Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

PUMS.dns help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

ESETScan.txt

Unread postby ukemike » November 21st, 2015, 9:56 pm

C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application
D:\Documents\old F drive\transport\CDRIVEBK\HP100LX\D_DRIVE\BIN\KEYBEZ.COM probably unknown CRYPT.TSR.COM virus
D:\Downloads\agsetup183se(1).exe a variant of Win32/Toolbar.Funmoods.D potentially unwanted application
D:\Downloads\agsetup183se.exe a variant of Win32/Toolbar.Funmoods.D potentially unwanted application
D:\Downloads\AxCrypt-1.7.2976.0-Setup.exe Win32/OpenCandy potentially unsafe application
D:\Downloads\cdbxp_setup_4.5.0.3717.exe Win32/OpenCandy potentially unsafe application
D:\Downloads\cnet2_SetupDWGTrueView2007_exe.exe a variant of Win32/InstallCore.D potentially unwanted application
D:\Downloads\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
D:\Downloads\FFSetup3.3.3.0.exe a variant of Win32/Hao123.A potentially unwanted application
D:\Downloads\flvplayer4free_setup.exe Win32/Somoto.E potentially unwanted application
D:\Downloads\PDFXVwer.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
D:\Downloads\uTorrent.exe a variant of Win32/Bunndle potentially unsafe application
D:\Downloads\winamp5623_full_emusic-7plus_en-us.exe Win32/OpenCandy potentially unsafe application
D:\Downloads\windows.7.codec.pack.v4.0.3.setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
D:\Downloads\ImgBurn_2.5.7.0\SetupImgBurn_2.5.7.0.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
D:\Downloads\installed\PDFXVwer.zip a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
D:\Downloads\PDFXVwer\PDFXVwer.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm
Advertisement
Register to Remove

Re: PUMS.dns help

Unread postby pgmigg » November 22nd, 2015, 12:26 am

Hello ukemike,

FYI the instructions for Malwarebytes did not match the options that were actually available in the program. I suspect the instructions were for an older version. For instance to get the log provided below I clicked on "Save Results..." in the lower right corner. I did not find a button called save detailed log.
Thank you, you are right!
The progress now so fast that do not always keep up with it. I will update my notes and next time when you came here (stay save and never be infected any more ;) ), all my steps will be up to date... :D

Step 1.
Show Hidden and System files
  1. Close all programs so that you are at your desktop.
  2. Press Image.
  3. Click the Start Search box on the Start Menu
  4. Copy and paste the following value in blue, in the open text entry box:
    change search options for files and folders
    then press Enter button
  5. Click on the View tab, then under the "Hidden files and folders" section please
    • SELECT "Show hidden files and folders"
  6. Find below and
    • remove check mark from check box "Hide extensions for known file types"
    • remove check mark from check box "Hide protected operating system files"
  7. Press the Apply, then the OK buttons.

Step 2.
Online Multi Antivirus file scan
Please go to either: Jotti or Virus Total and upload -only one file per scan- the following file(s) for scanning:

C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe
D:\Documents\old F drive\transport\CDRIVEBK\HP100LX\D_DRIVE\BIN\KEYBEZ.COM
D:\Downloads\agsetup183se.exe
D:\Downloads\AxCrypt-1.7.2976.0-Setup.exe
D:\Downloads\cdbxp_setup_4.5.0.3717.exe
D:\Downloads\cnet2_SetupDWGTrueView2007_exe.exe
D:\Downloads\CuteWriter.exe
D:\Downloads\FFSetup3.3.3.0.exe
D:\Downloads\flvplayer4free_setup.exe
D:\Downloads\PDFXVwer.exe
D:\Downloads\winamp5623_full_emusic-7plus_en-us.exe
D:\Downloads\windows.7.codec.pack.v4.0.3.setup.exe
D:\Downloads\ImgBurn_2.5.7.0\SetupImgBurn_2.5.7.0.exe


If Using Jotti
  1. Choose the appropriate language (if needed)... once a language is selected, you'll see a message "Ready to receive files"
  2. Press the Browse button and navigate to -one- of the files in the list.
  3. Double click the located file name...The file name should now appear in the online scanner's "File to scan:" box.
  4. Click on Submit..button.
      If you receive the message: This file has been scanned before. The results for this previous scan are listed below.
      Please press the Scan again button, so your file will be scanned.
  5. The file will be uploaded and scanned by various antivirus scanners..this may take a few minutes.
  6. When all scans have completed... the results page is displayed
  7. Please highlight and copy the page web address link from your browser window.
    Example of web address :
    Image
  8. Please repeat this procedure for each file listed above.
  9. Paste the Web address link(s) for the scan results in your next reply.

If Using Virus Total
  1. Press the Browse button and navigate to -one- of the files in the list.
  2. Double click the located file name... The file name should now appear in the online scanner's text entry box.
  3. Click on Send File...button.
  4. The file will be queued, uploaded and scanned by various antivirus scanners..this may take a few minutes.
      If you receive the message: File has already been analysed:
      Please press the Reanalyse file now button, so your file will be scanned.
  5. When all scans have completed... the results page is displayed
  6. Please highlight and copy the page web address link from your browser window.
    Example of web address:
    Image
  7. Please repeat this procedure for each file listed above.
  8. Paste the Web address link(s) for the scan results in your next reply.

Step 3.
Fresh OTL Scan
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Include 64 bit scans
    • Scan All Users
    • Processes ---> All
    • Services ---> All
    • Modules ---> All
    • Drivers ---> All
    • Extra Registry ---> Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, one Notepad file OTL.txt <-- Will be opened, maximized
  6. Please post the content of OTL.txt file ONLY in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. The resulting web links after online file scan by Virus Total or Jotti.
  3. Contents of a OTL.txt log file after OTL fresh scan
  4. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00


OTL.txt

Unread postby ukemike » November 22nd, 2015, 3:12 pm

OTL logfile created on: 11/22/2015 11:08:16 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mike\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18097)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 5.57 Gb Available Physical Memory | 69.83% Memory free
15.96 Gb Paging File | 13.46 Gb Available in Paging File | 84.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.99 Gb Total Space | 51.97 Gb Free Space | 43.31% Space Free | Partition Type: NTFS
Drive D: | 1277.17 Gb Total Space | 860.41 Gb Free Space | 67.37% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 70.37 Mb Free Space | 70.37% Space Free | Partition Type: NTFS

Computer Name: SERENITY | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (All) ==========

PRC - [2015/11/17 22:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
PRC - [2015/11/06 20:36:36 | 000,811,848 | ---- | M] (Google Inc.) -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2015/09/14 21:35:19 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
PRC - [2013/10/01 19:09:06 | 000,928,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2013/10/01 19:08:24 | 000,153,992 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
PRC - [2013/10/01 19:08:04 | 000,395,656 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2013/10/01 15:29:04 | 001,505,608 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
PRC - [2013/08/09 13:53:42 | 000,054,152 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
PRC - [2013/01/24 10:12:32 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\No-IP\ducservice.exe
PRC - [2013/01/24 10:12:30 | 000,270,336 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC40.exe
PRC - [2012/08/06 21:25:12 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/08/06 21:25:02 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/08/06 21:25:02 | 000,960,440 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012/04/24 01:06:46 | 000,229,376 | ---- | M] (Visioneer Inc.) -- C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
PRC - [2011/12/09 09:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011/05/20 09:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/09/30 18:56:56 | 001,290,240 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
PRC - [2010/09/14 15:17:00 | 000,061,440 | ---- | M] () -- C:\Windows\SysWOW64\ASDR.exe
PRC - [2009/07/30 17:10:04 | 000,380,928 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
PRC - [2009/06/24 09:57:04 | 000,136,704 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe


========== Modules (All) ==========

MOD - [2015/11/21 14:29:23 | 000,115,137 | ---- | M] () -- C:\Users\Mike\AppData\Local\Temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll
MOD - [2015/11/18 07:12:15 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\672f0c214d9f136d6d471c466149484d\PresentationFramework.ni.dll
MOD - [2015/11/18 07:12:07 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7db5806ac75b14833569b27746d63725\PresentationCore.ni.dll
MOD - [2015/11/18 07:12:05 | 012,935,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1f91e1eb6dd96423dbe49ef2085ddb21\System.Windows.Forms.ni.dll
MOD - [2015/11/18 07:09:32 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\dc5e9aaf3f627418b920205c75b926df\System.Windows.Forms.ni.dll
MOD - [2015/11/18 07:09:15 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\4ba30d4daa50747f9901138a559307ef\System.Runtime.Remoting.ni.dll
MOD - [2015/11/17 22:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
MOD - [2015/11/06 20:36:36 | 000,811,848 | ---- | M] (Google Inc.) -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
MOD - [2015/11/06 20:36:33 | 001,532,744 | ---- | M] () -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
MOD - [2015/11/06 20:36:32 | 000,081,224 | ---- | M] () -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\46.0.2490.86\libegl.dll
MOD - [2015/11/06 20:36:30 | 041,401,160 | ---- | M] (Google Inc.) -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\46.0.2490.86\chrome_child.dll
MOD - [2015/11/06 20:36:30 | 000,133,960 | ---- | M] (Google Inc.) -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\46.0.2490.86\chrome_elf.dll
MOD - [2015/11/06 20:36:28 | 032,938,312 | ---- | M] (Google Inc.) -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\46.0.2490.86\chrome.dll
MOD - [2015/11/06 19:34:28 | 003,466,856 | ---- | M] (Microsoft Corporation) -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\46.0.2490.86\d3dcompiler_47.dll
MOD - [2015/11/03 10:45:45 | 001,625,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19054_none_72d58feb8665ca95\GdiPlus.dll
MOD - [2015/10/30 14:52:34 | 020,331,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2015/10/30 14:42:15 | 002,279,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2015/10/30 14:16:43 | 004,527,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2015/10/30 14:09:39 | 012,854,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2015/10/30 13:51:28 | 002,011,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2015/10/30 13:48:12 | 001,311,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2015/10/19 16:48:46 | 001,311,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2015/10/19 16:45:47 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2015/10/19 16:45:44 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2015/10/19 16:45:44 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2015/10/19 16:45:40 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2015/10/19 16:45:28 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2015/10/19 16:45:28 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2015/10/19 16:44:18 | 000,665,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2015/10/19 16:44:18 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2015/10/19 16:44:18 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2015/10/19 16:44:17 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2015/09/23 05:09:57 | 000,251,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2015/09/13 19:04:33 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\307c0c82ccf884cc4a989ea13bfb0bc6\IAStorUtil.ni.dll
MOD - [2015/09/13 18:55:35 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\82ecf48db57ddf66f74fca17b0f99453\System.Drawing.ni.dll
MOD - [2015/09/10 13:38:41 | 001,650,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\0fa731ea0ae5de79fe1c1ab061d82fd1\System.Drawing.ni.dll
MOD - [2015/09/10 13:38:40 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\b6235b443cbc8a5f1fde136f4c0b8c6e\System.ServiceProcess.ni.dll
MOD - [2015/09/01 18:48:28 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2015/09/01 18:47:18 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2015/08/06 09:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2015/08/06 09:44:36 | 001,498,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2015/07/30 09:57:30 | 001,987,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2015/07/30 09:57:30 | 001,251,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2015/07/14 18:55:45 | 001,390,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2015/07/04 09:48:36 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2015/06/19 08:43:44 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8115eb34e0d122591c2a9595cfff225e\WindowsBase.ni.dll
MOD - [2015/06/19 08:43:40 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d2acb5226fa8916ef6417139a742a09d\System.Core.ni.dll
MOD - [2015/06/19 08:43:36 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5023210ae4242a319712718fc6a23848\System.Configuration.ni.dll
MOD - [2015/06/17 09:37:03 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2015/06/15 13:43:35 | 002,364,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2015/05/29 06:54:15 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2015/04/28 16:49:02 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
MOD - [2015/04/24 09:56:58 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
MOD - [2015/04/24 09:54:13 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
MOD - [2015/02/02 19:12:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2015/02/02 19:12:42 | 001,230,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2015/02/02 19:12:29 | 001,329,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
MOD - [2015/02/02 19:12:14 | 001,174,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2015/02/02 19:12:14 | 001,005,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2015/02/02 19:12:14 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2015/02/02 19:12:14 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2015/02/02 19:12:12 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2015/01/16 18:30:42 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2014/12/05 19:50:19 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2014/11/02 13:46:15 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/11/02 13:46:04 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/11/01 23:42:09 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/11/01 23:42:07 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014/11/01 23:42:02 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\c90a4b709b46b64c89fce02585d55370\System.Management.ni.dll
MOD - [2014/11/01 23:42:01 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/11/01 23:41:57 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/10/17 17:33:18 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2014/09/14 07:05:05 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/07/16 17:40:03 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2014/07/08 14:13:20 | 005,936,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2014/04/24 18:06:17 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2014/04/22 06:09:46 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/03/20 14:49:19 | 000,116,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
MOD - [2014/03/20 14:49:19 | 000,092,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
MOD - [2014/03/20 14:49:17 | 000,573,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MOD - [2014/03/20 14:49:17 | 000,024,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
MOD - [2014/03/20 14:49:17 | 000,016,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
MOD - [2013/12/05 07:48:11 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2013/12/05 07:47:42 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2013/12/05 07:47:31 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2013/12/05 07:47:27 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
MOD - [2013/11/26 00:16:50 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2013/10/30 17:17:12 | 006,915,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MOD - [2013/10/30 17:17:12 | 000,511,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MOD - [2013/10/11 18:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2013/10/03 17:56:25 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credui.dll
MOD - [2013/10/01 19:09:06 | 000,928,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
MOD - [2013/10/01 19:08:24 | 000,153,992 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
MOD - [2013/10/01 19:08:04 | 000,395,656 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
MOD - [2013/10/01 19:07:46 | 000,493,960 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\RSManager.dll
MOD - [2013/10/01 19:06:48 | 000,029,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\RSMHook.dll
MOD - [2013/10/01 19:06:30 | 000,076,168 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcwinn.dll
MOD - [2013/10/01 19:05:38 | 000,510,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\cst.dll
MOD - [2013/10/01 19:05:04 | 000,088,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll
MOD - [2013/10/01 19:04:26 | 000,117,128 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll
MOD - [2013/10/01 19:02:16 | 000,096,648 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\statuin.dll
MOD - [2013/10/01 18:59:54 | 000,129,416 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll
MOD - [2013/10/01 18:59:48 | 000,092,552 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll
MOD - [2013/10/01 18:59:44 | 000,032,648 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\icafile.dll
MOD - [2013/10/01 18:59:34 | 000,023,432 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll
MOD - [2013/10/01 18:59:28 | 000,395,656 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll
MOD - [2013/10/01 18:58:56 | 000,025,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll
MOD - [2013/10/01 18:57:40 | 000,117,128 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.dll
MOD - [2013/10/01 18:57:08 | 000,428,424 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.dll
MOD - [2013/10/01 18:56:54 | 000,571,784 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.dll
MOD - [2013/10/01 18:56:14 | 000,113,032 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\resource\en\cstUI.dll
MOD - [2013/10/01 18:56:14 | 000,020,872 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll
MOD - [2013/10/01 18:56:06 | 000,011,656 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.dll
MOD - [2013/10/01 15:31:58 | 002,293,760 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\Citrix\Receiver\Xerces-c_3_1.dll
MOD - [2013/10/01 15:31:02 | 000,322,888 | ---- | M] (Citrix Systems, Inc.) -- C:\Users\Mike\AppData\Local\Citrix\Receiver\WindowsAppRHelper_SelfServicePlugin.exe.dll
MOD - [2013/10/01 15:29:04 | 001,505,608 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
MOD - [2013/10/01 15:28:50 | 000,248,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Users\Mike\AppData\Local\Citrix\Receiver\WindowsAppRHelper_wfcrun32.exe.dll
MOD - [2013/10/01 15:28:50 | 000,248,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Users\Mike\AppData\Local\Citrix\Receiver\WindowsAppRHelper_concentr.exe.dll
MOD - [2013/10/01 15:28:48 | 000,088,392 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\Toaster.dll
MOD - [2013/10/01 15:28:46 | 000,620,872 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\ResourceKeeper.dll
MOD - [2013/10/01 15:28:46 | 000,104,776 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\ProgressNotification.dll
MOD - [2013/10/01 15:28:44 | 000,915,784 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\NativeSystrayUE.dll
MOD - [2013/10/01 15:28:44 | 000,055,624 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\NativeMessageBox.dll
MOD - [2013/09/11 20:21:54 | 001,652,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
MOD - [2013/09/11 20:21:54 | 000,863,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr110_clr0400.dll
MOD - [2013/09/11 20:21:54 | 000,788,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
MOD - [2013/09/11 20:21:54 | 000,505,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2013/09/11 20:21:54 | 000,074,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MOD - [2013/08/09 13:53:42 | 000,054,152 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
MOD - [2013/08/09 13:51:34 | 000,252,296 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\ReceiverShim.dll
MOD - [2013/07/25 17:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2013/04/30 21:47:13 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MOD - [2013/04/30 21:47:13 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MOD - [2013/04/30 21:47:13 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MOD - [2013/04/30 21:47:13 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
MOD - [2013/04/30 21:47:13 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
MOD - [2013/04/30 21:47:13 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
MOD - [2013/04/30 21:47:13 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
MOD - [2013/04/30 21:47:13 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
MOD - [2013/04/30 21:47:13 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MOD - [2013/04/30 21:47:12 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2013/01/24 10:12:30 | 000,270,336 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC40.exe
MOD - [2013/01/23 22:34:34 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\No-IP\ducapi.dll
MOD - [2012/12/07 04:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2012/10/09 09:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012/10/05 02:53:23 | 000,364,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2012/08/20 14:21:58 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
MOD - [2012/08/20 14:21:57 | 001,101,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
MOD - [2012/08/20 14:21:57 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012/08/20 14:21:57 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2012/08/06 21:25:12 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012/08/06 21:25:02 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MOD - [2012/08/06 21:25:02 | 000,960,440 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
MOD - [2012/08/06 21:21:30 | 000,250,368 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
MOD - [2012/07/17 14:49:00 | 000,145,648 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2012/07/04 13:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2012/05/23 17:50:36 | 000,307,200 | ---- | M] ( MarkAny.) -- C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll
MOD - [2012/04/15 16:08:57 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012/04/15 16:08:57 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012/01/04 00:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011/12/15 23:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011/12/09 09:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
MOD - [2011/11/16 21:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011/08/26 20:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011/05/24 02:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011/05/24 02:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011/05/20 09:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MOD - [2011/05/20 09:05:24 | 001,318,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
MOD - [2011/04/20 01:09:06 | 000,676,864 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2011/04/20 01:02:44 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWOW64\atipdlxx.dll
MOD - [2011/04/20 00:59:22 | 004,161,536 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2011/04/20 00:38:06 | 004,286,464 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2011/04/20 00:30:38 | 004,056,576 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2011/04/20 00:21:40 | 000,031,232 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
MOD - [2011/04/20 00:21:26 | 000,029,184 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2011/03/10 21:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011/03/02 21:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2010/12/13 13:37:18 | 000,514,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\LcProxy2.ax
MOD - [2010/12/13 13:37:16 | 000,817,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft LifeCam\CAL2.dll
MOD - [2010/11/20 19:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010/11/20 19:25:10 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2010/11/20 19:24:51 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bthprops.cpl
MOD - [2010/11/20 19:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010/11/20 19:24:32 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksproxy.ax
MOD - [2010/11/20 19:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010/11/20 19:24:28 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvfw32.dll
MOD - [2010/11/20 19:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010/11/20 19:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010/11/20 19:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010/11/20 19:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010/11/20 19:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010/11/20 19:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010/11/20 19:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010/11/20 19:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010/11/20 19:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010/11/20 19:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010/11/20 19:24:15 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Kswdmcap.ax
MOD - [2010/11/20 19:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010/11/20 19:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010/11/20 19:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010/11/20 19:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010/11/20 19:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010/11/20 19:24:08 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pdh.dll
MOD - [2010/11/20 19:24:08 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qcap.dll
MOD - [2010/11/20 19:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010/11/20 19:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010/11/20 19:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010/11/20 19:24:01 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010/11/20 19:24:01 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2010/11/20 19:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010/11/20 19:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010/11/20 19:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010/11/20 19:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010/11/20 19:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010/11/20 19:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010/11/20 19:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010/11/20 19:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010/11/20 19:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010/11/20 19:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010/11/20 19:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010/09/30 18:56:56 | 001,290,240 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
MOD - [2010/09/14 15:21:00 | 000,401,462 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\ASUS\SmartDoctor\msvcp60.dll
MOD - [2010/09/14 15:21:00 | 000,098,304 | ---- | M] (ASUSTek Computer Inc.,) -- C:\Program Files (x86)\ASUS\SmartDoctor\EIO.dll
MOD - [2010/09/14 15:21:00 | 000,057,344 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\SmartDoctor\xgctl.dll
MOD - [2010/09/14 15:21:00 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\SmartDoctor\VOV32.dll
MOD - [2010/09/14 15:17:00 | 000,643,142 | ---- | M] () -- C:\Program Files (x86)\ASUS\SmartDoctor\aticlocklib.dll
MOD - [2010/04/19 17:15:16 | 001,336,320 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\ATKLUMDISP.dll
MOD - [2010/04/15 18:33:30 | 000,135,168 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\atkdx11disp.dll
MOD - [2009/07/30 17:10:04 | 000,380,928 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
MOD - [2009/07/13 17:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/13 17:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/13 17:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/13 17:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009/07/13 17:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009/07/13 17:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009/07/13 17:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009/07/13 17:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnphost.dll
MOD - [2009/07/13 17:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/13 17:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/07/13 17:16:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll
MOD - [2009/07/13 17:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/13 17:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009/07/13 17:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009/07/13 17:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009/07/13 17:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009/07/13 17:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/13 17:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009/07/13 17:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009/07/13 17:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/13 17:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/13 17:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/13 17:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/13 17:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009/07/13 17:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009/07/13 17:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009/07/13 17:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009/07/13 17:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009/07/13 17:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009/07/13 17:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009/07/13 17:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009/07/13 17:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009/07/13 17:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009/07/13 17:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/13 17:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009/07/13 17:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2009/07/13 17:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009/07/13 17:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/13 17:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009/07/13 17:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009/07/13 17:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009/07/13 17:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009/07/13 17:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009/07/13 17:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009/07/13 17:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009/07/13 17:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009/07/13 17:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009/07/13 17:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/13 17:14:11 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vidcap.ax
MOD - [2009/07/13 17:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 17:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm
MOD - [2009/07/13 17:14:10 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msgsm32.acm
MOD - [2009/07/13 17:14:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msadp32.acm
MOD - [2009/07/13 17:14:10 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imaadp32.acm
MOD - [2009/07/13 17:14:10 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msg711.acm
MOD - [2009/07/13 17:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009/07/13 17:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009/07/13 17:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009/07/13 17:09:53 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll
MOD - [2009/07/13 17:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009/07/13 17:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009/04/29 19:46:20 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\GamerOSD\ImageTransform.dll
MOD - [2009/02/17 17:22:16 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\ASUS\GamerOSD\AudioOnVistaDLL.dll
MOD - [2000/03/31 21:11:08 | 000,291,408 | ---- | M] (Packed With Joy !) -- C:\Windows\SysWOW64\DivXa32.acm


========== Services (All) ==========

SRV:64bit: - [2015/10/30 15:12:09 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/10/20 10:42:14 | 002,608,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2015/10/19 17:04:53 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (VaultSvc)
SRV:64bit: - [2015/10/19 17:04:53 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2015/10/19 17:04:53 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2015/10/19 17:04:53 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:64bit: - [2015/10/19 17:04:53 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2015/10/19 17:04:53 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (EFS)
SRV:64bit: - [2015/10/07 18:27:58 | 002,780,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/10/01 10:00:43 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2015/08/05 09:56:14 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2015/07/30 10:06:57 | 001,180,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2015/07/15 10:10:58 | 001,743,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2015/07/01 12:49:56 | 000,260,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:64bit: - [2015/06/15 13:45:34 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2015/06/15 13:44:47 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2015/04/30 00:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2015/04/30 00:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2015/02/02 19:31:04 | 000,188,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2015/02/02 19:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2015/02/02 19:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2015/02/02 19:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/12/18 19:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2014/12/05 20:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2014/10/13 18:13:06 | 000,683,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2014/10/02 18:12:23 | 002,020,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2014/03/24 14:50:50 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2014/01/27 18:32:46 | 000,228,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2013/10/11 18:29:21 | 000,859,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/08 06:15:30 | 000,178,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV:64bit: - [2013/02/08 06:15:28 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV:64bit: - [2012/10/03 09:42:16 | 000,569,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2012/07/25 19:08:14 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2012/07/17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2012/07/04 14:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/04/16 07:43:25 | 001,255,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2012/02/10 22:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/05/24 03:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2011/05/03 21:19:28 | 000,591,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2011/04/20 01:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/03/02 22:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2010/12/13 13:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2010/11/20 19:25:14 | 001,504,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2010/11/20 19:25:14 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2010/11/20 19:25:10 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2010/11/20 19:25:07 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2010/11/20 19:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2010/11/20 19:25:05 | 001,525,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2010/11/20 19:24:52 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2010/11/20 19:24:51 | 000,232,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2010/11/20 19:24:51 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2010/11/20 19:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 19:24:42 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2010/11/20 19:24:41 | 000,692,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2010/11/20 19:24:36 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2010/11/20 19:24:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2010/11/20 19:24:33 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:64bit: - [2010/11/20 19:24:32 | 000,777,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2010/11/20 19:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2010/11/20 19:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2010/11/20 19:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 19:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 19:24:16 | 000,162,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2010/11/20 19:24:16 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
SRV:64bit: - [2010/11/20 19:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2010/11/20 19:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2010/11/20 19:24:09 | 000,080,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2010/11/20 19:24:09 | 000,080,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2010/11/20 19:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 19:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 19:24:00 | 001,389,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2010/11/20 19:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2010/11/20 19:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2010/11/20 19:23:56 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2010/11/20 19:23:56 | 000,444,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:64bit: - [2010/11/20 19:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 19:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 19:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2010/11/20 19:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 19:23:51 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2010/11/20 19:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2010/11/20 19:23:48 | 000,476,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:64bit: - [2010/11/20 19:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2009/12/01 13:22:58 | 000,063,488 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\Windows\SysNative\ATKFUSService.exe -- (ATKFUSService)
SRV:64bit: - [2009/07/13 17:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2009/07/13 17:41:57 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:64bit: - [2009/07/13 17:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/07/13 17:41:56 | 000,381,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2009/07/13 17:41:56 | 000,353,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2009/07/13 17:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2009/07/13 17:41:56 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2009/07/13 17:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 17:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 17:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2009/07/13 17:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2009/07/13 17:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2009/07/13 17:41:56 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:64bit: - [2009/07/13 17:41:56 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2009/07/13 17:41:56 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:64bit: - [2009/07/13 17:41:55 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2009/07/13 17:41:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:64bit: - [2009/07/13 17:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 17:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 17:41:54 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2009/07/13 17:41:54 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2009/07/13 17:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 17:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 17:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2009/07/13 17:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 17:41:53 | 000,438,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2009/07/13 17:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 17:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 17:41:53 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2009/07/13 17:41:53 | 000,190,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2009/07/13 17:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009/07/13 17:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2009/07/13 17:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 17:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:64bit: - [2009/07/13 17:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2009/07/13 17:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 17:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:64bit: - [2009/07/13 17:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 17:41:28 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2009/07/13 17:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2009/07/13 17:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:64bit: - [2009/07/13 17:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 17:41:18 | 000,300,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2009/07/13 17:41:18 | 000,023,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2009/07/13 17:41:11 | 000,156,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2009/07/13 17:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2009/07/13 17:41:09 | 000,101,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPBusEnum.dll -- (IPBusEnum)
SRV:64bit: - [2009/07/13 17:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 17:40:52 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:64bit: - [2009/07/13 17:40:52 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2009/07/13 17:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2009/07/13 17:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 17:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/13 17:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 17:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 17:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2009/07/13 17:39:55 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2009/07/13 17:39:48 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2009/07/13 17:39:41 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2009/07/13 17:39:21 | 000,141,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2009/07/13 17:39:15 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:64bit: - [2009/07/13 17:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV:64bit: - [2009/07/13 17:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV - [2015/11/10 19:43:35 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/11/05 08:44:06 | 000,836,176 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/11/03 21:07:22 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/10/05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/08/30 19:29:37 | 000,144,200 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2015/08/30 19:29:37 | 000,144,200 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2015/07/01 12:30:43 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2015/06/15 13:42:49 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2015/02/02 19:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2014/10/02 17:45:03 | 001,177,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2014/06/30 14:24:49 | 000,859,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2014/03/20 14:50:31 | 000,090,776 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2014/03/20 14:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 20:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/11 18:39:06 | 000,124,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2013/09/11 18:39:06 | 000,051,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2013/01/24 10:12:32 | 000,011,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\No-IP\ducservice.exe -- (NoIPDUCService4)
SRV - [2012/04/24 01:06:46 | 000,229,376 | ---- | M] (Visioneer Inc.) [Auto | Running] -- C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe -- (OneTouch 4.0 Monitor)
SRV - [2011/05/20 09:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/05/03 20:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2010/11/20 19:25:10 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2010/11/20 19:24:52 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2010/11/20 19:24:49 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2010/11/20 19:24:42 | 000,696,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2010/11/20 19:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 19:24:08 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2010/11/20 19:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/11/20 19:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 19:24:03 | 000,194,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2010/11/20 19:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 19:23:55 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2010/09/14 15:17:00 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR)
SRV - [2009/07/13 17:39:09 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/13 17:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009/07/13 17:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2009/07/13 17:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2009/07/13 17:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009/07/13 17:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2009/07/13 17:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2009/07/13 17:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2009/07/13 17:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2009/07/13 17:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009/07/13 17:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009/07/13 17:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009/07/13 17:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\appmgmts.dll -- (AppMgmt)
SRV - [2009/07/13 17:14:28 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2009/07/13 17:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2009/06/24 09:57:04 | 000,136,704 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2005/04/03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (All) ==========

DRV:64bit: - [2015/11/15 19:39:20 | 000,035,064 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2015/10/19 17:12:10 | 000,154,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2015/10/19 17:12:10 | 000,095,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2015/10/19 15:41:20 | 000,159,232 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2015/10/19 15:40:43 | 000,290,816 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2015/10/19 15:40:39 | 000,129,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2015/10/13 08:41:05 | 000,497,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2015/10/13 08:40:33 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2015/10/12 20:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2015/10/05 09:50:18 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2015/10/05 09:50:06 | 000,025,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/10/01 09:00:54 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2015/09/23 05:15:25 | 000,460,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2015/07/15 10:15:11 | 000,094,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:64bit: - [2015/03/04 18:34:52 | 000,280,376 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\MpFilter.sys -- (MpFilter)
DRV:64bit: - [2015/03/04 18:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2015/03/03 20:55:13 | 000,367,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS)
DRV:64bit: - [2015/02/24 19:18:01 | 000,754,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:64bit: - [2015/02/02 19:19:12 | 000,663,552 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2014/12/18 17:46:45 | 000,141,312 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2014/07/16 17:21:54 | 000,212,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2014/07/16 17:21:27 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2014/06/15 18:10:19 | 000,985,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2014/04/04 18:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:64bit: - [2014/04/04 18:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2014/03/18 16:24:44 | 000,040,728 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2014/03/18 16:24:40 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2014/03/18 16:24:38 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2014/02/03 18:35:49 | 000,274,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2014/01/23 18:37:55 | 001,684,928 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2013/11/26 17:41:37 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2013/11/26 17:41:15 | 000,099,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2013/11/26 17:41:11 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:64bit: - [2013/11/26 17:41:09 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2013/11/26 17:41:06 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2013/10/01 18:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/24 07:10:34 | 000,097,768 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2013/07/12 02:41:35 | 000,185,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2013/07/12 02:41:12 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:64bit: - [2013/07/12 02:40:58 | 000,109,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBAUDIO.sys -- (usbaudio)
DRV:64bit: - [2013/07/02 20:40:12 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbscan.sys -- (usbscan)
DRV:64bit: - [2013/06/25 14:55:52 | 000,785,624 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2013/04/12 10:41:58 | 000,237,840 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV:64bit: - [2013/04/12 10:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013/04/12 10:40:18 | 000,146,704 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV:64bit: - [2013/04/12 10:40:18 | 000,120,080 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV:64bit: - [2013/01/23 22:01:01 | 000,223,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2012/10/03 08:07:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2012/09/25 21:45:35 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2012/09/19 10:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 10:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 18:26:45 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2012/07/25 18:26:06 | 000,198,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2012/04/15 15:14:52 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2012/03/16 23:58:57 | 000,075,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 20:57:32 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2011/06/01 21:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/06/01 21:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/06/01 21:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/05/24 04:34:04 | 002,881,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTKVHD64.sys -- (IntcAzAudAddService)
DRV:64bit: - [2011/05/20 08:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/28 19:06:10 | 000,467,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:64bit: - [2011/04/28 19:05:49 | 000,410,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2011/04/28 19:05:37 | 000,168,448 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2011/04/21 10:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/20 01:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 00:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/10 22:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2011/03/10 22:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2011/03/10 22:41:26 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 20:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2011/02/22 20:55:04 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2011/02/07 21:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/02/07 21:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010/12/20 21:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/12/13 13:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 19:25:07 | 000,165,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (RDPDR)
DRV:64bit: - [2010/11/20 19:24:41 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2010/11/20 19:24:33 | 000,213,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2010/11/20 19:24:33 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)
DRV:64bit: - [2010/11/20 19:24:33 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)
DRV:64bit: - [2010/11/20 19:24:32 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2010/11/20 19:24:32 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2010/11/20 19:24:27 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2010/11/20 19:24:24 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2010/11/20 19:24:15 | 000,366,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2010/11/20 19:24:15 | 000,363,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2010/11/20 19:24:15 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2010/11/20 19:24:14 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2010/11/20 19:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2010/11/20 19:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
DRV:64bit: - [2010/11/20 19:24:09 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2010/11/20 19:24:08 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2010/11/20 19:24:08 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2010/11/20 19:24:08 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:64bit: - [2010/11/20 19:24:00 | 000,289,664 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2010/11/20 19:23:55 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010/11/20 19:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:64bit: - [2010/11/20 19:23:48 | 000,199,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2010/11/20 19:23:48 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:64bit: - [2010/11/20 19:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 19:23:48 | 000,046,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2010/11/20 19:23:48 | 000,034,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2010/11/20 19:23:48 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2010/11/20 19:23:48 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2010/11/20 19:23:47 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2010/11/20 19:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2010/11/20 19:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2010/11/20 19:23:47 | 000,229,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2010/11/20 19:23:47 | 000,215,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2010/11/20 19:23:47 | 000,184,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2010/11/20 19:23:47 | 000,155,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2010/11/20 19:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2010/11/20 19:23:47 | 000,140,672 | ---- | M] (Microsoft Corporation) [Kernel |
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

OTL.txt part 2

Unread postby ukemike » November 22nd, 2015, 3:13 pm

On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2010/11/20 19:23:47 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,103,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 19:23:47 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2010/11/20 19:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
DRV:64bit: - [2010/11/20 19:23:47 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2010/11/20 19:23:47 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2010/11/20 19:23:47 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2010/11/20 19:23:47 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:64bit: - [2010/11/20 19:23:47 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2010/11/20 19:23:47 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2010/10/19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/30 19:35:06 | 000,302,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010/09/14 15:21:00 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:64bit: - [2010/08/15 14:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2009/11/17 15:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 17:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:64bit: - [2009/07/13 17:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009/07/13 17:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2009/07/13 17:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2009/07/13 17:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2009/07/13 17:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2009/07/13 17:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2009/07/13 17:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:64bit: - [2009/07/13 17:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009/07/13 17:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2009/07/13 17:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/07/13 17:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:64bit: - [2009/07/13 17:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2009/07/13 17:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2009/07/13 17:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:64bit: - [2009/07/13 17:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2009/07/13 17:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2009/07/13 17:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2009/07/13 17:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2009/07/13 17:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2009/07/13 17:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2009/07/13 17:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2009/07/13 17:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2009/07/13 17:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2009/07/13 17:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 17:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2009/07/13 17:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:64bit: - [2009/07/13 17:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2009/07/13 17:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:64bit: - [2009/07/13 17:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009/07/13 17:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 17:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2009/07/13 17:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:64bit: - [2009/07/13 17:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:64bit: - [2009/07/13 17:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2009/07/13 17:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009/07/13 17:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009/07/13 17:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:64bit: - [2009/07/13 17:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2009/07/13 17:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2009/07/13 17:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2009/07/13 17:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2009/07/13 17:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 17:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2009/07/13 17:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009/07/13 17:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid)
DRV:64bit: - [2009/07/13 16:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:64bit: - [2009/07/13 16:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 16:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 16:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:64bit: - [2009/07/13 16:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2009/07/13 16:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2009/07/13 16:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2009/07/13 16:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009/07/13 16:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)
DRV:64bit: - [2009/07/13 16:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)
DRV:64bit: - [2009/07/13 16:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/07/13 16:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2009/07/13 16:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2009/07/13 16:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2009/07/13 16:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2009/07/13 16:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2009/07/13 16:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2009/07/13 16:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 16:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb)
DRV:64bit: - [2009/07/13 16:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2009/07/13 16:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2009/07/13 16:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2009/07/13 16:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2009/07/13 16:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 16:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/07/13 16:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 16:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2009/07/13 16:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2009/07/13 16:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 16:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394)
DRV:64bit: - [2009/07/13 16:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2009/07/13 16:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 16:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2009/07/13 16:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2009/07/13 16:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 16:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2009/07/13 16:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2009/07/13 16:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2009/07/13 16:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2009/07/13 16:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:64bit: - [2009/07/13 16:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2009/07/13 16:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2009/07/13 16:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2009/07/13 16:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2009/07/13 16:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:64bit: - [2009/07/13 16:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2009/07/13 16:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2009/07/13 16:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2009/07/13 16:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2009/07/13 16:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2009/07/13 16:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2009/07/13 16:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 15:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:64bit: - [2009/07/13 15:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2009/07/13 15:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
DRV:64bit: - [2009/07/13 15:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 15:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2009/07/13 15:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 15:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2009/07/13 15:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 15:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2009/07/13 15:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2009/07/13 15:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2009/07/13 15:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2009/07/13 15:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009/07/13 15:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2009/07/13 15:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2009/07/13 15:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009/07/13 15:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009/07/13 15:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2009/07/13 15:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2009/07/13 15:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2009/07/13 15:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:64bit: - [2009/07/13 15:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/13 15:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2009/06/10 12:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2009/06/10 12:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2009/06/10 12:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2009/06/10 12:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2009/06/10 12:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2009/06/10 12:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/17 17:22:22 | 000,039,424 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV:64bit: - [2009/02/17 17:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 09 48 D4 64 AF 51 CF 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultenginename.US: "Google"
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Bing,Twitter"
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.startup.homepage: "http://www.netvibes.com/privatepage/1#Home"
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.18.1-signed
FF - prefs.js..extensions.enabledAddons: %7B1A2D0EC4-75F5-4c91-89C4-3656F6E44B68%7D:0.6.3.1-signed
FF - prefs.js..extensions.enabledAddons: imageblock%40hemantvats.com:2.1.1-signed
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.2.1
FF - prefs.js..extensions.enabledAddons: anticontainer%40downthemall.net:1.4
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.9.39
FF - prefs.js..extensions.enabledAddons: https-everywhere-eff%40eff.org:5.1.1
FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Citrix.com/npagee64,version=10.5.54.9: C:\Program Files\Citrix\Secure Access Client\npagee64.dll (Citrix Systems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npagee,version=10.5.54.9: C:\Program Files\Citrix\Secure Access Client\npagee.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015/02/06 23:22:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 14:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/11/03 21:07:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/11/03 21:07:17 | 000,000,000 | ---D | M]

[2012/04/15 15:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions
[2015/11/20 20:47:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions
[2015/08/30 19:32:55 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\https-everywhere-eff@eff.org
[2015/10/18 17:00:41 | 000,094,245 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\anticontainer@downthemall.net.xpi
[2015/11/20 20:47:41 | 000,658,583 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
[2015/08/23 22:14:21 | 000,022,699 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\imageblock@hemantvats.com.xpi
[2015/08/30 19:32:39 | 000,010,635 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\tineye@ideeinc.com.xpi
[2015/05/29 05:46:32 | 000,103,648 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2015/10/25 22:04:59 | 000,562,123 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2015/09/24 19:09:45 | 000,962,762 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015/05/27 11:24:24 | 000,665,944 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2015/11/20 20:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2015/11/03 21:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/11/03 21:07:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/04/13 19:00:48 | 000,170,592 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2014/03/19 18:25:46 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2014/03/19 18:25:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2014/03/19 18:25:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2014/03/19 18:25:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2014/03/19 18:25:48 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2011/12/09 09:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl\2015.1102.418.3_0\
CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" File not found
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Redirector] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [Google Update] C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_A9A28D217F0AF6C0AE66A9006030A09A] C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [NoIPDUCv4] C:\Program Files (x86)\No-IP\DUC40.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: terracon.com ([]* in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.201.224.11 208.201.224.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5039F796-9A3C-4853-A851-000D20138441}: DhcpNameServer = 208.201.224.11 208.201.224.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5039F796-9A3C-4853-A851-000D20138441}: NameServer = 208.67.222.222,208.67.220.220,173.230.156.28,23.226.230.72,69.164.196.21,50.116.23.211
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4243e145-8744-11e1-9ec5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4243e145-8744-11e1-9ec5-806e6f6e6963}\Shell\AutoRun\command - "" = F:\ASRSetup.exe
O33 - MountPoints2\{54484ec6-9472-11e4-8e92-bc5ff41c4043}\Shell - "" = AutoRun
O33 - MountPoints2\{54484ec6-9472-11e4-8e92-bc5ff41c4043}\Shell\AutoRun\command - "" = I:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015/11/21 15:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2015/11/21 14:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/11/21 14:38:00 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/11/21 14:38:00 | 000,025,816 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/11/21 14:38:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/11/21 14:36:27 | 022,908,888 | ---- | C] (Malwarebytes ) -- C:\Users\Mike\Desktop\mbam-setup-2.2.0.1024.exe
[2015/11/20 21:00:25 | 004,397,752 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2015/11/20 20:43:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/11/17 22:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2015/11/17 22:32:28 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/11/17 22:32:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\mbar
[2015/11/17 22:23:31 | 016,563,352 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Mike\Desktop\mbar-1.09.3.1001.exe
[2015/11/17 22:23:31 | 001,599,080 | ---- | C] (Malwarebytes) -- C:\Users\Mike\Desktop\JRT.exe
[2015/11/17 22:23:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2015/11/17 21:48:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/11/17 18:19:43 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2015/11/17 18:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2015/11/17 18:10:40 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Users\Mike\Desktop\MGADiag.exe
[2015/11/17 18:10:40 | 000,509,440 | ---- | C] (Tech Support Guy System) -- C:\Users\Mike\Desktop\SysInfo.exe
[2015/11/15 19:49:40 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Mike\Desktop\dds.scr
[2015/11/15 13:03:51 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\CrashDumps
[2015/11/15 12:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2015/11/15 09:48:31 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\111515
[2015/11/10 20:20:31 | 003,168,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/11/10 20:20:31 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/11/10 20:20:31 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/11/10 20:20:31 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/11/10 20:20:31 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/11/10 20:20:31 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/11/10 20:20:31 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/11/10 20:20:31 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/11/10 20:20:31 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/11/10 20:20:31 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/11/10 20:20:31 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/11/10 20:20:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/11/10 20:20:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/11/10 20:20:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/11/10 20:20:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/11/10 20:20:24 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/11/10 20:20:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/11/10 20:20:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/11/10 20:20:24 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/11/10 20:20:23 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/11/10 20:20:23 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2015/11/10 20:20:23 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/11/10 20:20:23 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/11/10 20:20:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/11/10 20:20:23 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/11/10 20:20:22 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/11/10 20:20:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2015/11/10 20:20:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/11/10 20:20:21 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/11/10 20:20:21 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/11/10 20:20:21 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/11/10 20:20:21 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/11/10 20:20:21 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/11/10 20:20:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/11/10 20:20:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/11/10 20:20:20 | 002,126,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/11/10 20:20:20 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/11/10 20:20:20 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/11/10 20:20:20 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/11/10 20:20:20 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/11/10 20:20:19 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/11/10 20:20:19 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/11/10 20:20:19 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/11/10 20:20:19 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/11/10 20:20:18 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/11/10 20:20:18 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/11/10 20:20:18 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/11/10 20:20:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/11/10 20:20:17 | 005,990,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/11/10 20:20:17 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/11/10 20:20:17 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/11/10 20:20:17 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/11/10 20:20:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/11/10 20:20:16 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/11/10 20:20:16 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/11/10 20:20:16 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/11/10 20:17:59 | 005,570,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/11/10 20:17:59 | 003,991,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/11/10 20:17:58 | 003,935,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/11/10 20:17:58 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/11/10 20:17:58 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/11/10 20:17:58 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/11/10 20:17:58 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/11/10 20:17:58 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/11/10 20:17:58 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/11/10 20:17:58 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/11/10 20:17:58 | 000,299,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2015/11/10 20:17:58 | 000,251,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcryptprimitives.dll
[2015/11/10 20:17:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/11/10 20:17:57 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/11/10 20:17:57 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/11/10 20:17:57 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/11/10 20:17:57 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/11/10 20:17:57 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/11/10 20:17:57 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/11/10 20:17:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/11/10 20:17:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/11/10 20:17:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/11/10 20:17:56 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/11/10 20:17:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/11/10 20:17:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/11/10 20:17:56 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/11/10 20:17:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/11/10 20:17:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/11/10 20:17:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/11/10 20:17:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/11/10 20:17:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/11/10 20:17:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/11/10 20:17:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/11/10 20:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/11/10 20:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/11/10 20:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/11/10 20:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/11/10 20:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/11/10 20:17:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/11/10 20:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/11/10 20:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/11/10 20:17:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/11/10 20:17:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/11/10 20:17:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/11/10 20:17:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/11/10 20:17:54 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/11/10 20:17:54 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/11/10 20:17:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/11/10 20:17:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/11/10 20:17:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/11/10 20:17:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/11/10 20:17:46 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2015/11/10 20:17:46 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2015/11/10 20:17:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[2015/11/10 19:43:24 | 005,286,088 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015/11/03 21:07:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/11/01 08:52:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minutor
[2015/11/01 08:52:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minutor
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

Re: PUMS.dns help

Unread postby ukemike » November 22nd, 2015, 3:14 pm

========== Files - Modified Within 30 Days ==========

[2015/11/22 10:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/11/22 10:40:05 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/22 10:19:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-517068509-634416315-2748464958-1000UA.job
[2015/11/22 02:13:42 | 000,031,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/11/22 02:13:42 | 000,031,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/11/21 22:40:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/21 16:19:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-517068509-634416315-2748464958-1000Core.job
[2015/11/21 14:42:33 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/11/21 14:38:05 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/11/21 14:34:26 | 022,908,888 | ---- | M] (Malwarebytes ) -- C:\Users\Mike\Desktop\mbam-setup-2.2.0.1024.exe
[2015/11/21 14:26:30 | 000,799,414 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/11/21 14:26:30 | 000,674,782 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/11/21 14:26:30 | 000,126,454 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/11/21 14:22:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/11/21 14:22:09 | 2133,860,351 | -HS- | M] () -- C:\hiberfil.sys
[2015/11/20 20:59:04 | 004,397,752 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2015/11/20 20:53:25 | 000,165,376 | ---- | M] () -- C:\Users\Mike\Desktop\SystemLook_x64.exe
[2015/11/20 20:42:58 | 000,000,253 | ---- | M] () -- C:\Users\Mike\Desktop\PUMS.dns help Free Malware Removal Forum.URL
[2015/11/20 07:08:40 | 000,151,327 | ---- | M] () -- C:\Users\Mike\Desktop\Print Ticket.pdf
[2015/11/18 22:13:49 | 000,491,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/11/18 07:08:43 | 000,791,536 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/11/17 22:04:38 | 016,563,352 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Mike\Desktop\mbar-1.09.3.1001.exe
[2015/11/17 22:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2015/11/17 22:00:30 | 001,599,080 | ---- | M] (Malwarebytes) -- C:\Users\Mike\Desktop\JRT.exe
[2015/11/17 21:47:00 | 001,732,096 | ---- | M] () -- C:\Users\Mike\Desktop\adwcleaner_5.021.exe
[2015/11/17 06:50:28 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Mike\Desktop\MGADiag.exe
[2015/11/17 06:50:10 | 000,025,088 | ---- | M] () -- C:\Users\Mike\Desktop\codecheck.exe
[2015/11/17 06:50:00 | 000,509,440 | ---- | M] (Tech Support Guy System) -- C:\Users\Mike\Desktop\SysInfo.exe
[2015/11/17 06:49:52 | 000,468,480 | ---- | M] () -- C:\Users\Mike\Desktop\CKScanner.exe
[2015/11/17 06:49:32 | 000,007,596 | ---- | M] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2015/11/15 19:39:20 | 000,035,064 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/11/15 19:27:56 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Mike\Desktop\dds.scr
[2015/11/15 07:41:08 | 843,776,579 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015/11/10 19:43:35 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/11/10 19:43:35 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/11/10 19:43:25 | 005,286,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015/11/05 22:24:10 | 000,001,142 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2015/10/30 15:40:38 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/10/30 15:25:55 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/10/30 15:25:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/10/30 15:25:08 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/10/30 15:24:50 | 000,585,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/10/30 15:24:34 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/10/30 15:16:25 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/10/30 15:13:14 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/10/30 15:12:09 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/10/30 15:12:09 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/10/30 15:11:58 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/10/30 15:11:51 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/10/30 15:11:46 | 005,990,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/10/30 15:04:48 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/10/30 15:01:22 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/10/30 14:53:49 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/10/30 14:49:46 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/10/30 14:49:06 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/10/30 14:46:32 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/10/30 14:46:27 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/10/30 14:45:51 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/10/30 14:45:42 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/10/30 14:44:57 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/10/30 14:44:55 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2015/10/30 14:39:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/10/30 14:37:31 | 000,480,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/10/30 14:36:25 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/10/30 14:36:24 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/10/30 14:36:06 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/10/30 14:32:13 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/10/30 14:31:26 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/10/30 14:29:57 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/10/30 14:29:52 | 002,126,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/10/30 14:23:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/10/30 14:21:10 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/10/30 14:19:51 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/10/30 14:17:41 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2015/10/30 14:09:23 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/10/30 14:09:15 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/10/30 13:53:01 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/10/30 13:46:02 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/10/24 07:42:32 | 000,000,211 | ---- | M] () -- C:\Users\Mike\Desktop\Call of Duty Black Ops II.url
[2015/10/23 20:04:48 | 000,000,208 | ---- | M] () -- C:\Users\Mike\Desktop\Team Fortress 2.url

========== Files Created - No Company Name ==========

[2015/11/21 14:38:05 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/11/20 20:53:29 | 000,165,376 | ---- | C] () -- C:\Users\Mike\Desktop\SystemLook_x64.exe
[2015/11/20 20:42:58 | 000,000,253 | ---- | C] () -- C:\Users\Mike\Desktop\PUMS.dns help Free Malware Removal Forum.URL
[2015/11/20 07:09:00 | 000,151,327 | ---- | C] () -- C:\Users\Mike\Desktop\Print Ticket.pdf
[2015/11/17 21:47:59 | 001,732,096 | ---- | C] () -- C:\Users\Mike\Desktop\adwcleaner_5.021.exe
[2015/11/17 18:10:40 | 000,468,480 | ---- | C] () -- C:\Users\Mike\Desktop\CKScanner.exe
[2015/11/17 18:10:40 | 000,025,088 | ---- | C] () -- C:\Users\Mike\Desktop\codecheck.exe
[2015/11/15 21:17:39 | 000,007,596 | ---- | C] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2015/11/15 12:16:36 | 000,035,064 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/10/24 07:42:32 | 000,000,211 | ---- | C] () -- C:\Users\Mike\Desktop\Call of Duty Black Ops II.url
[2015/10/23 20:04:47 | 000,000,208 | ---- | C] () -- C:\Users\Mike\Desktop\Team Fortress 2.url
[2015/10/04 19:20:11 | 000,005,976 | ---- | C] () -- C:\Users\Mike\AppData\Local\recently-used.xbel
[2013/06/22 21:05:19 | 000,001,298 | ---- | C] () -- C:\Users\Mike\.ufrawrc
[2012/08/28 13:59:48 | 000,060,304 | ---- | C] () -- C:\Users\Mike\g2mdlhlpx.exe
[2012/04/30 19:43:22 | 000,008,192 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 10:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 09:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

Re: PUMS.dns help

Unread postby pgmigg » November 22nd, 2015, 6:40 pm

Hello ukemike,

I disappointed in several of these results. I downloaded most of these from reputable download sites like cnet or the some cases, directly from the vendor's site. Many of these are supposedly the best app in the class.
The words "reputable download sites like cnet" mean only that downloading a file, you have a minimal chance to infect your computer - those sites are notified that all downloads were checked by some anti-virus scanning. The same may be said about about direct downloading from the vendor sites.

The real problem lies in a completely different place - the program could be wrote using the technology for the production of viruses or malware, and in some cases, contain pieces of code that can be run independently, together with the finding of some specific conditions on the user's machine. I'm not saying that these programs do not do what should be, but they can do something even third or be used by third parties.

The online scanning tools like ESET allow to find such applications. For this reason, the scan log contains words such as "probably unknown", "potentially unwanted", or "potentially unsafe" applications. It does not say directly that the virus was found, but made it clear that to the file should be treated with suspicion.

The online file scanners like Jotti contain dozens of individual scanners and all of them are scanned the file. As a result we have summary log where statistic started to work. Based on statistics and personal experience, I can draw some conclusions about what makes sense to remove, and that you can leave.

Step 0.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :Files
    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe
    D:\Downloads\agsetup183se(1).exe
    D:\Downloads\agsetup183se.exe
    D:\Downloads\AxCrypt-1.7.2976.0-Setup.exe
    D:\Downloads\cdbxp_setup_4.5.0.3717.exe
    D:\Downloads\cnet2_SetupDWGTrueView2007_exe.exe
    D:\Downloads\FFSetup3.3.3.0.exe
    D:\Downloads\flvplayer4free_setup.exe
    D:\Downloads\uTorrent.exe
    D:\Downloads\winamp5623_full_emusic-7plus_en-us.exe
    D:\Downloads\windows.7.codec.pack.v4.0.3.setup.exe
    D:\Downloads\ImgBurn_2.5.7.0\SetupImgBurn_2.5.7.0.exe
    
    :Commands
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Please close it.

Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.
Before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps.

Step 1.
OTL - Run Script
You should still have OTL on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    
  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 2.
OTL-Cleanup
You should still have OTL on your desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal, please select OK to reboot your computer.

Step 3.
Hide Hidden and System files
  1. Close all programs so that you are at your desktop.
  2. Press Image.
  3. Click the Start Search box on the Start Menu
  4. Copy and paste the following value, in the open text entry box:
    change search options for files and folders
  5. Click on the View tab, then under the "Hidden files and folders" section
    • UNSELECT "Show hidden files and folders"
    • Place check mark in check box "Hide extensions for known file types"
    • Place check mark in check box "Hide protected operating system files"
  6. Press the Apply, then the OK buttons.

Step 4.
Please download delfix and save it to your desktop.
  1. Right-click on delfix.exe and select "Run as administrator"to run it.
  2. Check the following boxes then click on Run.
    1. Activate UAC
    2. Remove disinfection tools
    3. Create registry backup
    4. Reset system settings
  3. All tools we used to clean your computer should be gone now.
  4. You can now delete any tools/logs we used if they remain on your computer.

Then:
  • Please don't forget to enable and update all your defense software!

Finally:
Please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: PUMS.dns help

Unread postby ukemike » November 22nd, 2015, 7:32 pm

My only remaining question is this, how can I support this service? It's been great and way beyond what I could have done on my own. I'd like to help this sort of thing continue into the future.

Thanks
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

Re: PUMS.dns help

Unread postby pgmigg » November 23rd, 2015, 11:42 am

You're very welcome ukemike!

My only remaining question is this, how can I support this service?
Thank you for such kind offer but MWR does not have a process for accepting donations...

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 12 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware