cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 22/01/2014 19:09:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HP1\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,47 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 55,69% Memory free
4,10 Gb Paging File | 2,19 Gb Available in Paging File | 53,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 909,96 Gb Total Space | 684,33 Gb Free Space | 75,20% Space Free | Partition Type: NTFS
Drive D: | 20,44 Gb Total Space | 2,46 Gb Free Space | 12,03% Space Free | Partition Type: NTFS

Computer Name: HP | User Name: HP1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2014/01/22 19:03:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HP1\Desktop\OTL.exe
PRC - [2014/01/11 11:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/12/06 21:39:42 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/12/06 21:39:42 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/06 21:39:31 | 000,116,776 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013/11/16 19:06:16 | 000,900,440 | ---- | M] (BitTorrent Inc.) -- C:\Users\HP1\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/11/06 20:07:08 | 000,202,192 | ---- | M] (APN LLC.) -- C:\Users\HP1\AppData\Local\VNT\vntldr.exe
PRC - [2012/08/10 14:46:12 | 001,001,376 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2012/07/27 18:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/07/09 12:40:02 | 000,580,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/07/09 12:40:02 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/06/08 04:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/03/28 18:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2011/08/26 13:37:18 | 001,342,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2014/01/22 19:03:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HP1\Desktop\OTL.exe
MOD - [2014/01/11 11:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2014/01/11 11:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014/01/11 11:29:19 | 013,615,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014/01/11 11:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014/01/11 11:28:16 | 002,148,120 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libpeerconnection.dll
MOD - [2014/01/11 11:28:15 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
MOD - [2014/01/11 11:28:14 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
MOD - [2014/01/11 11:28:12 | 009,963,288 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\icudt.dll
MOD - [2014/01/11 11:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2014/01/11 11:28:04 | 032,014,616 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\chrome_child.dll
MOD - [2014/01/11 11:27:59 | 027,166,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\chrome.dll
MOD - [2014/01/11 10:18:54 | 003,231,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\d3dcompiler_46.dll
MOD - [2013/12/17 08:58:02 | 004,456,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll
MOD - [2013/12/17 08:58:02 | 000,875,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
MOD - [2013/12/17 08:58:02 | 000,535,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
MOD - [2013/12/17 08:41:20 | 000,070,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2013/12/17 08:40:23 | 017,112,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2013/12/17 08:40:23 | 011,221,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2013/12/17 08:40:23 | 002,166,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2013/12/17 08:40:23 | 001,820,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2013/12/17 08:40:23 | 001,157,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2013/12/17 08:39:18 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
MOD - [2013/12/17 08:39:18 | 000,406,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2013/12/06 21:39:47 | 000,163,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2013/12/06 21:39:46 | 001,176,064 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\LIBEAY32.dll
MOD - [2013/12/06 21:39:46 | 000,272,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2013/12/06 21:39:46 | 000,269,312 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\ssleay32.dll
MOD - [2013/12/06 21:39:44 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/06 21:39:44 | 006,289,024 | ---- | M] (The ICU Project) -- C:\Program Files\AVAST Software\Avast\icudt.dll
MOD - [2013/12/06 21:39:44 | 000,544,744 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2013/12/06 21:39:44 | 000,069,384 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastIP.dll
MOD - [2013/12/06 21:39:44 | 000,044,152 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2013/12/06 21:39:43 | 004,087,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2013/12/06 21:39:43 | 000,795,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2013/12/06 21:39:43 | 000,658,568 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2013/12/06 21:39:43 | 000,391,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCommChannel.dll
MOD - [2013/12/06 21:39:43 | 000,358,832 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2013/12/06 21:39:43 | 000,353,176 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2013/12/06 21:39:43 | 000,335,672 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2013/12/06 21:39:43 | 000,270,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2013/12/06 21:39:43 | 000,241,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2013/12/06 21:39:43 | 000,204,856 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013/12/06 21:39:43 | 000,124,016 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2013/12/06 21:39:43 | 000,078,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2013/12/06 21:39:43 | 000,064,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswResourceLib.dll
MOD - [2013/12/06 21:39:43 | 000,062,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2013/12/06 21:39:43 | 000,025,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
MOD - [2013/12/06 21:39:42 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2013/12/06 21:39:42 | 001,179,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2013/12/06 21:39:42 | 000,329,480 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1036\UILangRes.dll
MOD - [2013/12/06 21:39:42 | 000,159,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2013/12/06 21:39:41 | 000,100,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1036\Base.dll
MOD - [2013/12/06 21:39:31 | 001,441,880 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2013/12/06 21:39:31 | 000,164,168 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCoreClient.dll
MOD - [2013/12/06 21:39:31 | 000,041,592 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwGeoIP.dll
MOD - [2013/12/06 21:39:31 | 000,040,056 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwRpc.dll
MOD - [2013/12/06 21:39:31 | 000,038,008 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCore.dll
MOD - [2013/12/06 21:31:15 | 003,166,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\HTMLayout.dll
MOD - [2013/12/04 16:08:48 | 000,037,984 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\14012101\uiExt.dll
MOD - [2013/11/16 19:06:16 | 000,900,440 | ---- | M] (BitTorrent Inc.) -- C:\Users\HP1\AppData\Roaming\uTorrent\uTorrent.exe
MOD - [2013/11/14 08:52:56 | 018,642,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2013/11/14 08:50:08 | 000,698,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2013/11/14 08:44:48 | 001,019,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2013/11/14 08:37:18 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2013/11/14 08:37:18 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2013/11/14 08:37:17 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2013/11/14 08:37:17 | 000,618,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2013/11/14 08:37:17 | 000,235,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2013/11/14 08:37:15 | 000,326,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2013/11/14 08:37:14 | 003,934,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2013/11/14 08:37:14 | 001,799,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2013/11/14 08:37:14 | 001,362,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2013/11/14 08:37:14 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
MOD - [2013/11/14 08:34:32 | 001,018,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2013/11/14 08:31:24 | 001,472,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2013/11/14 08:31:24 | 000,633,344 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpClient.dll
MOD - [2013/11/14 08:31:19 | 001,370,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\combase.dll
MOD - [2013/11/14 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2013/11/14 08:31:17 | 001,092,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2013/11/14 08:31:17 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2013/11/14 08:31:07 | 001,344,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2013/11/14 08:31:07 | 000,513,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2013/11/14 08:31:07 | 000,098,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2013/11/14 08:31:05 | 000,835,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2013/11/14 08:27:36 | 001,067,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2013/11/14 08:27:32 | 001,581,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2013/11/06 20:07:08 | 000,202,192 | ---- | M] (APN LLC.) -- C:\Users\HP1\AppData\Local\VNT\vntldr.exe
MOD - [2013/11/06 20:07:08 | 000,086,016 | ---- | M] (APN LLC.) -- C:\Users\HP1\AppData\Local\VNT\vntsrv.dll
MOD - [2013/09/26 19:02:38 | 006,176,008 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2013/09/26 19:02:36 | 006,189,416 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2013/09/26 19:02:36 | 000,097,984 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2013/09/26 19:02:24 | 001,027,032 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2013/08/22 14:25:36 | 000,025,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2013/08/22 14:25:36 | 000,019,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2013/08/22 14:25:35 | 000,330,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2013/08/22 06:31:42 | 001,766,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2013/08/22 06:31:41 | 000,251,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2013/08/22 06:31:41 | 000,123,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2013/08/22 06:31:40 | 000,237,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2013/08/22 06:31:40 | 000,029,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel.appcore.dll
MOD - [2013/08/22 06:31:40 | 000,016,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2013/08/22 06:30:48 | 000,308,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2013/08/22 06:29:34 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2013/08/22 06:29:31 | 000,108,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2013/08/22 06:29:31 | 000,094,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2013/08/22 06:29:30 | 000,188,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2013/08/22 06:29:30 | 000,171,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntasn1.dll
MOD - [2013/08/22 06:29:29 | 000,147,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2013/08/22 06:29:29 | 000,113,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2013/08/22 06:29:29 | 000,066,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2013/08/22 06:29:29 | 000,050,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2013/08/22 06:29:29 | 000,036,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2013/08/22 06:29:26 | 000,111,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2013/08/22 06:29:26 | 000,095,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2013/08/22 06:29:25 | 000,020,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsrole.dll
MOD - [2013/08/22 06:28:06 | 001,721,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2013/08/22 06:25:38 | 000,025,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2013/08/22 06:25:37 | 000,476,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SHCore.dll
MOD - [2013/08/22 06:25:37 | 000,263,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2013/08/22 06:25:34 | 001,201,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2013/08/22 06:25:01 | 002,804,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2013/08/22 06:24:59 | 001,370,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2013/08/22 06:24:59 | 000,030,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2013/08/22 06:24:57 | 000,103,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2013/08/22 06:22:09 | 000,489,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2013/08/22 06:21:42 | 000,508,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2013/08/22 06:21:03 | 000,780,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2013/08/22 06:21:03 | 000,079,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcd.dll
MOD - [2013/08/22 06:20:03 | 000,265,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2013/08/22 06:20:02 | 000,050,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2013/08/22 06:19:45 | 000,552,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2013/08/22 06:19:23 | 000,128,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2013/08/22 06:19:23 | 000,128,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmmbase.dll
MOD - [2013/08/22 06:19:23 | 000,096,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RTWorkQ.dll
MOD - [2013/08/22 06:19:22 | 000,039,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2013/08/22 06:19:18 | 000,290,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2013/08/22 06:19:12 | 000,518,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2013/08/22 06:19:12 | 000,074,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2013/08/22 06:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2013/08/22 06:17:54 | 000,252,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2013/08/22 06:17:54 | 000,030,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2013/08/22 06:17:53 | 000,118,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2013/08/22 06:17:53 | 000,051,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2013/08/22 05:14:49 | 009,374,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2013/08/22 05:13:19 | 002,428,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2013/08/22 05:12:40 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2013/08/22 05:11:57 | 001,970,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09\comctl32.dll
MOD - [2013/08/22 05:07:58 | 000,535,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_7c55c866aa0c3ff0\comctl32.dll
MOD - [2013/08/22 05:07:29 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2013/08/22 05:07:03 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2013/08/22 05:05:58 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2013/08/22 05:05:51 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2013/08/22 05:02:53 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll
MOD - [2013/08/22 05:02:28 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2013/08/22 05:01:50 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2013/08/22 05:01:32 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2013/08/22 04:54:34 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2013/08/22 04:54:15 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2013/08/22 04:53:54 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2013/08/22 04:51:31 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOAV.dll
MOD - [2013/08/22 04:50:39 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2013/08/22 04:41:24 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnp.dll
MOD - [2013/08/22 04:40:40 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2013/08/22 04:30:06 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2013/08/22 04:11:26 | 002,703,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netshell.dll
MOD - [2013/08/22 04:03:04 | 002,214,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2013/08/22 03:56:50 | 000,711,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2013/08/22 03:55:53 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2013/08/22 03:55:43 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dpapi.dll
MOD - [2013/08/22 03:55:36 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2013/08/22 03:55:30 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2013/08/22 03:55:25 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2013/08/22 03:55:09 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2013/08/22 03:55:04 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2013/08/22 03:54:58 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2013/08/22 03:54:52 | 001,497,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2013/08/22 03:54:48 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2013/08/22 03:54:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2013/08/22 03:54:33 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2013/08/22 03:54:17 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2013/08/22 03:53:48 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
MOD - [2013/08/22 03:53:28 | 002,071,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2013/08/22 03:53:19 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2013/08/22 03:48:53 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2013/08/22 03:46:41 | 000,383,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2013/08/22 03:46:23 | 001,237,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2013/08/22 03:45:41 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2013/08/22 03:45:37 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2013/08/22 03:44:53 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2013/08/22 03:44:29 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
MOD - [2013/08/22 03:43:30 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2013/08/22 03:42:35 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2013/08/22 03:42:31 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2013/08/22 03:42:11 | 001,352,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.16384_none_dadf89385bc5c7d7\GdiPlus.dll
MOD - [2013/08/22 03:40:03 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2013/08/22 03:39:08 | 000,589,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2013/08/22 03:38:52 | 011,760,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2013/08/22 03:38:00 | 000,477,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2013/08/22 03:29:37 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2013/08/22 03:26:01 | 000,877,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2013/08/22 03:25:20 | 001,117,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2013/08/22 03:21:43 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2013/08/22 03:21:07 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2013/08/22 03:18:43 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WinSATAPI.dll
MOD - [2013/08/22 03:12:09 | 000,557,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2013/08/22 03:10:18 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hnetcfg.dll
MOD - [2013/08/17 01:06:29 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll
MOD - [2012/10/29 21:31:11 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll
MOD - [2012/08/16 13:12:06 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2012/08/10 14:47:04 | 002,431,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
MOD - [2012/07/27 18:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
MOD - [2012/07/09 12:40:02 | 000,580,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MOD - [2012/06/08 11:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/08 04:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012/06/08 04:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
MOD - [2012/03/28 18:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
MOD - [2011/08/30 23:05:02 | 000,121,704 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MOD - [2011/08/26 13:37:18 | 001,342,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
MOD - [2011/03/25 03:06:29 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go8\msvcp71.dll
MOD - [2011/03/25 03:06:29 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go8\msvcr71.dll
MOD - [2009/11/02 22:52:34 | 000,075,048 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\CLRCEngine3.dll
MOD - [2009/02/25 18:31:50 | 001,080,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\AVAST Software\Avast\dbghelp.dll


[color=#E56717]========== Services (All) ==========[/color]

SRV:[b]64bit:[/b] - [2013/12/17 08:39:18 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2013/12/17 08:35:16 | 000,546,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (WAS)
SRV:[b]64bit:[/b] - [2013/12/17 08:35:12 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:[b]64bit:[/b] - [2013/12/17 08:35:11 | 000,066,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV:[b]64bit:[/b] - [2013/12/06 21:39:42 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2013/12/06 21:39:31 | 000,116,776 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2013/11/27 16:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2013/11/14 08:37:18 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:37:18 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013/11/14 08:37:16 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2013/11/14 08:37:15 | 003,532,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2013/11/14 08:37:15 | 000,903,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:37:15 | 000,433,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2013/11/14 08:37:14 | 000,255,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2013/11/14 08:37:14 | 000,221,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:11 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:09 | 006,353,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:09 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:09 | 001,503,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:09 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:09 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:09 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:08 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:08 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:07 | 001,245,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:07 | 000,471,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:07 | 000,453,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:[b]64bit:[/b] - [2013/11/14 08:31:06 | 000,353,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2013/11/14 08:27:26 | 001,104,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:[b]64bit:[/b] - [2013/11/14 08:27:26 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2013/11/14 08:16:46 | 000,289,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:[b]64bit:[/b] - [2013/11/14 08:16:44 | 000,220,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:[b]64bit:[/b] - [2013/09/26 19:02:26 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,079,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2013/08/22 13:35:25 | 000,019,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\dllhost.exe -- (COMSysApp)
SRV:[b]64bit:[/b] - [2013/08/22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2013/08/22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2013/08/22 12:40:41 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:[b]64bit:[/b] - [2013/08/22 12:40:29 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:[b]64bit:[/b] - [2013/08/22 12:35:42 | 000,124,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2013/08/22 12:35:42 | 000,124,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umpnpmgr.dll -- (DeviceInstall)
SRV:[b]64bit:[/b] - [2013/08/22 12:34:22 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2013/08/22 12:34:06 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2013/08/22 12:32:36 | 000,014,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:[b]64bit:[/b] - [2013/08/22 12:32:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2013/08/22 12:31:58 | 000,207,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2013/08/22 12:27:56 | 000,147,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:[b]64bit:[/b] - [2013/08/22 12:23:10 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2013/08/22 12:22:30 | 000,101,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2013/08/22 12:22:01 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:[b]64bit:[/b] - [2013/08/22 12:21:38 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:[b]64bit:[/b] - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2013/08/22 12:21:03 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
SRV:[b]64bit:[/b] - [2013/08/22 12:19:57 | 000,188,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:[b]64bit:[/b] - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2013/08/22 12:13:14 | 000,226,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:[b]64bit:[/b] - [2013/08/22 12:13:09 | 000,223,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:[b]64bit:[/b] - [2013/08/22 12:13:02 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:[b]64bit:[/b] - [2013/08/22 12:05:54 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:[b]64bit:[/b] - [2013/08/22 12:05:43 | 000,155,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:[b]64bit:[/b] - [2013/08/22 12:05:43 | 000,155,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:[b]64bit:[/b] - [2013/08/22 12:01:08 | 000,041,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:[b]64bit:[/b] - [2013/08/22 12:01:01 | 000,037,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:55:30 | 000,306,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2013/08/22 11:54:55 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:[b]64bit:[/b] - [2013/08/22 11:52:23 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:48:37 | 001,283,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:[b]64bit:[/b] - [2013/08/22 11:39:20 | 000,634,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:34:13 | 001,443,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:[b]64bit:[/b] - [2013/08/22 11:30:45 | 000,258,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:21:27 | 000,655,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:14 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2013/08/22 11:17:43 | 001,542,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:[b]64bit:[/b] - [2013/08/22 11:10:50 | 001,402,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:07:10 | 001,348,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2013/08/22 11:02:37 | 000,164,864 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:[b]64bit:[/b] - [2013/08/22 11:02:31 | 000,079,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:[b]64bit:[/b] - [2013/08/22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:01:18 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:00:58 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2013/08/22 11:00:18 | 000,050,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2013/08/22 10:59:35 | 000,404,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:[b]64bit:[/b] - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2013/08/22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2013/08/22 10:54:27 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:[b]64bit:[/b] - [2013/08/22 10:54:27 | 000,070,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2013/08/22 10:54:22 | 000,284,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:[b]64bit:[/b] - [2013/08/22 10:54:04 | 000,100,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:53:52 | 000,122,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:[b]64bit:[/b] - [2013/08/22 10:53:49 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:[b]64bit:[/b] - [2013/08/22 10:53:49 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:[b]64bit:[/b] - [2013/08/22 10:53:33 | 000,170,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:[b]64bit:[/b] - [2013/08/22 10:53:13 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2013/08/22 10:53:05 | 000,071,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:[b]64bit:[/b] - [2013/08/22 10:52:38 | 000,100,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:51:14 | 000,144,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2013/08/22 10:50:00 | 000,761,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2013/08/22 10:50:00 | 000,761,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/08/22 10:49:12 | 000,025,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:[b]64bit:[/b] - [2013/08/22 10:48:10 | 000,092,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:[b]64bit:[/b] - [2013/08/22 10:48:09 | 000,324,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2013/08/22 10:48:06 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:[b]64bit:[/b] - [2013/08/22 10:48:04 | 000,220,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2013/08/22 10:46:46 | 000,297,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:[b]64bit:[/b] - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2013/08/22 10:45:19 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:[b]64bit:[/b] - [2013/08/22 10:44:27 | 001,669,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2013/08/22 10:44:18 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2013/08/22 10:41:49 | 000,786,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:41:35 | 000,336,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:[b]64bit:[/b] - [2013/08/22 10:41:13 | 001,311,744 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:40:46 | 000,142,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:[b]64bit:[/b] - [2013/08/22 10:40:30 | 000,468,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2013/08/22 10:39:37 | 000,357,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:[b]64bit:[/b] - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2013/08/22 10:38:52 | 000,449,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:38:21 | 001,032,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:[b]64bit:[/b] - [2013/08/22 10:36:56 | 000,239,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:[b]64bit:[/b] - [2013/08/22 10:35:49 | 002,479,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:[b]64bit:[/b] - [2013/08/22 10:35:48 | 000,387,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:35:27 | 000,403,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2013/08/22 10:35:25 | 000,215,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:32:32 | 000,419,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:32:32 | 000,419,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:25:07 | 000,510,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:24:27 | 000,629,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:[b]64bit:[/b] - [2013/08/22 10:23:55 | 000,878,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:23:23 | 000,716,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2013/08/22 10:23:08 | 000,835,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2013/08/22 10:19:19 | 001,436,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2013/08/22 10:18:58 | 000,534,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2013/08/22 10:17:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:[b]64bit:[/b] - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2013/08/22 10:12:56 | 000,133,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:11:26 | 000,261,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:[b]64bit:[/b] - [2013/08/22 10:10:12 | 000,798,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2013/08/22 10:08:20 | 000,433,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:08:18 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:[b]64bit:[/b] - [2013/08/22 10:07:32 | 001,212,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2013/08/22 10:07:21 | 000,844,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\SearchIndexer.exe -- (WSearch)
SRV:[b]64bit:[/b] - [2013/08/22 10:06:05 | 000,405,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:[b]64bit:[/b] - [2013/08/22 10:05:28 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:[b]64bit:[/b] - [2013/08/22 10:05:22 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2012/08/10 15:24:28 | 000,029,600 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:[b]64bit:[/b] - [2012/08/08 10:36:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2012/07/21 17:30:36 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2011/08/30 23:05:32 | 000,462,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2013/12/17 08:35:14 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013/12/17 08:35:11 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013/12/17 08:35:10 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/12/10 19:16:54 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/14 08:31:19 | 000,285,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2013/11/14 08:31:06 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/11/14 08:31:06 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2013/08/22 14:25:36 | 000,098,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 06:21:45 | 000,017,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2013/08/22 05:12:15 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2013/08/22 05:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2013/08/22 04:56:51 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 04:47:59 | 000,177,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2013/08/22 04:47:58 | 000,198,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2013/08/22 04:37:49 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2013/08/22 04:33:38 | 000,248,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2013/08/22 04:18:45 | 001,477,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/22 03:52:30 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2013/08/22 03:49:21 | 000,688,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netlogon.dll -- (Netlogon)
SRV - [2013/08/22 03:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV - [2013/08/22 03:47:21 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2013/08/22 03:47:21 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2013/08/22 03:41:13 | 000,256,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2013/08/22 03:39:08 | 000,589,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2013/08/22 03:38:29 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2013/08/22 03:35:43 | 002,030,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2013/08/22 03:27:04 | 000,564,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2013/08/22 03:17:17 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2013/08/22 03:16:50 | 000,307,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2013/08/22 03:16:00 | 000,657,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2013/08/10 01:39:31 | 000,050,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2013/08/03 05:47:59 | 000,043,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2013/01/15 20:14:32 | 000,116,648 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2013/01/15 20:14:32 | 000,116,648 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2012/08/10 16:53:44 | 000,085,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/10 14:46:12 | 001,001,376 | ---- | M] (Hewlett-Packard Company) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe -- (hpqwmiex)
SRV - [2012/07/14 02:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/07/09 12:40:02 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)


[color=#E56717]========== Driver Services (All) ==========[/color]

DRV:[b]64bit:[/b] - [2013/12/17 08:39:19 | 001,530,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:[b]64bit:[/b] - [2013/12/17 08:39:19 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2013/12/17 08:39:18 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2013/12/17 08:39:18 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2013/12/17 08:39:18 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2013/12/17 08:39:18 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2013/12/06 21:39:46 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2013/12/06 21:39:46 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2013/12/06 21:39:46 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2013/12/06 21:39:46 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2013/12/06 21:39:46 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2013/12/06 21:39:46 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2013/12/06 21:39:46 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2013/12/06 21:39:34 | 000,028,184 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2013/12/06 21:39:31 | 000,447,888 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswNdisFlt.sys -- (aswNdisFlt)
DRV:[b]64bit:[/b] - [2013/11/14 08:37:15 | 000,258,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:[b]64bit:[/b] - [2013/11/14 08:37:14 | 002,551,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:[b]64bit:[/b] - [2013/11/14 08:37:14 | 002,551,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:[b]64bit:[/b] - [2013/11/14 08:37:14 | 000,523,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:[b]64bit:[/b] - [2013/11/14 08:37:14 | 000,454,656 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:[b]64bit:[/b] - [2013/11/14 08:37:14 | 000,155,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:[b]64bit:[/b] - [2013/11/14 08:37:14 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:23 | 000,579,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:09 | 000,442,368 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:09 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:09 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:06 | 000,675,328 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:06 | 000,404,992 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:06 | 000,244,224 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:06 | 000,207,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:05 | 001,119,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:05 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:05 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:05 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2013/11/14 08:31:05 | 000,101,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:[b]64bit:[/b] - [2013/11/14 08:27:26 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2013/11/14 08:16:41 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2013/11/14 08:16:40 | 000,195,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (RDPDR)
DRV:[b]64bit:[/b] - [2013/11/14 08:16:36 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2013/09/26 19:02:28 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2013/09/26 19:02:26 | 012,526,592 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2013/08/22 16:35:09 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:41 | 002,011,488 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:41 | 000,839,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:41 | 000,358,752 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:41 | 000,058,880 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\npfs.sys -- (Npfs)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:41 | 000,030,208 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\msfs.sys -- (Msfs)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\null.sys -- (Null)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,101,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,088,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,567,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,366,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,107,520 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:[b]64bit:[/b] - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:30 | 000,217,952 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:30 | 000,114,528 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:30 | 000,079,200 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:30 | 000,056,672 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:29 | 000,078,688 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:29 | 000,037,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:[b]64bit:[/b] - [2013/08/22 13:45:37 | 000,033,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:[b]64bit:[/b] - [2013/08/22 13:44:43 | 000,192,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:49 | 000,274,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:49 | 000,017,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,575,840 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasr.sys -- (megasr)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,065,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,058,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,056,672 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,051,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:44 | 000,109,408 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:44 | 000,018,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,114,016 | ---- | M] (PMC-Sierra, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:34 | 000,422,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:34 | 000,168,800 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:34 | 000,142,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:34 | 000,019,808 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,089,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,065,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,064,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,014,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,285,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,124,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,081,760 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,044,896 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,014,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:[b]64bit:[/b] - [2013/08/22 13:41:39 | 000,564,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:[b]64bit:[/b] - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2013/08/22 13:40:31 | 000,014,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:47 | 000,024,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:44 | 000,100,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (disk)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,312,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 13:37:27 | 000,551,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:[b]64bit:[/b] - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2013/08/22 13:37:27 | 000,037,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:[b]64bit:[/b] - [2013/08/22 13:36:51 | 000,097,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:[b]64bit:[/b] - [2013/08/22 13:36:48 | 000,049,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:[b]64bit:[/b] - [2013/08/22 13:36:48 | 000,045,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:[b]64bit:[/b] - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2013/08/22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:32:16 | 000,994,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:[b]64bit:[/b] - [2013/08/22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:24 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\beep.sys -- (Beep)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:20 | 000,316,928 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:18 | 000,200,704 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\exfat.sys -- (exfat)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:17 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:15 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:15 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:08 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:04 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:03 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:02 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:02 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:01 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:[b]64bit:[/b] - [2013/08/22 12:40:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:43 | 000,025,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:41 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:36 | 000,123,904 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:31 | 000,021,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:31 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:31 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:30 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:28 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:27 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:27 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:16 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:16 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:15 | 000,107,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:15 | 000,026,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:13 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:06 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:01 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:00 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:59 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:58 | 000,048,128 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:58 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:58 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:56 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:52 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:45 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:39 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:38 | 000,102,912 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:38 | 000,007,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:37 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:30 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:26 | 000,098,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:25 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:16 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:15 | 000,231,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:07 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:06 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:05 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:00 | 000,212,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:00 | 000,134,656 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (Dfsc)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:50 | 000,408,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:50 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:36 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:34 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:21 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:19 | 000,140,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:02 | 000,282,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:50 | 000,230,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFWpdFs)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:50 | 000,230,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFSensorLP)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:50 | 000,230,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:44 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:37 | 000,084,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:37 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:34 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:33 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:18 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:15 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:07 | 000,663,040 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:07 | 000,151,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:06 | 000,074,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:03 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:[b]64bit:[/b] - [2013/08/22 12:35:56 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWanLegacy)
DRV:[b]64bit:[/b] - [2013/08/22 12:35:56 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:[b]64bit:[/b] - [2013/08/22 12:35:51 | 000,084,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:[b]64bit:[/b] - [2013/08/22 12:35:50 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bridge.sys -- (MsBridge)
DRV:[b]64bit:[/b] - [2013/08/22 12:35:45 | 000,154,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:[b]64bit:[/b] - [2013/08/22 12:35:42 | 000,283,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:[b]64bit:[/b] - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:[b]64bit:[/b] - [2013/08/22 09:46:35 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:[b]64bit:[/b] - [2013/08/22 09:46:35 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:[b]64bit:[/b] - [2013/08/22 09:46:34 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:[b]64bit:[/b] - [2013/08/22 09:46:34 | 000,092,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:[b]64bit:[/b] - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/06/18 15:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:[b]64bit:[/b] - [2013/06/18 15:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:[b]64bit:[/b] - [2013/06/06 20:39:10 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2012/08/24 10:38:28 | 000,448,312 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2012/08/24 10:38:28 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2012/08/24 10:38:26 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:[b]64bit:[/b] - [2012/08/10 15:24:28 | 000,042,400 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:[b]64bit:[/b] - [2012/08/10 15:24:28 | 000,029,600 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:[b]64bit:[/b] - [2012/08/03 14:07:30 | 000,020,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:[b]64bit:[/b] - [2012/07/31 20:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/07/24 10:35:12 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:[b]64bit:[/b] - [2012/07/24 10:35:12 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:[b]64bit:[/b] - [2012/07/21 17:30:36 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2012/07/18 05:59:12 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012/07/03 23:09:08 | 000,269,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:[b]64bit:[/b] - [2012/06/25 10:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:[b]64bit:[/b] - [2012/06/19 15:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)

[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/3
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/3
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{D1D07DCC-F76C-47A0-9631-89F0F3625A42}: "URL" = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D1D07DCC-F76C-47A0-9631-89F0F3625A42}: "URL" = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/3
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPNOT13/3
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()


[2013/01/15 20:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP1\AppData\Roaming\mozilla\Firefox\extensions
[2013/01/15 20:30:02 | 000,000,000 | ---D | M] (uTorrentBar_FR) -- C:\Users\HP1\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
[2013/04/02 18:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - Extension: Google\u00A0Wallet = C:\Users\HP1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\

O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1590837356-3285633776-344450663-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [MRT] C:\WINDOWS\SysNative\MRT.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe (APN LLC.)
O4 - HKU\S-1-5-21-1590837356-3285633776-344450663-1002..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1590837356-3285633776-344450663-1002..\Run: [uTorrent] C:\Users\HP1\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKLM..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\0be01cd3-dcaa-45b9-9450-ecb813452fe7.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38DA87BA-FB23-4D9E-928D-1E5E6C93C06C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F43C4164-E0F1-41D0-8752-163B58C65771}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll) - File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (livessp) - C:\WINDOWS\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {78E345F7-E976-3595-9C30-2458D6A8EC32} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EC43E638-09F0-38CC-A585-72FCCDDF035C} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

NetSvcs:[b]64bit:[/b] lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/01/22 19:03:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\HP1\Desktop\OTL.exe
[2014/01/22 18:18:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/15 20:13:06 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/01/15 20:13:06 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/01/15 20:13:05 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/01/15 20:13:05 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/01/15 20:13:05 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/01/15 20:13:04 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/01/15 20:13:04 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/01/15 20:13:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/01/15 20:12:58 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/01/04 13:44:42 | 004,121,952 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\HP1\Desktop\TDSSKiller.exe
[2014/01/04 13:39:03 | 000,054,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys.bak
[2014/01/04 13:39:03 | 000,026,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WpdUpFltr.sys.bak
[2014/01/04 13:39:03 | 000,023,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WppRecorder.sys.bak
[2014/01/04 13:39:02 | 000,020,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\SysNative\drivers\WirelessButtonDriver64.sys.bak
[2014/01/04 13:39:02 | 000,018,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wmilib.sys.bak
[2014/01/04 13:39:01 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys.bak
[2014/01/04 13:39:01 | 000,061,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhv.sys.bak
[2014/01/04 13:39:00 | 000,124,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys.bak
[2014/01/04 13:39:00 | 000,060,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdfLdr.sys.bak
[2014/01/04 13:39:00 | 000,038,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\werkernel.sys.bak
[2014/01/04 13:38:59 | 000,265,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys.bak
[2014/01/04 13:38:59 | 000,034,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys.bak
[2014/01/04 13:38:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys.bak
[2014/01/04 13:38:57 | 000,305,504 | ---- | C] (VIA Corporation) -- C:\WINDOWS\SysNative\drivers\VSTXRAID.SYS.bak
[2014/01/04 13:38:56 | 000,069,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys.bak
[2014/01/04 13:38:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmgencounter.sys.bak
[2014/01/04 13:38:54 | 000,090,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys.bak
[2014/01/04 13:38:53 | 000,175,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys.bak
[2014/01/04 13:38:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\videoprt.sys.bak
[2014/01/04 13:38:52 | 000,057,000 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\usbfilter.sys.bak
[2014/01/04 13:38:52 | 000,032,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/04 13:38:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbrpm.sys.bak
[2014/01/04 13:38:51 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys.bak
[2014/01/04 13:38:49 | 000,121,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys.bak
[2014/01/04 13:38:49 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/04 13:38:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tdi.sys.bak
[2014/01/04 13:38:47 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tape.sys.bak
[2014/01/04 13:38:47 | 000,021,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tbs.sys.bak
[2014/01/04 13:38:46 | 000,540,160 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\SysNative\drivers\stwrt64.sys.bak
[2014/01/04 13:38:46 | 000,448,312 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys.bak
[2014/01/04 13:38:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stream.sys.bak
[2014/01/04 13:38:45 | 000,374,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys.bak
[2014/01/04 13:38:44 | 000,107,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys.bak
[2014/01/04 13:38:44 | 000,031,072 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\SysNative\drivers\stexstor.sys.bak
[2014/01/04 13:38:43 | 000,072,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SpbCx.sys.bak
[2014/01/04 13:38:42 | 000,043,832 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\Smb_driver_Intel.sys.bak
[2014/01/04 13:38:42 | 000,041,272 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\Smb_driver_AMDASF.sys.bak
[2014/01/04 13:38:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\smclib.sys.bak
[2014/01/04 13:38:41 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys.bak
[2014/01/04 13:38:40 | 000,170,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\scsiport.sys.bak
[2014/01/04 13:38:40 | 000,069,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx.sys.bak
[2014/01/04 13:38:39 | 000,591,360 | ---- | C] (Realtek ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys.bak
[2014/01/04 13:38:39 | 000,269,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\RtsP2Stor.sys.bak
[2014/01/04 13:38:38 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RNDISMP.sys.bak
[2014/01/04 13:38:38 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rootmdm.sys.bak
[2014/01/04 13:38:37 | 000,924,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys.bak
[2014/01/04 13:38:37 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys.bak
[2014/01/04 13:38:36 | 000,027,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys.bak
[2014/01/04 13:38:33 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys.bak
[2014/01/04 13:38:29 | 000,478,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys.bak
[2014/01/04 13:38:29 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc63.sys.bak
[2014/01/04 13:38:27 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ndu.sys.bak
[2014/01/04 13:38:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisVirtualBus.sys.bak
[2014/01/04 13:38:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys.bak
[2014/01/04 13:38:24 | 000,063,840 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\SysNative\drivers\mvumis.sys.bak
[2014/01/04 13:38:22 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mslldp.sys.bak
[2014/01/04 13:38:22 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mshidumdf.sys.bak
[2014/01/04 13:38:21 | 000,146,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys.bak
[2014/01/04 13:38:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mcd.sys.bak
[2014/01/04 13:38:16 | 000,093,536 | ---- | C] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/04 13:38:16 | 000,082,784 | ---- | C] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sss.sys.bak
[2014/01/04 13:38:16 | 000,081,760 | ---- | C] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas3.sys.bak
[2014/01/04 13:38:13 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\irda.sys.bak
[2014/01/04 13:38:11 | 000,651,248 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorAV.sys.bak
[2014/01/04 13:38:10 | 000,645,952 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorA.sys.bak
[2014/01/04 13:38:10 | 000,099,320 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_I2C.sys.bak
[2014/01/04 13:38:10 | 000,024,568 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_GPIO.sys.bak
[2014/01/04 13:38:09 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\HyperVideo.sys.bak
[2014/01/04 13:38:09 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hyperkbd.sys.bak
[2014/01/04 13:38:08 | 000,064,352 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys.bak
[2014/01/04 13:38:08 | 000,029,600 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\hpdskflt.sys.bak
[2014/01/04 13:38:07 | 000,428,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/04 13:38:06 | 000,030,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys.bak
[2014/01/04 13:38:03 | 003,357,024 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys.bak
[2014/01/04 13:38:03 | 000,082,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\EhStorClass.sys.bak
[2014/01/04 13:38:02 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys.bak
[2014/01/04 13:38:01 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys.bak
[2014/01/04 13:38:01 | 000,071,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys.bak
[2014/01/04 13:38:01 | 000,033,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpata.sys.bak
[2014/01/04 13:38:00 | 000,036,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys.bak
[2014/01/04 13:38:00 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dmvsc.sys.bak
[2014/01/04 13:38:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dmpusbstor.sys.bak
[2014/01/04 13:37:59 | 000,068,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys.bak
[2014/01/04 13:37:59 | 000,057,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys.bak
[2014/01/04 13:37:58 | 000,092,536 | ---- | C] (CyberLink) -- C:\WINDOWS\SysNative\drivers\CLVirtualDrive.sys.bak
[2014/01/04 13:37:58 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\condrv.sys.bak
[2014/01/04 13:37:57 | 000,377,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys.bak
[2014/01/04 13:37:57 | 000,337,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys.bak
[2014/01/04 13:37:56 | 000,531,296 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys.bak
[2014/01/04 13:37:55 | 000,017,624 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\bcmfn2.sys.bak
[2014/01/04 13:37:54 | 000,619,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmpag.sys.bak
[2014/01/04 13:37:52 | 012,526,592 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmdag.sys.bak
[2014/01/04 13:37:52 | 000,098,472 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\AtihdW86.sys.bak
[2014/01/04 13:37:51 | 003,680,256 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys.bak
[2014/01/04 13:37:50 | 000,026,280 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amd_xata.sys.bak
[2014/01/04 13:37:49 | 000,259,424 | ---- | C] (AMD Technologies Inc.) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys.bak
[2014/01/04 13:37:49 | 000,079,528 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amd_sata.sys.bak
[2014/01/04 13:37:49 | 000,025,952 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdxata.sys.bak
[2014/01/04 13:37:48 | 000,079,200 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdsata.sys.bak
[2014/01/04 13:37:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys.bak
[2014/01/04 13:37:47 | 000,782,176 | ---- | C] (PMC-Sierra) -- C:\WINDOWS\SysNative\drivers\adp80xx.sys.bak
[2014/01/04 13:37:47 | 000,079,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpiex.sys.bak
[2014/01/04 13:37:46 | 000,042,400 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\Accelerometer.sys.bak
[2014/01/04 13:37:45 | 000,108,896 | ---- | C] (LSI) -- C:\WINDOWS\SysNative\drivers\3ware.sys.bak
[17 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/01/22 19:13:03 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/01/22 19:03:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HP1\Desktop\OTL.exe
[2014/01/22 18:57:00 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/22 18:28:53 | 002,025,010 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/01/22 18:28:53 | 000,886,220 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2014/01/22 18:28:53 | 000,786,952 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/01/22 18:28:53 | 000,191,910 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2014/01/22 18:28:53 | 000,161,212 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/01/22 18:25:57 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/22 18:25:36 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/22 18:25:28 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/22 18:23:26 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/01/22 18:23:21 | 2981,527,552 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/22 18:19:03 | 001,236,282 | ---- | M] () -- C:\Users\HP1\Desktop\adwcleaner (1).exe
[2014/01/15 07:03:13 | 000,002,297 | ---- | M] () -- C:\Users\HP1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/13 22:19:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/01/06 23:31:05 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/01/06 23:31:05 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/06 20:47:00 | 000,237,399 | ---- | M] () -- C:\Users\HP1\Documents\netteler.odt
[2014/01/04 13:44:15 | 000,054,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys.bak
[2014/01/04 13:44:15 | 000,026,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WpdUpFltr.sys.bak
[2014/01/04 13:44:15 | 000,023,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WppRecorder.sys.bak
[2014/01/04 13:44:15 | 000,018,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wmilib.sys.bak
[2014/01/04 13:44:14 | 000,061,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhv.sys.bak
[2014/01/04 13:44:14 | 000,020,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\SysNative\drivers\WirelessButtonDriver64.sys.bak
[2014/01/04 13:44:13 | 000,136,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys.bak
[2014/01/04 13:44:12 | 000,124,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys.bak
[2014/01/04 13:44:12 | 000,060,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdfLdr.sys.bak
[2014/01/04 13:44:12 | 000,038,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\werkernel.sys.bak
[2014/01/04 13:44:11 | 000,265,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys.bak
[2014/01/04 13:44:10 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys.bak
[2014/01/04 13:44:10 | 000,034,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys.bak
[2014/01/04 13:44:09 | 000,305,504 | ---- | M] (VIA Corporation) -- C:\WINDOWS\SysNative\drivers\VSTXRAID.SYS.bak
[2014/01/04 13:44:08 | 000,069,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys.bak
[2014/01/04 13:44:06 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmgencounter.sys.bak
[2014/01/04 13:44:05 | 000,090,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys.bak
[2014/01/04 13:44:05 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\videoprt.sys.bak
[2014/01/04 13:44:04 | 000,175,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys.bak
[2014/01/04 13:44:04 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbrpm.sys.bak
[2014/01/04 13:44:03 | 000,057,000 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\usbfilter.sys.bak
[2014/01/04 13:44:03 | 000,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/04 13:44:03 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys.bak
[2014/01/04 13:44:01 | 000,121,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys.bak
[2014/01/04 13:44:01 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/04 13:44:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tdi.sys.bak
[2014/01/04 13:43:59 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tape.sys.bak
[2014/01/04 13:43:59 | 000,021,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tbs.sys.bak
[2014/01/04 13:43:58 | 000,540,160 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\SysNative\drivers\stwrt64.sys.bak
[2014/01/04 13:43:58 | 000,448,312 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys.bak
[2014/01/04 13:43:57 | 000,374,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys.bak
[2014/01/04 13:43:57 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stream.sys.bak
[2014/01/04 13:43:56 | 000,107,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys.bak
[2014/01/04 13:43:56 | 000,031,072 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\SysNative\drivers\stexstor.sys.bak
[2014/01/04 13:43:55 | 000,072,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SpbCx.sys.bak
[2014/01/04 13:43:54 | 000,043,832 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\Smb_driver_Intel.sys.bak
[2014/01/04 13:43:54 | 000,041,272 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\Smb_driver_AMDASF.sys.bak
[2014/01/04 13:43:54 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\smclib.sys.bak
[2014/01/04 13:43:53 | 000,146,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys.bak
[2014/01/04 13:43:52 | 000,069,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx.sys.bak
[2014/01/04 13:43:51 | 000,170,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\scsiport.sys.bak
[2014/01/04 13:43:50 | 000,269,968 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\RtsP2Stor.sys.bak
[2014/01/04 13:43:49 | 000,591,360 | ---- | M] (Realtek ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys.bak
[2014/01/04 13:43:49 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rootmdm.sys.bak
[2014/01/04 13:43:48 | 000,924,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys.bak
[2014/01/04 13:43:48 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys.bak
[2014/01/04 13:43:48 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RNDISMP.sys.bak
[2014/01/04 13:43:47 | 000,027,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys.bak
[2014/01/04 13:43:43 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys.bak
[2014/01/04 13:43:39 | 000,478,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys.bak
[2014/01/04 13:43:39 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc63.sys.bak
[2014/01/04 13:43:38 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ndu.sys.bak
[2014/01/04 13:43:37 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisVirtualBus.sys.bak
[2014/01/04 13:43:36 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys.bak
[2014/01/04 13:43:35 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\SysNative\drivers\mvumis.sys.bak
[2014/01/04 13:43:33 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mslldp.sys.bak
[2014/01/04 13:43:32 | 000,146,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys.bak
[2014/01/04 13:43:32 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mshidumdf.sys.bak
[2014/01/04 13:43:28 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mcd.sys.bak
[2014/01/04 13:43:27 | 000,093,536 | ---- | M] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/04 13:43:27 | 000,082,784 | ---- | M] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sss.sys.bak
[2014/01/04 13:43:27 | 000,081,760 | ---- | M] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas3.sys.bak
[2014/01/04 13:43:24 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\irda.sys.bak
[2014/01/04 13:43:22 | 000,651,248 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorAV.sys.bak
[2014/01/04 13:43:22 | 000,645,952 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorA.sys.bak
[2014/01/04 13:43:21 | 000,099,320 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_I2C.sys.bak
[2014/01/04 13:43:21 | 000,024,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_GPIO.sys.bak
[2014/01/04 13:43:21 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\HyperVideo.sys.bak
[2014/01/04 13:43:20 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hyperkbd.sys.bak
[2014/01/04 13:43:19 | 000,064,352 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys.bak
[2014/01/04 13:43:19 | 000,029,600 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\hpdskflt.sys.bak
[2014/01/04 13:43:18 | 000,428,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/04 13:43:17 | 000,030,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys.bak
[2014/01/04 13:43:14 | 003,357,024 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys.bak
[2014/01/04 13:43:14 | 000,082,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\EhStorClass.sys.bak
[2014/01/04 13:43:13 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys.bak
[2014/01/04 13:43:13 | 000,071,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys.bak
[2014/01/04 13:43:12 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys.bak
[2014/01/04 13:43:12 | 000,033,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpata.sys.bak
[2014/01/04 13:43:11 | 000,036,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys.bak
[2014/01/04 13:43:11 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dmvsc.sys.bak
[2014/01/04 13:43:11 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dmpusbstor.sys.bak
[2014/01/04 13:43:10 | 000,068,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys.bak
[2014/01/04 13:43:10 | 000,057,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys.bak
[2014/01/04 13:43:10 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\condrv.sys.bak
[2014/01/04 13:43:09 | 000,377,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys.bak
[2014/01/04 13:43:09 | 000,092,536 | ---- | M] (CyberLink) -- C:\WINDOWS\SysNative\drivers\CLVirtualDrive.sys.bak
[2014/01/04 13:43:08 | 000,531,296 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys.bak
[2014/01/04 13:43:08 | 000,337,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys.bak
[2014/01/04 13:43:06 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmpag.sys.bak
[2014/01/04 13:43:06 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\bcmfn2.sys.bak
[2014/01/04 13:43:05 | 012,526,592 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmdag.sys.bak
[2014/01/04 13:43:04 | 000,098,472 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\AtihdW86.sys.bak
[2014/01/04 13:43:03 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys.bak
[2014/01/04 13:43:02 | 000,026,280 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amd_xata.sys.bak
[2014/01/04 13:43:01 | 000,259,424 | ---- | M] (AMD Technologies Inc.) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys.bak
[2014/01/04 13:43:01 | 000,079,528 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amd_sata.sys.bak
[2014/01/04 13:43:01 | 000,025,952 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdxata.sys.bak
[2014/01/04 13:43:00 | 000,079,200 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdsata.sys.bak
[2014/01/04 13:43:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys.bak
[2014/01/04 13:42:59 | 000,782,176 | ---- | M] (PMC-Sierra) -- C:\WINDOWS\SysNative\drivers\adp80xx.sys.bak
[2014/01/04 13:42:58 | 000,108,896 | ---- | M] (LSI) -- C:\WINDOWS\SysNative\drivers\3ware.sys.bak
[2014/01/04 13:42:58 | 000,079,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpiex.sys.bak
[2014/01/04 13:42:58 | 000,042,400 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\Accelerometer.sys.bak
[17 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/01/22 18:19:11 | 001,236,282 | ---- | C] () -- C:\Users\HP1\Desktop\adwcleaner (1).exe
[2014/01/15 20:13:02 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/01/15 20:13:02 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/13 22:19:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/01/06 20:46:57 | 000,237,399 | ---- | C] () -- C:\Users\HP1\Documents\netteler.odt
[2013/12/17 08:48:18 | 001,959,360 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/12/17 08:45:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/09/26 19:02:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/26 19:02:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/26 19:02:36 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/09/26 19:02:18 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/26 19:02:18 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/09/26 19:02:12 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/07/25 21:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 21:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 21:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
[2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/14 08:52:56 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/14 08:52:56 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]


[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\(null)]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\Apple Computer, Inc.]

[HKEY_CURRENT_USER\Software\ATI]

[HKEY_CURRENT_USER\Software\Avast Software]

[HKEY_CURRENT_USER\Software\BitTorrent]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\CyberLink]

[HKEY_CURRENT_USER\Software\Disc Soft]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\Hewlett-Packard]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\Mine]

[HKEY_CURRENT_USER\Software\Modern UI Test]

[HKEY_CURRENT_USER\Software\mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\Norton]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\PTECH]

[HKEY_CURRENT_USER\Software\RealNetworks]

[HKEY_CURRENT_USER\Software\RegisteredApplications]

[HKEY_CURRENT_USER\Software\Symantec]

[HKEY_CURRENT_USER\Software\Synaptics]

[HKEY_CURRENT_USER\Software\TeleCharger]

[HKEY_CURRENT_USER\Software\The Document Foundation]

[HKEY_CURRENT_USER\Software\TuneUp]

[HKEY_CURRENT_USER\Software\Turbopoker.fr]

[HKEY_CURRENT_USER\Software\VB and VBA Program Settings]

[HKEY_CURRENT_USER\Software\VNT]

[HKEY_CURRENT_USER\Software\WinRAR]

[HKEY_CURRENT_USER\Software\WinRAR SFX]

[HKEY_CURRENT_USER\Software\Wow6432Node]

[HKEY_CURRENT_USER\Software\ZebHelpProcess Helper]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKLM\Software >[/color]
"" =

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AdobeFlashPlayerUpdate]

[HKEY_LOCAL_MACHINE\Software\AdwCleaner]

[HKEY_LOCAL_MACHINE\Software\AMD]

[HKEY_LOCAL_MACHINE\Software\AppDataLow]

[HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.]

[HKEY_LOCAL_MACHINE\Software\Apple Inc.]

[HKEY_LOCAL_MACHINE\Software\Atheros]

[HKEY_LOCAL_MACHINE\Software\ATI]

[HKEY_LOCAL_MACHINE\Software\ATI Technologies]

[HKEY_LOCAL_MACHINE\Software\AVAST Software]

[HKEY_LOCAL_MACHINE\Software\Bunndle]

[HKEY_LOCAL_MACHINE\Software\Caphyon]

[HKEY_LOCAL_MACHINE\Software\CDDB]

[HKEY_LOCAL_MACHINE\Software\ChrisPC Free Anonymous Proxy]

[HKEY_LOCAL_MACHINE\Software\CyberLink]

[HKEY_LOCAL_MACHINE\Software\Disc Soft]

[HKEY_LOCAL_MACHINE\Software\dotNetInstaller]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\Hewlett-Packard]

[HKEY_LOCAL_MACHINE\Software\IDT]

[HKEY_LOCAL_MACHINE\Software\Insyde]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\Khronos]

[HKEY_LOCAL_MACHINE\Software\Lake]

[HKEY_LOCAL_MACHINE\Software\LibreOffice]

[HKEY_LOCAL_MACHINE\Software\Licenses]

[HKEY_LOCAL_MACHINE\Software\Loader]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\Qualcomm Atheros]

[HKEY_LOCAL_MACHINE\Software\RealNetworks]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.]

[HKEY_LOCAL_MACHINE\Software\SweetIM]

[HKEY_LOCAL_MACHINE\Software\Symantec]

[HKEY_LOCAL_MACHINE\Software\The Document Foundation]

[HKEY_LOCAL_MACHINE\Software\TuneUp]

[HKEY_LOCAL_MACHINE\Software\VideoLAN]

[HKEY_LOCAL_MACHINE\Software\Volatile]

[HKEY_LOCAL_MACHINE\Software\WildTangent]

[HKEY_LOCAL_MACHINE\Software\WinRAR]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node]

[HKEY_LOCAL_MACHINE\Software\Xing Technology Corp.]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[color=#A23BEC]< HKCU\Software\Microsoft\Comman d Processor /s >[/color]

[color=#A23BEC]< HKLM\Software\Microsoft\Comman d Processor /s >[/color]

[color=#A23BEC]< %Homedrive%\* >[/color]
[2012/07/26 04:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2013/06/18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2012/08/04 00:21:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/01/04 13:50:57 | 000,001,434 | ---- | M] () -- C:\DelFix.txt
[2014/01/22 18:23:21 | 2981,527,552 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/22 18:23:26 | 671,088,640 | -HS- | M] () -- C:\pagefile.sys
[2014/01/22 18:23:26 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/01/04 13:51:37 | 000,210,638 | ---- | M] () -- C:\TDSSKiller.3.0.0.19_04.01.2014_13.46.31_log.txt
[2014/01/21 18:41:01 | 000,211,082 | ---- | M] () -- C:\TDSSKiller.3.0.0.19_21.01.2014_18.39.48_log.txt

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2013/12/17 12:22:39 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2014/01/22 18:22:33 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2012/08/04 00:21:36 | 000,000,000 | -HSD | M] -- C:\Boot
[2013/12/21 12:52:25 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012/08/24 11:06:29 | 000,000,000 | -H-D | M] -- C:\HP
[2013/12/17 08:35:22 | 000,000,000 | ---D | M] -- C:\inetpub
[2013/08/22 16:22:35 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013/04/20 10:28:53 | 000,000,000 | ---D | M] -- C:\Poker
[2013/12/17 08:55:52 | 000,000,000 | R--D | M] -- C:\Program Files
[2014/01/04 13:50:57 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2014/01/04 13:01:10 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/12/17 08:42:50 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012/12/24 13:31:59 | 000,000,000 | ---D | M] -- C:\sources
[2012/10/30 07:01:53 | 000,000,000 | ---D | M] -- C:\SWSetup
[2014/01/22 19:10:34 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012/12/24 13:09:17 | 000,000,000 | -H-D | M] -- C:\SYSTEM.SAV
[2013/12/17 08:56:02 | 000,000,000 | R--D | M] -- C:\Users
[2013/12/19 21:41:49 | 000,000,000 | ---D | M] -- C:\Windows
[2013/09/29 15:14:49 | 000,000,000 | -H-D | M] -- C:\_acestream_cache_

[color=#A23BEC]< %Userprofile%\* >[/color]
[2014/01/22 18:22:46 | 001,310,720 | -HS- | M] () -- C:\Users\HP1\NTUSER.DAT
[2013/12/17 08:52:18 | 000,856,064 | -HS- | M] () -- C:\Users\HP1\ntuser.dat.LOG1
[2013/12/17 08:52:18 | 000,008,192 | -HS- | M] () -- C:\Users\HP1\ntuser.dat.LOG2
[2013/12/17 08:52:19 | 000,065,536 | -HS- | M] () -- C:\Users\HP1\NTUSER.DAT{f2cd3d71-4cfa-11e3-9400-782bcb3a5591}.TM.blf
[2013/12/17 08:52:19 | 000,524,288 | -HS- | M] () -- C:\Users\HP1\NTUSER.DAT{f2cd3d71-4cfa-11e3-9400-782bcb3a5591}.TMContainer00000000000000000001.regtrans-ms
[2013/12/17 08:52:19 | 000,524,288 | -HS- | M] () -- C:\Users\HP1\NTUSER.DAT{f2cd3d71-4cfa-11e3-9400-782bcb3a5591}.TMContainer00000000000000000002.regtrans-ms
[2013/12/17 12:19:27 | 000,000,020 | -HS- | M] () -- C:\Users\HP1\ntuser.ini

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2013/12/17 09:03:15 | 000,000,000 | -H-D | M] -- C:\Users\HP1\AppData
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\Application Data
[2013/12/17 12:20:04 | 000,000,000 | R--D | M] -- C:\Users\HP1\Contacts
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\Cookies
[2014/01/22 19:03:30 | 000,000,000 | R--D | M] -- C:\Users\HP1\Desktop
[2014/01/06 21:34:00 | 000,000,000 | R--D | M] -- C:\Users\HP1\Documents
[2014/01/22 19:03:08 | 000,000,000 | R--D | M] -- C:\Users\HP1\Downloads
[2013/12/17 12:20:04 | 000,000,000 | R--D | M] -- C:\Users\HP1\Favorites
[2013/12/17 12:20:05 | 000,000,000 | R--D | M] -- C:\Users\HP1\Links
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\Local Settings
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\Menu Démarrer
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\Mes documents
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\Modèles
[2013/12/17 12:20:04 | 000,000,000 | R--D | M] -- C:\Users\HP1\Music
[2013/12/17 12:20:04 | 000,000,000 | R--D | M] -- C:\Users\HP1\Pictures
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\Recent
[2013/12/17 12:20:05 | 000,000,000 | R--D | M] -- C:\Users\HP1\Saved Games
[2013/12/17 12:20:42 | 000,000,000 | R--D | M] -- C:\Users\HP1\Searches
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\SendTo
[2013/12/17 12:20:04 | 000,000,000 | R--D | M] -- C:\Users\HP1\Videos
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\Voisinage d'impression
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\Voisinage réseau

[color=#A23BEC]< %Allusersprofile%\* >[/color]

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2012/10/29 21:09:27 | 000,000,000 | ---D | M] -- C:\ProgramData\AMD
[2012/10/29 21:13:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2013/10/16 17:38:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/10/29 21:55:55 | 000,000,000 | ---D | M] -- C:\ProgramData\ATI
[2013/12/06 21:31:18 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2012/12/24 13:05:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2013/04/02 18:55:12 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2012/10/29 21:33:50 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2013/06/08 14:19:09 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2012/10/29 21:47:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Hewlett-Packard
[2012/10/29 21:28:29 | 000,000,000 | ---D | M] -- C:\ProgramData\install_clap
[2012/12/24 13:05:12 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2013/12/17 08:56:01 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2012/12/24 13:05:12 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2013/05/01 17:29:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton
[2012/10/29 21:41:28 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller
[2013/12/17 08:56:01 | 000,000,000 | ---D | M] -- C:\ProgramData\PRICache
[2013/04/02 17:50:27 | 000,000,000 | ---D | M] -- C:\ProgramData\PY_Software
[2012/10/29 21:14:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Qualcomm Atheros
[2013/04/03 18:54:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Real
[2013/11/14 08:16:50 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1991-06.com.microsoft
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012/10/29 21:17:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Synaptics
[2012/10/29 21:34:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2013/04/02 18:55:28 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2012/08/24 11:38:56 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2012/08/24 11:31:43 | 000,000,000 | ---D | M] -- C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4}
[2013/04/02 18:55:12 | 000,000,000 | -HSD | M] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2014/01/22 18:22:45 | 000,046,865 | -H-- | M] () -- C:\Users\HP1\AppData\Local\IconCache.db

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2013/11/14 21:39:14 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Adobe
[2013/04/02 18:07:42 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\adslTV
[2012/12/24 13:12:06 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\AMD
[2013/10/16 17:37:40 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Apple
[2013/10/16 17:38:54 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Apple Computer
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\AppData\Local\Application Data
[2013/01/15 20:13:59 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Apps
[2012/12/24 13:11:53 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\ATI
[2013/09/13 18:50:55 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\avgchrome
[2013/01/15 20:30:05 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\CRE
[2013/01/02 16:18:59 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\CyberLink
[2013/05/01 17:52:30 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Google
[2012/12/26 08:58:45 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Hewlett-Packard
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\AppData\Local\Historique
[2014/01/04 19:17:39 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Microsoft
[2014/01/07 12:40:41 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Packages
[2012/12/24 13:08:59 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Power2Go8
[2013/06/08 14:19:29 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Programs
[2013/06/07 17:23:38 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Sports Interactive
[2014/01/22 19:18:36 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Temp
[2013/12/17 08:52:18 | 000,000,000 | -HSD | M] -- C:\Users\HP1\AppData\Local\Temporary Internet Files
[2013/01/20 13:56:21 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\Updater21810
[2013/12/17 12:22:07 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\VirtualStore
[2013/11/09 10:47:08 | 000,000,000 | ---D | M] -- C:\Users\HP1\AppData\Local\VNT

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< %programFiles%\* >[/color]
[2013/08/22 16:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %programfiles%\Google\Desktop\ Install /s >[/color]

[color=#A23BEC]< %programFiles%\*. >[/color]
[2012/10/29 21:09:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD APP
[2012/10/29 21:09:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD AVT
[2013/10/16 17:37:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2012/10/29 21:09:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2012/10/29 21:13:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2013/10/02 16:58:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ChrisPC Free Anonymous Proxy
[2014/01/04 13:01:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2012/08/24 11:29:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Connected Music powered by Universal Music Group
[2012/10/29 21:36:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2013/06/06 20:39:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013/06/08 14:40:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Football Manager 2013
[2013/07/13 19:12:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2012/10/29 21:47:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2013/09/06 10:37:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2012/08/24 11:48:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2012/08/24 11:29:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HPConnectedMusic
[2013/09/30 18:04:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IlemiTVApp.com
[2012/10/29 21:34:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/12/17 08:40:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2013/01/20 14:05:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LibreOffice 3.6
[2012/08/24 11:14:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2013/10/13 10:51:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/08/24 11:19:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2013/04/02 18:43:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2013/12/17 08:35:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2012/12/24 13:09:38 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2012/10/29 21:14:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Qualcomm Atheros
[2013/04/03 18:54:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Real
[2012/10/29 21:12:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2013/12/17 08:35:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2013/10/16 17:38:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Safari
[2012/10/29 21:43:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SymSilent
[2013/01/15 20:24:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2013/11/09 10:46:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VNT
[2012/08/24 11:48:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildGames
[2012/08/24 11:48:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent Games
[2013/11/14 08:54:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2012/08/24 11:20:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2013/11/14 08:13:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2013/12/17 08:55:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2013/08/22 16:36:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Multimedia Platform
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2013/11/14 08:13:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2013/08/22 16:36:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2013/12/17 08:55:57 | 000,000,000 | -HSD | M] -- C:\Program Files (x86)\Windows Sidebar
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WindowsPowerShell
[2013/06/07 16:50:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR

[color=#A23BEC]< %Systemroot%\Installer\*. >[/color]
[2012/08/24 11:18:54 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\$PatchCache$
[2013/06/06 20:41:04 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI1C2C.tmp-
[2013/06/06 20:41:48 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI349F.tmp-
[2013/06/06 20:41:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIF8D2.tmp-
[2012/10/29 21:16:08 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{01BA2999-D426-422B-AD01-9937288E55F9}
[2012/10/29 21:26:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
[2012/08/24 11:34:59 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}
[2012/10/29 21:09:26 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{08F2724F-3B6A-91BD-E63F-1B9F8463D097}
[2012/10/29 21:09:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{097CB5A1-D19E-F62A-6400-91DBF8D97B17}
[2012/10/29 21:18:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{0C57987A-A03A-4B95-A309-D23F78F406CA}
[2012/10/29 21:09:02 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{0DCCD5F4-29E7-4AA0-8C1D-F8E1503B91F4}
[2012/10/29 21:09:09 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{0EF2A1AF-6F24-FD4B-3140-3656CC9A6BEC}
[2012/10/29 21:21:38 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{0FA995CC-C849-4755-B14B-5404CC75DC24}
[2012/10/29 21:09:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{11230C68-9248-D3B8-A0C5-0461D8C0691E}
[2013/04/02 18:54:46 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE}
[2012/10/29 21:09:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{14D155F8-40FC-F843-30C6-8776BF5CEBAA}
[2012/08/24 11:29:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{16B7BDA1-B967-4D2D-8B27-E12727C28350}
[2013/12/17 17:59:12 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{192A227B-A8C8-4C6D-B939-21FAEB007E1E}
[2012/10/29 21:20:59 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}
[2012/08/24 11:12:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{1D9458B5-414A-419E-824B-5F8AA148884E}
[2012/10/29 21:23:16 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
[2012/10/29 21:09:12 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{29A6A747-07ED-DB5E-AD38-5F66B06E8888}
[2012/10/29 21:29:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
[2012/10/29 21:09:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{2BE3A1BC-D155-1D32-9080-685C54689C34}
[2012/10/29 21:09:06 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{2F413B34-8C18-328C-E68C-0332AB527CFF}
[2012/10/29 21:09:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{3D062C86-0CCA-8F10-A575-3564BD50372C}
[2012/10/29 21:09:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{3E2D81D1-5FEE-6E90-2E0C-B8C15F05237A}
[2013/11/09 10:47:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{434D452D-5637-006A-76A7-A758B70C0700}
[2012/10/29 21:09:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{47B3FDA1-E7F2-D3C3-0970-B9916C5530F3}
[2012/08/24 11:10:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{4862344A-A39C-4897-ACD4-A1BED5163C5A}
[2012/08/24 11:07:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}
[2012/10/29 21:09:25 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}
[2012/08/24 11:12:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{528AB81B-D65A-4AB0-A2B6-82B51A087D01}
[2013/12/17 17:59:01 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{56D4499E-AC3E-4B8D-91C9-C700C148C44B}
[2012/10/29 21:09:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{5CBA9A98-4CAE-92DC-4662-A77268EE1D04}
[2012/10/29 21:09:06 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{5F1C0CF4-49C6-B096-0F72-AA2C319BBEE0}
[2013/01/20 14:05:26 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{60B2F25C-22CB-4CD9-9168-8C63708DC1A1}
[2012/08/24 11:15:47 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}
[2012/10/29 21:09:14 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{650AA9FB-CA49-A284-8E13-F3732CC20D9A}
[2012/10/29 21:09:12 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{6DF0DAF1-BED0-F5BB-B96E-10AA15DF65E7}
[2012/10/29 21:13:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
[2012/08/24 11:34:54 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}
[2012/10/29 21:08:19 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{73AD6CBA-D50D-F30C-E579-14389FF41D1D}
[2013/10/16 17:37:39 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
[2012/10/29 21:09:06 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{7AF962CF-7018-C589-8439-EA7C9F2FA200}
[2012/10/29 21:09:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{7BB80D45-4024-2E0C-FC0D-45A319CD3F99}
[2013/10/12 10:17:47 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
[2012/10/29 21:15:17 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}
[2012/08/24 11:14:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{95140000-0070-0000-0000-0000000FF1CE}
[2012/10/29 21:09:09 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{95A762D1-99E7-F428-99B3-E3CC636C48D9}
[2012/10/29 21:09:08 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{96DAE3D0-5008-F1FC-186D-0B364071C98C}
[2012/10/29 21:09:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{9B42457E-3781-7293-5643-C722BA43397E}
[2012/10/29 21:09:14 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{9E2BCF78-EDAD-A8BC-123D-10E0D9234753}
[2012/10/29 21:09:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{9FEDC691-A307-D525-7D71-EDB97240CFF3}
[2012/10/29 21:09:15 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{A257DDD7-AFD4-ABEA-0F67-9C3930091B19}
[2012/08/24 11:20:49 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{A726AE06-AAA3-43D1-87E3-70F510314F04}
[2012/10/29 21:09:08 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{AB1F1677-926B-894A-A890-56A3FCD9794B}
[2012/10/29 21:09:12 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{ACC5984D-6859-874C-B939-058DED2692FA}
[2012/10/29 21:40:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
[2012/08/24 11:34:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{B8019B54-F9BE-490A-9619-6D06F18F129F}
[2013/10/14 17:53:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}
[2012/10/29 21:09:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{C458E818-0B4F-C961-AFDF-29F172EE5A1B}
[2012/10/29 21:24:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}
[2013/10/16 17:38:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}
[2012/10/29 21:08:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}
[2012/10/29 21:33:47 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
[2012/10/29 21:09:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{E175B925-538F-6D69-A9C9-4D0699648752}
[2012/10/29 21:09:12 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{E46BF405-4ADF-36F4-A0EA-EF4CDF1A21E6}
[2012/10/29 21:48:08 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}
[2012/08/24 11:19:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]
[2013/08/22 22:19:32 | 000,349,176 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
[2012/08/24 10:38:00 | 000,227,128 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Program Files\Synaptics\SynTP\InstNT.exe
[2012/08/24 10:38:04 | 000,245,048 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Program Files\Synaptics\SynTP\SynMood.exe
[2012/08/24 10:38:08 | 002,916,152 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2012/08/24 10:38:10 | 000,123,704 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Program Files\Synaptics\SynTP\SynTPHelper.exe
[2012/08/24 10:38:10 | 000,253,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Program Files\Synaptics\SynTP\SynZMetr.exe
[2012/08/24 10:38:12 | 000,339,256 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Program Files\Synaptics\SynTP\Tutorial.exe
[2013/08/22 22:19:33 | 000,640,352 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\sources\recovery\RecEnv.exe
[2013/08/22 22:19:33 | 000,707,072 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\sources\recovery\StartRep.exe
[2013/08/22 14:45:34 | 000,056,832 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\bfsvc.exe
[2013/08/22 22:18:47 | 000,017,408 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\hh.exe
[2013/08/22 14:45:35 | 000,151,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\regedit.exe
[2013/08/22 14:45:24 | 001,186,144 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\Boot\PCAT\memtest.exe
[2013/11/14 08:14:05 | 000,641,880 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\Boot\PXE\bootmgr.exe
[2013/08/22 14:25:36 | 000,098,816 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\servicing\TrustedInstaller.exe
[2013/08/22 14:45:21 | 000,025,088 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\ARP.EXE
[2013/08/22 14:45:30 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\attrib.exe
[2013/08/22 14:45:35 | 000,891,392 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\autochk.exe
[2013/08/22 14:45:34 | 000,902,144 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\autoconv.exe
[2013/08/22 14:45:30 | 000,165,376 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\bcdboot.exe
[2013/08/22 14:45:34 | 000,349,696 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\bcdedit.exe
[2013/08/22 22:19:33 | 000,408,576 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\bmrui.exe
[2013/08/22 14:45:30 | 000,087,040 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\bootcfg.exe
[2013/08/22 22:19:33 | 000,342,528 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\BootRec.exe
[2013/08/22 14:45:31 | 000,109,408 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\bootsect.exe
[2013/08/22 14:45:30 | 000,024,064 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\chkdsk.exe
[2013/08/22 14:45:30 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\chkntfs.exe
[2013/08/22 14:45:35 | 000,355,840 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\cmd.exe
[2013/08/22 14:45:45 | 000,355,840 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\conhost.exe
[2013/08/22 14:45:34 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\convert.exe
[2013/08/22 22:18:47 | 000,148,992 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\cscript.exe
[2013/08/22 14:25:40 | 000,017,120 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\csrss.exe
[2013/08/22 14:45:31 | 000,146,944 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\diskpart.exe
[2013/08/22 14:45:31 | 000,328,192 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\diskraid.exe
[2013/08/22 14:45:35 | 000,245,760 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\Dism.exe
[2013/08/22 14:45:16 | 000,019,296 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\dllhost.exe
[2013/08/22 14:45:35 | 000,009,216 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\dllhst3g.exe
[2013/08/22 14:45:29 | 000,030,720 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\dnscacheugc.exe
[2013/08/22 14:45:30 | 000,018,432 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\doskey.exe
[2013/08/22 14:45:29 | 000,075,264 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\dpapimig.exe
[2013/08/22 14:45:35 | 000,056,832 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\drvcfg.exe
[2013/08/22 14:45:30 | 000,109,056 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\drvinst.exe
[2013/08/22 14:45:35 | 000,041,472 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\drvload.exe
[2013/08/22 14:45:24 | 000,012,288 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\Eap3Host.exe
[2013/08/22 14:45:29 | 000,296,960 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\esentutl.exe
[2013/08/22 14:45:30 | 000,061,952 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\expand.exe
[2013/08/22 14:45:30 | 000,016,384 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\find.exe
[2013/08/22 14:45:21 | 000,015,360 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\finger.exe
[2013/08/22 14:45:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\fixmapi.exe
[2013/08/22 14:45:35 | 000,026,624 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\fltMC.exe
[2013/08/22 14:45:24 | 000,053,248 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\ftp.exe
[2013/08/22 14:45:21 | 000,013,312 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\HOSTNAME.EXE
[2012/08/10 15:24:28 | 000,029,600 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\hpservice.exe
[2013/08/22 14:45:34 | 000,036,864 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\icacls.exe
[2013/08/22 14:45:24 | 000,035,840 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\ipconfig.exe
[2013/08/22 22:41:21 | 000,151,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\iscsicli.exe
[2013/08/22 14:45:35 | 000,051,200 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\lodctr.exe
[2013/08/22 14:25:35 | 000,045,008 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\lsass.exe
[2013/08/22 22:22:04 | 000,202,752 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\manage-bde.exe
[2013/08/22 14:45:34 | 000,284,160 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\mcbuilder.exe
[2013/08/22 22:19:33 | 000,091,136 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\MdSched.exe
[2013/08/22 22:39:14 | 000,280,168 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\mighost.exe
[2013/08/22 14:45:30 | 000,016,896 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\mountvol.exe
[2013/08/22 14:45:21 | 000,015,360 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\MRINFO.EXE
[2013/08/22 14:45:16 | 000,077,824 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\MuiUnattend.exe
[2013/08/22 14:45:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\nbtstat.exe
[2013/08/22 14:45:30 | 000,074,752 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\ndadmin.exe
[2013/08/22 14:45:26 | 000,055,808 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\net.exe
[2013/08/22 14:45:26 | 000,166,400 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\net1.exe
[2013/08/22 14:45:24 | 000,025,088 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\netbtugc.exe
[2013/08/22 14:45:30 | 000,031,232 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\netcfg.exe
[2013/08/22 14:45:24 | 000,026,624 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\netiougc.exe
[2013/08/22 14:45:24 | 000,091,648 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\netsh.exe
[2013/08/22 14:45:21 | 000,038,400 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\NETSTAT.EXE
[2013/08/22 14:45:30 | 000,075,776 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\newdev.exe
[2013/08/22 14:45:21 | 000,217,600 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\notepad.exe
[2013/08/22 14:25:35 | 007,416,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\ntoskrnl.exe
[2013/08/22 14:45:21 | 000,062,976 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\ntprint.exe
[2013/08/22 14:45:56 | 000,092,992 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\OpenWith.exe
[2013/08/22 14:45:24 | 000,018,432 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\PATHPING.EXE
[2013/08/22 14:45:24 | 000,020,992 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\PING.EXE
[2013/08/22 14:25:37 | 000,196,096 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\PkgMgr.exe
[2013/08/22 14:27:18 | 000,138,752 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\poqexec.exe
[2013/08/22 14:45:30 | 000,015,872 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\print.exe
[2013/08/22 14:45:24 | 000,017,920 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\rasautou.exe
[2013/08/22 14:45:34 | 000,012,800 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\recover.exe
[2013/08/22 14:45:35 | 000,073,216 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\reg.exe
[2013/08/22 14:45:35 | 000,010,752 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\regedt32.exe
[2013/08/22 22:18:46 | 000,014,848 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\Register-CimProvider.exe
[2013/08/22 14:45:21 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\regsvr32.exe
[2013/08/22 22:22:04 | 000,124,416 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\repair-bde.exe
[2013/08/22 14:45:30 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\replace.exe
[2013/08/22 22:19:34 | 000,009,216 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\ResetEngInterfaces.exe
[2013/08/22 14:45:35 | 000,123,392 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\Robocopy.exe
[2013/08/22 14:45:21 | 000,023,040 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\ROUTE.EXE
[2013/08/22 22:19:34 | 000,271,872 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\rstrui.exe
[2013/08/22 14:45:21 | 000,052,736 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\rundll32.exe
[2013/08/22 14:45:35 | 000,039,936 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\sacsess.exe
[2013/08/22 14:25:40 | 000,405,488 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\services.exe
[2013/08/22 22:39:16 | 006,168,176 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\setupplatform.exe
[2013/08/22 14:45:35 | 000,038,400 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\sfc.exe
[2013/08/22 14:25:40 | 000,142,576 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\smss.exe
[2013/08/22 14:45:30 | 000,015,360 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\subst.exe
[2013/08/22 14:45:16 | 000,037,768 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\svchost.exe
[2013/08/22 14:25:36 | 000,036,352 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\sxstrace.exe
[2013/08/22 22:19:33 | 000,133,632 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\sysreset.exe
[2013/08/22 14:45:35 | 000,060,416 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\takeown.exe
[2013/08/22 14:45:30 | 000,238,080 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\taskmgr.exe
[2013/08/22 14:45:21 | 000,011,264 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\TCPSVCS.EXE
[2013/08/22 14:45:24 | 000,017,408 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\TRACERT.EXE
[2013/08/22 14:45:34 | 000,043,008 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\ucsvc.exe
[2013/08/22 14:45:35 | 000,042,496 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\unlodctr.exe
[2013/08/22 14:45:19 | 000,025,088 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\userinit.exe
[2013/08/22 14:45:35 | 001,283,584 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\vds.exe
[2013/08/22 14:45:35 | 000,023,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\vdsldr.exe
[2013/08/22 14:45:21 | 000,163,328 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\verifier.exe
[2013/08/22 22:19:34 | 001,436,160 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\VSSVC.exe
[2013/08/22 14:45:56 | 000,009,728 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\WallpaperHost.exe
[2013/08/22 22:19:35 | 000,283,136 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbadmin.exe
[2013/08/22 22:19:35 | 001,542,144 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbengine.exe
[2013/08/22 22:21:28 | 000,628,736 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wdscapture.exe
[2013/08/22 22:21:28 | 000,412,672 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wdsclient.exe
[2013/08/22 22:21:28 | 001,165,824 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wdsmcast.exe
[2013/08/22 22:19:32 | 000,458,624 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\WerFault.exe
[2013/08/22 22:19:32 | 000,036,208 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\WerFaultSecure.exe
[2013/08/22 22:19:32 | 000,143,568 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wermgr.exe
[2013/08/22 14:45:30 | 000,240,128 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wevtutil.exe
[2013/08/22 14:45:35 | 000,505,856 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wimserv.exe
[2013/08/22 14:45:19 | 000,144,384 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wininit.exe
[2013/11/14 08:14:05 | 001,506,168 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\winload.exe
[2013/08/22 14:45:29 | 000,564,736 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\winlogon.exe
[2013/08/22 14:45:30 | 000,541,184 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\winpeshl.exe
[2013/11/14 08:14:05 | 001,344,984 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\winresume.exe
[2013/08/22 14:45:35 | 000,016,896 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wowreg32.exe
[2013/08/22 14:45:30 | 000,028,672 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wpeinit.exe
[2013/08/22 14:45:30 | 000,011,264 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wpeutil.exe
[2013/08/22 22:18:47 | 000,161,280 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wscript.exe
[2013/08/22 14:45:35 | 000,046,080 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\xcopy.exe
[2013/11/14 08:14:05 | 001,506,168 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\Boot\winload.exe
[2013/08/22 14:45:24 | 001,350,184 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\Boot\winresume.exe
[2013/08/22 14:25:38 | 000,140,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\Dism\DismHost.exe
[2012/08/10 15:24:28 | 000,029,600 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\DriverStore\FileRepository\accelerometer.inf_amd64_f7c4c5c2d49b94cc\amd64\hpservice.exe
[2012/08/24 10:38:00 | 000,227,128 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\DriverStore\FileRepository\synpd.inf_amd64_1bafc824465a3868\InstNT.exe
[2012/08/24 10:38:04 | 000,245,048 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\DriverStore\FileRepository\synpd.inf_amd64_1bafc824465a3868\SynMood.exe
[2012/08/24 10:38:08 | 002,916,152 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\DriverStore\FileRepository\synpd.inf_amd64_1bafc824465a3868\SynTPEnh.exe
[2012/08/24 10:38:10 | 000,123,704 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\DriverStore\FileRepository\synpd.inf_amd64_1bafc824465a3868\SynTPHelper.exe
[2012/08/24 10:38:10 | 000,253,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\DriverStore\FileRepository\synpd.inf_amd64_1bafc824465a3868\SynZMetr.exe
[2012/08/24 10:38:12 | 000,339,256 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\DriverStore\FileRepository\synpd.inf_amd64_1bafc824465a3868\Tutorial.exe
[2013/08/22 22:18:46 | 000,023,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbem\mofcomp.exe
[2013/08/22 22:18:45 | 000,046,080 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbem\scrcons.exe
[2013/08/22 22:18:46 | 000,047,104 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbem\unsecapp.exe
[2013/08/22 22:18:45 | 000,206,848 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbem\wbemtest.exe
[2013/08/22 22:18:46 | 000,080,896 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbem\WinMgmt.exe
[2013/08/22 22:18:46 | 000,166,400 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbem\WMIADAP.exe
[2013/08/22 22:18:46 | 000,195,072 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbem\WmiApSrv.exe
[2013/08/22 22:18:46 | 000,507,904 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbem\WMIC.exe
[2013/08/22 22:18:45 | 000,478,208 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\System32\wbem\WmiPrvSE.exe
[2013/08/22 14:25:38 | 000,195,072 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\SysWOW64\PkgMgr.exe
[2013/08/22 14:27:17 | 000,123,904 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\SysWOW64\poqexec.exe
[2013/08/22 14:25:38 | 000,115,304 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\SysWOW64\Dism\DismHost.exe
[2013/08/22 14:45:35 | 000,891,392 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2013/08/22 14:45:30 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-autochkconfigurator_31bf3856ad364e35_6.3.9600.16384_none_0980dba35bbb7c3c\chkntfs.exe
[2013/08/22 14:45:24 | 001,350,184 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.3.9600.16384_none_59f6f73560c1a48d\winresume.exe
[2013/08/22 14:45:34 | 000,349,696 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..iondata-cmdlinetool_31bf3856ad364e35_6.3.9600.16384_none_78e95cd07922a6bf\bcdedit.exe
[2013/08/22 14:45:31 | 000,109,408 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..ment-bootsectortool_31bf3856ad364e35_6.3.9600.16384_none_fd4cc49f698193ee\bootsect.exe
[2013/08/22 14:25:40 | 001,511,840 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..ment-windows-minwin_31bf3856ad364e35_6.3.9600.16384_none_40aa0665cff59504\winload.exe
[2013/11/14 08:14:05 | 001,506,168 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..ment-windows-minwin_31bf3856ad364e35_6.3.9600.16415_none_40f6b809cfbbe7eb\winload.exe
[2013/08/22 14:45:24 | 001,511,840 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc\winload.exe
[2013/08/22 14:45:24 | 001,350,184 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc\winresume.exe
[2013/11/14 08:14:05 | 001,506,168 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3\winload.exe
[2013/11/14 08:14:05 | 001,344,984 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3\winresume.exe
[2013/08/22 14:45:34 | 000,056,832 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-b..vironment-servicing_31bf3856ad364e35_6.3.9600.16384_none_16d2e13d798b7904\bfsvc.exe
[2013/08/22 14:45:30 | 000,165,376 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-bcdboot-cmdlinetool_31bf3856ad364e35_6.3.9600.16384_none_521444a0121b6d02\bcdboot.exe
[2013/08/22 22:19:35 | 000,283,136 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-blb-cli-main_31bf3856ad364e35_6.3.9600.16384_none_3c133d2b62fcbed5\wbadmin.exe
[2013/08/22 22:19:35 | 001,542,144 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-blb-engine-main_31bf3856ad364e35_6.3.9600.16384_none_d4a05602d3b6ef4d\wbengine.exe
[2013/08/22 14:45:30 | 000,087,040 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-bootconfig_31bf3856ad364e35_6.3.9600.16384_none_fcd4dd14ee3f1ae8\bootcfg.exe
[2013/08/22 14:45:30 | 000,024,064 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-chkdsk_31bf3856ad364e35_6.3.9600.16384_none_b2a4b9eb60a78404\chkdsk.exe
[2013/08/22 14:45:35 | 000,355,840 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.3.9600.16384_none_7bcb26c7ee538fe3\cmd.exe
[2013/08/22 14:45:35 | 000,009,216 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.3.9600.16384_none_34e24ec0c77907ea\dllhst3g.exe
[2013/08/22 14:45:16 | 000,019,296 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-com-surrogate-core_31bf3856ad364e35_6.3.9600.16384_none_25a8f00faa8f185c\dllhost.exe
[2013/08/22 14:45:45 | 000,355,840 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.3.9600.16384_none_651a275bd610cc27\conhost.exe
[2013/08/22 14:45:34 | 000,902,144 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-convert_31bf3856ad364e35_6.3.9600.16384_none_8d93aac67c493a73\autoconv.exe
[2013/08/22 14:45:34 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-convert_31bf3856ad364e35_6.3.9600.16384_none_8d93aac67c493a73\convert.exe
[2013/08/22 14:45:35 | 000,056,832 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-coresystemminpnp_31bf3856ad364e35_6.3.9600.16384_none_fb1b7144c04761aa\drvcfg.exe
[2013/08/22 14:45:30 | 000,109,056 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-coreusermodepnp_31bf3856ad364e35_6.3.9600.16384_none_67c00b4100e2ff79\drvinst.exe
[2013/08/22 14:25:40 | 000,017,120 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.3.9600.16384_none_49a243e2b80cb4c0\csrss.exe
[2013/08/22 22:21:28 | 000,412,672 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-d..ent-services-client_31bf3856ad364e35_6.3.9600.16384_none_a11a28ffbfa66f88\wdsclient.exe
[2013/08/22 14:45:35 | 000,245,760 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-d..ervicing-management_31bf3856ad364e35_6.3.9600.16384_none_4f680322e1a371ba\Dism.exe
[2013/08/22 22:21:28 | 001,165,824 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-d..es-multicast-client_31bf3856ad364e35_6.3.9600.16384_none_a7513f65a9c77d4b\wdsmcast.exe
[2013/08/22 14:25:38 | 000,140,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-d..ing-management-core_31bf3856ad364e35_6.3.9600.16384_none_1bf2860ffeb621a8\DismHost.exe
[2013/08/22 22:21:28 | 000,628,736 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-d..mage-capture-wizard_31bf3856ad364e35_6.3.9600.16384_none_599068a4b8d6db33\wdscapture.exe
[2013/08/22 22:19:33 | 000,408,576 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-disasterrecoveryui_31bf3856ad364e35_6.3.9600.16384_none_2a185079397eac9c\bmrui.exe
[2013/08/22 14:45:31 | 000,146,944 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-diskpart_31bf3856ad364e35_6.3.9600.16384_none_5996c56569e3ed38\diskpart.exe
[2013/08/22 14:45:31 | 000,328,192 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-diskraid_31bf3856ad364e35_6.3.9600.16384_none_5648041b6bf13817\diskraid.exe
[2013/08/22 14:45:29 | 000,030,720 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.3.9600.16384_none_d2a0dce8565069df\dnscacheugc.exe
[2013/08/22 14:45:29 | 000,075,264 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-dpapi-keys_31bf3856ad364e35_6.3.9600.16384_none_6e913306a167da4b\dpapimig.exe
[2013/08/22 14:45:21 | 000,163,328 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-driververifier_31bf3856ad364e35_6.3.9600.16384_none_ab2a3b2270b26cbe\verifier.exe
[2013/08/22 14:45:29 | 000,296,960 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-e..ageengine-utilities_31bf3856ad364e35_6.3.9600.16384_none_ca4a4d08993827a1\esentutl.exe
[2013/08/22 14:45:24 | 000,012,288 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-e..otocol-host-service_31bf3856ad364e35_6.3.9600.16384_none_7b0847ebd215167e\Eap3Host.exe
[2013/08/22 14:45:35 | 000,039,936 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-e..ymanagementservices_31bf3856ad364e35_6.3.9600.16384_none_e43325cdcb0bf1ec\sacsess.exe
[2013/08/22 22:19:32 | 000,143,568 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.3.9600.16384_none_11351220d9db425d\wermgr.exe
[2013/08/22 22:19:32 | 000,458,624 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.3.9600.16384_none_60c57cad10c057ad\WerFault.exe
[2013/08/22 22:19:32 | 000,036,208 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.3.9600.16384_none_60c57cad10c057ad\WerFaultSecure.exe
[2013/08/22 14:45:30 | 000,240,128 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-eventlog-commandline_31bf3856ad364e35_6.3.9600.16384_none_b19295aa50c70dfc\wevtutil.exe
[2013/08/22 14:45:30 | 000,061,952 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-expand_31bf3856ad364e35_6.3.9600.16384_none_4930dc872bd7777c\expand.exe
[2013/08/22 14:45:35 | 000,026,624 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-filtermanager-utils_31bf3856ad364e35_6.3.9600.16384_none_0a4c130cf94eb455\fltMC.exe
[2013/08/22 14:45:24 | 000,053,248 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-ftp_31bf3856ad364e35_6.3.9600.16384_none_9da9bdfb2c81042a\ftp.exe
[2013/08/22 22:18:47 | 000,017,408 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-htmlhelp_31bf3856ad364e35_6.3.9600.16384_none_b91456bd58b38188\hh.exe
[2013/08/22 22:39:14 | 000,280,168 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-i..dsetup-rejuvenation_31bf3856ad364e35_6.3.9600.16384_none_43577fa9e4b2a44a\mighost.exe
[2013/08/22 22:39:16 | 006,168,176 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-i..dsetup-rejuvenation_31bf3856ad364e35_6.3.9600.16384_none_43577fa9e4b2a44a\setupplatform.exe
[2013/08/22 22:41:21 | 000,151,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-i..i_initiator_service_31bf3856ad364e35_6.3.9600.16384_none_cb320b48e90ef6b9\iscsicli.exe
[2013/08/22 14:45:34 | 000,036,864 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-icacls_31bf3856ad364e35_6.3.9600.16384_none_2372ff1b79f137cf\icacls.exe
[2013/08/22 14:45:16 | 000,077,824 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-international-core_31bf3856ad364e35_6.3.9600.16384_none_da68c493adb806aa\MuiUnattend.exe
[2013/08/22 14:45:24 | 000,035,840 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-ipconfig_31bf3856ad364e35_6.3.9600.16384_none_3cf8510aebe5a8c5\ipconfig.exe
[2013/08/22 14:45:30 | 000,238,080 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-legacytaskmanager_31bf3856ad364e35_6.3.9600.16384_none_f471ccc537358ac1\taskmgr.exe
[2013/08/22 14:25:35 | 000,045,008 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16384_none_2e2a01a866456d93\lsass.exe
[2013/08/22 22:19:33 | 000,091,136 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_6.3.9600.16384_none_8494fc474dae8abd\MdSched.exe
[2013/08/22 14:45:34 | 000,043,008 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-m..odeupdate-servicing_31bf3856ad364e35_6.3.9600.16384_none_944664fa79fb45ed\ucsvc.exe
[2013/08/22 14:45:30 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-m..ommandlineutilities_31bf3856ad364e35_6.3.9600.16384_none_6ddb4db23b4b9aef\attrib.exe
[2013/08/22 14:45:30 | 000,018,432 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-m..ommandlineutilities_31bf3856ad364e35_6.3.9600.16384_none_6ddb4db23b4b9aef\doskey.exe
[2013/08/22 14:45:30 | 000,016,384 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-m..ommandlineutilities_31bf3856ad364e35_6.3.9600.16384_none_6ddb4db23b4b9aef\find.exe
[2013/08/22 14:45:30 | 000,015,872 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-m..ommandlineutilities_31bf3856ad364e35_6.3.9600.16384_none_6ddb4db23b4b9aef\print.exe
[2013/08/22 14:45:30 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-m..ommandlineutilities_31bf3856ad364e35_6.3.9600.16384_none_6ddb4db23b4b9aef\replace.exe
[2013/08/22 14:45:30 | 000,015,360 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-m..ommandlineutilities_31bf3856ad364e35_6.3.9600.16384_none_6ddb4db23b4b9aef\subst.exe
[2013/08/22 14:45:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-mapi_31bf3856ad364e35_6.3.9600.16384_none_9c0ba159edb6b599\fixmapi.exe
[2013/08/22 14:45:30 | 000,016,896 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-mountvol_31bf3856ad364e35_6.3.9600.16384_none_a317d978256a5276\mountvol.exe
[2013/08/22 14:45:34 | 000,284,160 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-muicachebuilder_31bf3856ad364e35_6.3.9600.16384_none_0acafc4688cf5b5c\mcbuilder.exe
[2013/08/22 14:45:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-nbtstat_31bf3856ad364e35_6.3.9600.16384_none_8ecee47cf255f8ce\nbtstat.exe
[2013/08/22 14:45:26 | 000,166,400 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-net1-command-line-tool_31bf3856ad364e35_6.3.9600.16384_none_779a537c288a30c2\net1.exe
[2013/08/22 14:45:24 | 000,025,088 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.3.9600.16384_none_5123286ccb3b2dd9\netbtugc.exe
[2013/08/22 14:45:30 | 000,031,232 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-netcfg_31bf3856ad364e35_6.3.9600.16384_none_00ed3bc325708d89\netcfg.exe
[2013/08/22 14:45:26 | 000,055,808 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-net-command-line-tool_31bf3856ad364e35_6.3.9600.16384_none_42f0b18b466e164f\net.exe
[2013/08/22 14:45:24 | 000,091,648 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-netsh_31bf3856ad364e35_6.3.9600.16384_none_505f5648cbcfd8c6\netsh.exe
[2013/08/22 14:45:30 | 000,074,752 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-newdev_31bf3856ad364e35_6.3.9600.16384_none_0234ab5f24a01e27\ndadmin.exe
[2013/08/22 14:45:30 | 000,075,776 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-newdev_31bf3856ad364e35_6.3.9600.16384_none_0234ab5f24a01e27\newdev.exe
[2013/08/22 14:45:21 | 000,217,600 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_6.3.9600.16384_none_5fd8ed8643f6c1e7\notepad.exe
[2013/08/22 14:45:56 | 000,092,992 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-openwith_31bf3856ad364e35_6.3.9600.16384_none_5ddf2eb746aaec0e\OpenWith.exe
[2013/08/22 14:25:35 | 007,416,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.16384_none_5ceec1ab881a18dc\ntoskrnl.exe
[2013/08/22 14:45:21 | 000,062,976 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-p..randprintui-ntprint_31bf3856ad364e35_6.3.9600.16384_none_e0c1da4751633d18\ntprint.exe
[2013/08/22 14:45:35 | 000,051,200 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.3.9600.16384_none_62445d62d2ddcfe5\lodctr.exe
[2013/08/22 14:45:35 | 000,042,496 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.3.9600.16384_none_62445d62d2ddcfe5\unlodctr.exe
[2013/08/22 14:25:37 | 000,196,096 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-packagemanager_31bf3856ad364e35_6.3.9600.16384_none_dd962426c73b4c1b\PkgMgr.exe
[2013/08/22 14:45:24 | 000,018,432 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-ping-utilities_31bf3856ad364e35_6.3.9600.16384_none_99f0051263d1cec9\PATHPING.EXE
[2013/08/22 14:45:24 | 000,020,992 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-ping-utilities_31bf3856ad364e35_6.3.9600.16384_none_99f0051263d1cec9\PING.EXE
[2013/08/22 14:45:24 | 000,017,408 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-ping-utilities_31bf3856ad364e35_6.3.9600.16384_none_99f0051263d1cec9\TRACERT.EXE
[2013/08/22 14:45:35 | 000,073,216 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-r..-commandline-editor_31bf3856ad364e35_6.3.9600.16384_none_22529407fea67f59\reg.exe
[2013/08/22 14:45:24 | 000,017,920 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.3.9600.16384_none_00985ec1394a25d7\rasautou.exe
[2013/08/22 14:45:34 | 000,012,800 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-recover_31bf3856ad364e35_6.3.9600.16384_none_76d1add9889205e6\recover.exe
[2013/08/22 14:45:35 | 000,151,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.16384_none_e4ed156fafcfad0b\regedit.exe
[2013/08/22 14:45:35 | 000,010,752 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.16384_none_e4ed156fafcfad0b\regedt32.exe
[2013/08/22 14:45:21 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-regsvr32_31bf3856ad364e35_6.3.9600.16384_none_69157d5c037a9ea6\regsvr32.exe
[2013/08/22 14:45:35 | 000,123,392 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-robocopy_31bf3856ad364e35_6.3.9600.16384_none_b7c58f8bc05b432d\Robocopy.exe
[2013/08/22 14:45:21 | 000,052,736 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-rundll32_31bf3856ad364e35_6.3.9600.16384_none_c8c3b19a7ee19958\rundll32.exe
[2013/08/22 14:25:40 | 000,405,488 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
[2013/08/22 22:22:04 | 000,124,416 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-s..restartup-repairbde_31bf3856ad364e35_6.3.9600.16384_none_c2b2a162e3fc49f9\repair-bde.exe
[2013/08/22 22:18:47 | 000,148,992 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.3.9600.16384_none_3926b320d450f7ef\cscript.exe
[2013/08/22 22:18:47 | 000,161,280 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.3.9600.16384_none_3926b320d450f7ef\wscript.exe
[2013/08/22 22:22:04 | 000,202,752 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-securestartup-tool-exe_31bf3856ad364e35_6.3.9600.16384_none_ead91dc28b4d58dc\manage-bde.exe
[2013/08/22 14:45:16 | 000,037,768 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2013/08/22 14:27:18 | 000,138,752 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\poqexec.exe
[2013/08/22 14:27:18 | 000,417,280 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\TiFileFetcher.exe
[2013/08/22 14:27:19 | 000,190,464 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\TiWorker.exe
[2013/08/22 14:45:35 | 000,016,896 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-setupapi_31bf3856ad364e35_6.3.9600.16384_none_25b3b9bb9a34e0c9\wowreg32.exe
[2013/08/22 14:25:40 | 000,142,576 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2013/08/22 14:25:36 | 000,036,352 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-sxs_31bf3856ad364e35_6.3.9600.16384_none_9f0afc272b9ac1ae\sxstrace.exe
[2013/08/22 22:19:34 | 000,009,216 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-sysreset_31bf3856ad364e35_6.3.9600.16384_none_2ce07b1c526dff32\ResetEngInterfaces.exe
[2013/08/22 22:19:33 | 000,133,632 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-sysreset_31bf3856ad364e35_6.3.9600.16384_none_2ce07b1c526dff32\sysreset.exe
[2013/08/22 22:19:34 | 000,271,872 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.3.9600.16384_none_379e2ff28736049d\rstrui.exe
[2013/08/22 22:19:32 | 000,349,176 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-tabletpc-inputpanel_31bf3856ad364e35_6.3.9600.16384_none_024d75d14b795392\TabTip.exe
[2013/08/22 14:45:35 | 000,060,416 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-takeown_31bf3856ad364e35_6.3.9600.16384_none_eaa9c5d4e995206f\takeown.exe
[2013/08/22 14:45:24 | 000,026,624 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.3.9600.16384_none_5243f5e76350b12c\netiougc.exe
[2013/08/22 14:45:21 | 000,025,088 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.3.9600.16384_none_238553b522d52927\ARP.EXE
[2013/08/22 14:45:21 | 000,015,360 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.3.9600.16384_none_238553b522d52927\finger.exe
[2013/08/22 14:45:21 | 000,013,312 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.3.9600.16384_none_238553b522d52927\HOSTNAME.EXE
[2013/08/22 14:45:21 | 000,015,360 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.3.9600.16384_none_238553b522d52927\MRINFO.EXE
[2013/08/22 14:45:21 | 000,038,400 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.3.9600.16384_none_238553b522d52927\NETSTAT.EXE
[2013/08/22 14:45:21 | 000,023,040 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.3.9600.16384_none_238553b522d52927\ROUTE.EXE
[2013/08/22 14:45:21 | 000,011,264 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.3.9600.16384_none_238553b522d52927\TCPSVCS.EXE
[2013/08/22 14:25:36 | 000,098,816 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.3.9600.16384_none_81cb938f211dbc6f\TrustedInstaller.exe
[2013/08/22 14:45:19 | 000,025,088 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 14:45:35 | 001,283,584 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.3.9600.16384_none_5ba932aacea5a2ad\vds.exe
[2013/08/22 14:45:35 | 000,023,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.3.9600.16384_none_5ba932aacea5a2ad\vdsldr.exe
[2013/08/22 22:19:34 | 001,436,160 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-vssservice_31bf3856ad364e35_6.3.9600.16384_none_4b8b2e81ebce7a3b\VSSVC.exe
[2013/08/22 22:18:46 | 000,507,904 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-w..ommand-line-utility_31bf3856ad364e35_6.3.9600.16384_none_92683569a0cdf88f\WMIC.exe
[2013/08/22 22:18:46 | 000,014,848 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-w..ter-cimprovider-exe_31bf3856ad364e35_6.3.9600.16384_none_5407fe14bfed173f\Register-CimProvider.exe
[2013/08/22 14:45:56 | 000,009,728 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wallpaperhost_31bf3856ad364e35_6.3.9600.16384_none_4ec257a979539018\WallpaperHost.exe
[2013/08/22 14:45:35 | 000,505,856 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wimgapi_31bf3856ad364e35_6.3.9600.16384_none_79ba0274e8d5902a\wimserv.exe
[2013/08/22 14:45:19 | 000,144,384 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.16384_none_21b118d9d847ad16\wininit.exe
[2013/08/22 14:45:29 | 000,564,736 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2013/08/22 14:45:30 | 000,541,184 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-winpe_tools_31bf3856ad364e35_6.3.9600.16384_none_ebbe02ec0ad6d113\winpeshl.exe
[2013/08/22 14:45:30 | 000,028,672 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-winpe_tools_31bf3856ad364e35_6.3.9600.16384_none_ebbe02ec0ad6d113\wpeinit.exe
[2013/08/22 14:45:30 | 000,011,264 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-winpe_tools_31bf3856ad364e35_6.3.9600.16384_none_ebbe02ec0ad6d113\wpeutil.exe
[2013/08/22 14:45:35 | 000,041,472 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-winpe-drvload_31bf3856ad364e35_6.3.9600.16384_none_7cd72a47c3e7d986\drvload.exe
[2013/08/22 22:19:33 | 000,342,528 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-winre-tools_31bf3856ad364e35_6.3.9600.16384_none_babbfdbf440936a3\BootRec.exe
[2013/08/22 22:19:33 | 000,640,352 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-winre-tools_31bf3856ad364e35_6.3.9600.16384_none_babbfdbf440936a3\RecEnv.exe
[2013/08/22 22:19:33 | 000,707,072 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-winre-tools_31bf3856ad364e35_6.3.9600.16384_none_babbfdbf440936a3\StartRep.exe
[2013/08/22 22:18:45 | 000,046,080 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wmi-consumers_31bf3856ad364e35_6.3.9600.16384_none_3b9087732cd86739\scrcons.exe
[2013/08/22 22:18:46 | 000,023,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wmi-core_31bf3856ad364e35_6.3.9600.16384_none_aa12631ff38fa667\mofcomp.exe
[2013/08/22 22:18:46 | 000,047,104 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wmi-core_31bf3856ad364e35_6.3.9600.16384_none_aa12631ff38fa667\unsecapp.exe
[2013/08/22 22:18:46 | 000,166,400 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wmi-core_31bf3856ad364e35_6.3.9600.16384_none_aa12631ff38fa667\WMIADAP.exe
[2013/08/22 22:18:46 | 000,195,072 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wmi-core_31bf3856ad364e35_6.3.9600.16384_none_aa12631ff38fa667\WmiApSrv.exe
[2013/08/22 22:18:45 | 000,478,208 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.3.9600.16384_none_01211e965f5c103b\WmiPrvSE.exe
[2013/08/22 22:18:46 | 000,080,896 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.3.9600.16384_none_91711bdacae82502\WinMgmt.exe
[2013/08/22 22:18:45 | 000,206,848 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wmi-tools_31bf3856ad364e35_6.3.9600.16384_none_c8b9c9ec57966cd7\wbemtest.exe
[2013/08/22 14:45:35 | 000,038,400 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-wrp-integrity-client_31bf3856ad364e35_6.3.9600.16384_none_1bfd2d47bf3d3839\sfc.exe
[2013/08/22 14:45:35 | 000,046,080 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\amd64_microsoft-windows-xcopy_31bf3856ad364e35_6.3.9600.16384_none_53b40ab3c84345ef\xcopy.exe
[2013/08/22 14:47:05 | 000,056,832 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-coresystemminpnp_31bf3856ad364e35_6.3.9600.16384_none_fb1b7144c04761aa_drvcfg.exe_8370a674
[2013/08/22 14:47:05 | 000,037,768 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459_svchost.exe_4dd0f0bc
[2013/08/22 14:47:04 | 000,564,736 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269_winlogon.exe_ac37d0c5
[2013/11/14 08:14:07 | 001,344,984 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3_winresume.exe_85cd1215
[2013/08/22 14:47:05 | 000,144,384 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.16384_none_21b118d9d847ad16_wininit.exe_7a527f28
[2013/08/22 14:47:04 | 000,109,056 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-coreusermodepnp_31bf3856ad364e35_6.3.9600.16384_none_67c00b4100e2ff79_drvinst.exe_6593e92a
[2013/08/22 14:47:06 | 000,017,920 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.3.9600.16384_none_00985ec1394a25d7_rasautou.exe_477abe34
[2013/08/22 14:47:05 | 001,283,584 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.3.9600.16384_none_5ba932aacea5a2ad_vds.exe_cb461c29
[2013/08/22 22:18:49 | 000,080,896 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.3.9600.16384_none_91711bdacae82502_winmgmt.exe_8f8eb7b1
[2013/11/14 08:14:07 | 001,506,168 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3_winload.exe_75835076
[2013/08/22 14:47:05 | 000,023,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.3.9600.16384_none_5ba932aacea5a2ad_vdsldr.exe_20c491b3
[2013/08/22 22:41:28 | 000,151,552 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-i..i_initiator_service_31bf3856ad364e35_6.3.9600.16384_none_cb320b48e90ef6b9_iscsicli.exe_20e14d4f
[2013/08/22 14:25:42 | 000,017,120 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.3.9600.16384_none_49a243e2b80cb4c0_csrss.exe_06529458
[2013/08/22 14:25:42 | 000,045,008 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16384_none_2e2a01a866456d93_lsass.exe_682060de
[2013/08/22 14:25:42 | 000,142,576 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3_smss.exe_d7209c3a
[2013/08/22 14:25:42 | 007,416,160 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.16384_none_5ceec1ab881a18dc_ntoskrnl.exe_0fb0ab79
[2013/08/22 14:47:05 | 000,026,624 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.3.9600.16384_none_5243f5e76350b12c_netiougc.exe_94123cfe
[2013/08/22 14:47:04 | 000,016,896 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\amd64_microsoft-windows-setupapi_31bf3856ad364e35_6.3.9600.16384_none_25b3b9bb9a34e0c9_wowreg32.exe_94fc2d06
[2013/08/22 14:47:04 | 001,186,144 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\Backup\wow64_microsoft-windows-b..re-memorydiagnostic_31bf3856ad364e35_6.3.9600.16384_none_d34858c70cf5232d_memtest.exe_01d80391
[2013/08/22 14:45:24 | 001,186,144 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\wow64_microsoft-windows-b..re-memorydiagnostic_31bf3856ad364e35_6.3.9600.16384_none_d34858c70cf5232d\memtest.exe
[2013/08/22 14:45:24 | 000,700,256 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\x86_microsoft-windows-bootenvironment-pxe_31bf3856ad364e35_6.3.9600.16384_none_81f29894ad63fa03\bootmgr.exe
[2013/11/14 08:14:05 | 000,641,880 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\x86_microsoft-windows-bootenvironment-pxe_31bf3856ad364e35_6.3.9600.16415_none_823f4a38ad2a4cea\bootmgr.exe
[2013/08/22 14:25:38 | 000,115,304 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\x86_microsoft-windows-d..ing-management-core_31bf3856ad364e35_6.3.9600.16384_none_bfd3ea8c4658b072\DismHost.exe
[2013/08/22 14:25:38 | 000,195,072 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\x86_microsoft-windows-packagemanager_31bf3856ad364e35_6.3.9600.16384_none_817788a30edddae5\PkgMgr.exe
[2013/08/22 14:27:17 | 000,123,904 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_9dff25cfe2e40fa2\poqexec.exe
[2013/08/22 14:27:17 | 000,348,160 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_9dff25cfe2e40fa2\TiFileFetcher.exe
[2013/08/22 14:27:17 | 000,188,416 | ---- | M] () -- C:\WINDOWS\Temp\cd488fa9-5107-4244-af20-613c55df5d21\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_9dff25cfe2e40fa2\TiWorker.exe

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[17 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]
[17 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2013/08/22 02:43:03 | 000,016,284 | ---- | M] () -- C:\WINDOWS\system32\ieuinit.inf
[2013/04/02 18:55:09 | 000,000,685 | ---- | M] () -- C:\WINDOWS\system32\InstallUtil.InstallLog
[2013/08/22 03:54:21 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
[2013/12/17 08:48:18 | 001,959,360 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013/08/22 03:41:00 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
[17 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2014/01/22 19:13:03 | 000,001,002 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014/01/22 18:25:36 | 000,001,064 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014/01/22 18:57:00 | 000,001,068 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014/01/22 18:23:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/12/17 08:45:43 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\driv