/04 12:44:24 | 000,046,136 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:64bit: - [2014/08/15 13:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/25 04:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/25 04:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/25 00:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/16 00:56:28 | 000,117,184 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\BdAgent.sys -- (BdAgent)
DRV:64bit: - [2014/05/02 02:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/24 15:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 15:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 15:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 16:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/19 21:45:12 | 000,034,384 | ---- | M] (BullGuard Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BdNet.sys -- (BdNet)
DRV:64bit: - [2014/03/14 01:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/09 09:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/27 02:46:18 | 000,350,160 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2014/02/27 02:46:18 | 000,067,680 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\BdSpy.sys -- (BdSpy)
DRV:64bit: - [2014/02/23 05:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/23 04:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/23 04:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/23 04:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/23 04:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/23 01:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/11/11 15:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/02 00:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/26 14:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/06 04:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/15 03:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/23 08:11:19 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/08/23 08:11:18 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/23 08:11:12 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/08/23 08:11:12 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/08/23 08:11:12 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/08/23 08:11:12 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/08/23 08:11:12 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/23 02:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/23 02:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/23 01:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/23 01:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/23 01:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/23 01:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/23 01:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/23 01:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/23 01:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/23 01:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/23 01:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/23 01:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/23 01:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/23 01:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/23 01:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/23 01:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/23 01:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/23 01:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/23 01:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/23 01:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/23 01:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/23 01:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/23 01:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/23 01:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/23 01:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/23 01:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/23 01:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/08/23 01:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/23 01:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/23 01:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/23 00:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/23 00:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/23 00:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/23 00:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/23 00:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/23 00:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/23 00:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/23 00:38:30 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013/08/23 00:38:26 | 000,032,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthHfAud.sys -- (BthHFAud)
DRV:64bit: - [2013/08/23 00:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/23 00:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/23 00:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/23 00:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/23 00:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/23 00:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/23 00:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/23 00:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/23 00:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/23 00:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/23 00:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/23 00:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/23 00:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/23 00:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 21:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 12:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 13:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/31 07:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/26 08:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/19 03:45:58 | 011,518,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2013/06/19 03:45:08 | 000,425,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2013/03/18 17:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/27 01:26:12 | 012,311,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/07/31 11:45:10 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2012/07/16 04:48:16 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010/06/21 14:07:24 | 000,304,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/09/17 20:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2008/12/26 13:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://iat.msn.co.nz...er/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B E3 D2 A0 EF 70 CF 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={94BE135A-F37B-46E2-9433-CFB033B5CAE2}&mid=203f7b393d1a47d3a1f4cd2cdbe7048e-8818d8ff5f1e0733fd92766ba96004f58f43bc81&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-07-01 04:05:22&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{C1F60028-CFB3-4E90-BB83-B73A3DD9E3BF}: "URL" = http://www.search.as...archTerms}&psv=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin: D:\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\jessi kavi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard\ [2014/08/09 17:07:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{b9bfaf1c-a63f-47cd-0829-29526ced3775}: C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi [2014/06/21 20:26:06 | 000,057,121 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/21 09:02:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\Extensions\\{b9bfaf1c-a63f-47cd-0829-29526ced3775}: C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi [2014/06/21 20:26:06 | 000,057,121 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{70339624-5C1F-2086-A51C-7028CDF812AE}: C:\Program Files (x86)\di3BlockAndSurf\175.xpi
 
[2014/05/16 23:19:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jessi kavi\AppData\Roaming\mozilla\Extensions
[2014/08/31 02:50:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jessi kavi\AppData\Roaming\mozilla\Firefox\Profiles\rhrdlyem.default\extensions
[2014/06/21 20:26:06 | 000,057,121 | ---- | M] () (No name found) -- C:\Users\jessi kavi\AppData\Roaming\mozilla\firefox\profiles\rhrdlyem.default\extensions\{b9bfaf1c-a63f-47cd-0829-29526ced3775}.xpi
[2014/05/23 23:53:43 | 000,006,350 | ---- | M] () -- C:\Users\jessi kavi\AppData\Roaming\mozilla\firefox\profiles\rhrdlyem.default\searchplugins\Google.xml
[2014/07/21 15:05:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extension
[2014/05/16 23:18:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/16 23:18:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/10/02 21:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extension
[2014/10/02 21:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2014/10/02 21:02:47 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/05/21 13:23:56 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\jessi kavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\jessi kavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\jessi kavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\jessi kavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\jessi kavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: No name found = C:\Users\jessi kavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\jessi kavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\jessi kavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/08/23 02:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ArcPluginIEBHO Class) - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Arc\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {53475433-2D56-3700-76A7-7A786E7484D7} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.)
O4:64bit: - HKLM..\Run: [BullGuardUpdate2] c:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe (BullGuard Ltd.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4 - HKCU..\Run: [MK LOL] C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - Reg Error: Value error. File not found
O9 - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: google.com ([www] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C5FF3DB-51F5-4868-9284-8EF4CC266CC6}: DhcpNameServer = 10.1.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 10:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/21 02:16:42 | 000,153,712 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll.PendingBullGuardUpdate
[2014/10/21 02:16:42 | 000,140,280 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll.PendingBullGuardUpdate
[2014/10/21 02:16:36 | 000,076,624 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysNative\BGLsp.dll.PendingBullGuardUpdate
[2014/10/21 02:16:36 | 000,064,336 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysWow64\BGLsp.dll.PendingBullGuardUpdate
[2014/10/16 17:40:47 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/10/16 17:40:47 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/10/16 17:40:33 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/10/16 17:40:23 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/10/16 17:40:23 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/10/16 17:40:22 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/10/16 17:40:22 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/10/16 17:40:21 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/10/16 17:40:21 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/10/16 17:40:21 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/10/16 17:40:21 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/10/16 17:40:21 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/10/16 17:40:21 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/10/16 17:40:21 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/10/16 17:40:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/10/16 17:40:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/10/16 17:39:09 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/10/16 17:39:08 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/10/16 17:39:06 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/10/16 17:39:05 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/10/16 17:39:05 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/10/16 17:38:59 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014/10/16 17:38:56 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014/10/16 17:38:55 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/10/16 17:38:55 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/10/16 17:38:54 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014/10/16 17:38:52 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/10/16 17:38:52 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/10/16 17:38:52 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014/10/16 17:38:50 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014/10/16 17:38:50 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014/10/16 17:38:49 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/10/16 17:38:49 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/10/16 17:38:49 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014/10/16 17:38:48 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2014/10/16 17:38:45 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll
[2014/10/16 17:38:43 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
[2014/10/16 17:38:43 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014/10/16 17:38:43 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bisrv.dll
[2014/10/16 17:38:42 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/10/16 17:38:42 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014/10/16 17:38:42 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcsvDevice.dll
[2014/10/16 17:38:42 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2014/10/16 17:38:41 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014/10/16 17:38:40 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ProximityService.dll
[2014/10/16 17:38:40 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2014/10/16 17:38:38 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/16 17:38:38 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/16 17:35:06 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/10/16 17:35:06 | 000,672,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/10/16 17:35:05 | 001,702,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/10/16 17:35:05 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/10/16 17:35:05 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/10/16 17:35:05 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/10/16 17:35:05 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/10/16 17:35:05 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/10/16 17:35:05 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/10/16 17:35:05 | 000,054,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/10/16 17:35:05 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/10/16 17:35:05 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/10/16 17:35:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/10/16 17:31:42 | 002,779,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/10/16 17:31:41 | 002,646,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/10/16 17:31:40 | 002,321,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/10/16 15:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/10/16 15:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/10/16 15:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/10/16 15:39:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2014/10/16 15:38:54 | 000,000,000 | ---D | C] -- C:\Users\jessi kavi\AppData\Local\Adobe
[2014/10/15 01:39:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Arc
[2014/10/15 01:35:28 | 000,000,000 | ---D | C] -- C:\Users\jessi kavi\AppData\Roaming\Arc
[2014/10/15 01:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2014/10/14 01:01:54 | 000,153,712 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll
[2014/10/14 01:01:53 | 000,140,280 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll
[2014/10/14 01:01:47 | 000,076,624 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysNative\BGLsp.dll
[2014/10/14 01:01:47 | 000,064,336 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysWow64\BGLsp.dll
[2014/10/07 02:04:45 | 000,000,000 | ---D | C] -- C:\Users\jessi kavi\AppData\Local\Ankama
[2014/10/06 01:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014/10/06 01:20:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment.temp
[2014/10/01 03:48:51 | 003,373,912 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2014/10/01 03:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2014/10/01 03:33:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamesCampus
[6 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/21 03:19:04 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/21 02:27:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/10/21 02:16:22 | 000,076,624 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\BGLsp.dll.PendingBullGuardUpdate
[2014/10/21 02:16:21 | 000,064,336 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysWow64\BGLsp.dll.PendingBullGuardUpdate
[2014/10/21 02:16:18 | 000,140,280 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll.PendingBullGuardUpdate
[2014/10/21 02:16:17 | 000,153,712 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll.PendingBullGuardUpdate
[2014/10/21 00:19:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/21 00:13:06 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/20 15:17:12 | 000,000,544 | ---- | M] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2014/10/20 14:17:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/10/18 15:13:11 | 000,482,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/10/18 15:11:29 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/18 15:11:24 | 3266,396,160 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/17 19:19:31 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/16 15:39:35 | 000,002,188 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/10/16 15:39:35 | 000,002,188 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/10/15 01:35:09 | 000,000,399 | ---- | M] () -- C:\Users\Public\Desktop\Arc.lnk
[2014/10/14 01:01:36 | 000,064,336 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysWow64\BGLsp.dll
[2014/10/14 01:01:35 | 000,076,624 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\BGLsp.dll
[2014/10/14 01:01:33 | 000,153,712 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll
[2014/10/14 01:01:33 | 000,140,280 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll
[2014/10/14 01:01:28 | 000,259,312 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\drivers\NSKernel.sys
[2014/10/10 11:16:51 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/10/09 11:09:34 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/10/09 02:26:44 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/10/09 02:26:44 | 000,731,650 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/10/09 02:26:44 | 000,135,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/10/09 01:03:24 | 000,000,024 | ---- | M] () -- C:\Users\jessi kavi\random.dat
[2014/10/09 01:02:41 | 000,000,024 | ---- | M] () -- C:\Users\jessi kavi\jagexappletviewer.preferences
[2014/10/09 01:00:55 | 000,000,049 | ---- | M] () -- C:\Users\jessi kavi\jagex_cl_runescape_LIVE.dat
[2014/10/07 01:59:50 | 000,000,222 | ---- | M] () -- C:\Users\jessi kavi\Desktop\Wakfu.url
[2014/09/30 11:45:58 | 000,706,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/09/30 11:45:58 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/09/26 11:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/09/26 11:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/09/26 11:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/09/24 03:14:48 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[6 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/10/20 15:17:11 | 000,000,544 | ---- | C] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2014/10/16 17:38:38 | 000,388,729 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/10/16 15:39:35 | 000,002,188 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/10/16 15:39:35 | 000,002,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/10/15 01:35:09 | 000,000,399 | ---- | C] () -- C:\Users\Public\Desktop\Arc.lnk
[2014/10/07 01:59:49 | 000,000,222 | ---- | C] () -- C:\Users\jessi kavi\Desktop\Wakfu.url
[2014/08/24 21:50:12 | 000,000,058 | ---- | C] () -- C:\Windows\JQHApp.dat
[2014/08/23 02:04:05 | 000,000,017 | ---- | C] () -- C:\Users\jessi kavi\AppData\Local\resmon.resmoncfg
[2014/07/09 17:34:12 | 000,000,674 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/06/28 01:02:50 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/06/28 01:02:43 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/06/22 20:28:31 | 000,000,050 | ---- | C] () -- C:\Users\jessi kavi\jagex_cl_runescape_LIVE2.dat
[2014/05/31 07:27:52 | 000,000,054 | ---- | C] () -- C:\Users\jessi kavi\jagex_cl_runescape_LIVE_BETA.dat
[2014/05/31 01:49:09 | 000,000,024 | ---- | C] () -- C:\Users\jessi kavi\jagexappletviewer.preferences
[2014/05/31 01:41:05 | 000,000,050 | ---- | C] () -- C:\Users\jessi kavi\jagex_cl_runescape_LIVE1.dat
[2014/05/25 04:54:47 | 000,000,049 | ---- | C] () -- C:\Users\jessi kavi\jagex_cl_oldschool_LIVE.dat
[2014/05/24 22:27:10 | 000,000,060 | ---- | C] () -- C:\Windows\wininit.ini
[2014/05/23 14:39:37 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/05/23 14:10:22 | 000,000,049 | ---- | C] () -- C:\Users\jessi kavi\jagex_cl_runescape_LIVE.dat
[2014/05/23 14:10:22 | 000,000,024 | ---- | C] () -- C:\Users\jessi kavi\random.dat
[2014/05/17 20:05:27 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/23 04:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/23 04:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/23 03:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 20:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 16:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 12:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 12:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/11/27 01:25:36 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/11/27 01:25:36 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/11/27 01:25:36 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/11/27 01:03:36 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== ZeroAccess Check ==========
 
[2014/07/20 03:03:37 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/16 17:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/16 16:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 22:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 15:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 22:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: EXPLORER.EXE  >
[2014/08/23 20:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\SysWOW64\explorer.exe
[2014/08/23 20:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014/09/22 18:09:29 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/09/22 18:40:06 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/05/30 20:58:37 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014/05/30 20:58:30 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/05/30 20:58:15 | 000,268,164 | ---- | M] () MD5=578A251C234E51BC6B9D684480EEB9DB -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4cc7b16f8214372e\explorer.exe
[2014/05/30 19:17:21 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/08/23 20:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\explorer.exe
[2014/08/23 20:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2014/09/22 18:09:34 | 000,270,403 | ---- | M] () MD5=C20A0C44E241606430009E7F126A1125 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_42a32f914d8ea09c\explorer.exe
[2014/05/30 19:17:12 | 000,284,534 | ---- | M] () MD5=D1EF5DE70183FB717B5FC4593A0E46BD -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2014/05/30 19:17:08 | 000,336,576 | ---- | M] () Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4273071d4db37533\explorer.exe
[2014/05/30 19:17:16 | 000,283,735 | ---- | M] () Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2014/09/22 18:09:24 | 000,271,249 | ---- | M] () Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/05/30 20:58:22 | 000,239,123 | ---- | M] () Unable to obtain MD5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/09/22 18:39:58 | 000,208,662 | ---- | M] () Unable to obtain MD5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/09/22 18:40:13 | 000,219,647 | ---- | M] () Unable to obtain MD5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_4cf7d9e381ef6297\explorer.exe
 
< MD5 for: SERVICES.EXE  >
[2014/03/29 04:58:34 | 000,407,016 | ---- | M] (Microsoft Corporation) MD5=067CB90C277DB4A737D5DEABA3055972 -- C:\Windows\SysNative\services.exe
[2014/03/29 04:58:34 | 000,407,016 | ---- | M] (Microsoft Corporation) MD5=067CB90C277DB4A737D5DEABA3055972 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17084_none_2fd708ffd09a6815\services.exe
[2014/06/14 16:18:26 | 000,082,895 | ---- | M] () Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
 
< MD5 for: SVCHOST.EXE  >
[2014/05/12 08:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2013/08/22 18:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 18:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/23 01:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\SysNative\svchost.exe
[2013/08/23 01:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2013/08/22 23:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\SysNative\userinit.exe
[2013/08/22 23:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 15:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 15:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2014/05/12 08:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/02/22 22:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\SysNative\winlogon.exe
[2014/02/22 22:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/05/30 20:25:51 | 000,089,459 | ---- | M] () Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
 
< %systemroot%\*. /mp /s >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\jessi kavi\SkyDrive:ms-properties
 
< End of report >

  • 0

#3
Maize
Posted 20 October 2014 - 06:37 PM

Maize

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

BUMP!!!!!!!!!!!!!!!!!!!!!!!!!!!!!


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP