Untitled



OTL logfile created on: 10/30/2014 6:35:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Users\Adrock\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

16.00 Gb Total Physical Memory | 12.53 Gb Available Physical Memory | 78.33% Memory free
32.00 Gb Paging File | 29.17 Gb Available in Paging File | 91.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 366.02 Gb Free Space | 39.30% Space Free | Partition Type: NTFS
Drive D: | 1.88 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 232.88 Gb Total Space | 81.55 Gb Free Space | 35.02% Space Free | Partition Type: NTFS
Drive F: | 100.00 Mb Total Space | 70.29 Mb Free Space | 70.29% Space Free | Partition Type: NTFS

Computer Name: ADROCK-PC | User Name: Adrock | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/10/30 18:34:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Adrock\Downloads\OTL.scr
PRC - [2014/10/22 05:25:40 | 000,077,088 | ---- | M] () -- E:\Program Files (x86)\Overwolf\0.81.34.0\OverwolfBrowser.exe
PRC - [2014/10/22 05:25:40 | 000,054,048 | ---- | M] (Overwolf LTD) -- E:\Program Files (x86)\Common Files\Overwolf\0.81.34.0\OverwolfHelper.exe
PRC - [2014/10/22 05:25:40 | 000,039,712 | ---- | M] (Overwolf LTD) -- E:\Program Files (x86)\Overwolf\Overwolf.exe
PRC - [2014/10/08 18:22:34 | 003,164,160 | ---- | M] (GoPro) -- E:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
PRC - [2014/09/24 17:21:28 | 000,275,568 | ---- | M] (Mozilla Corporation) -- E:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/07/22 17:15:56 | 002,694,040 | ---- | M] (Adobe Systems Incorporated) -- E:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2014/07/03 06:25:22 | 000,490,360 | ---- | M] (Adobe Systems Incorporated) -- E:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
PRC - [2014/06/23 11:41:22 | 000,585,560 | ---- | M] (Razer Inc.) -- E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2014/05/29 19:35:33 | 002,352,072 | ---- | M] (NVIDIA Corporation) -- E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/05/29 19:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/04/14 22:14:28 | 000,664,344 | ---- | M] (Logitech Inc.) -- E:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
PRC - [2014/02/27 22:12:22 | 000,893,312 | ---- | M] (Adobe Systems Incorporated) -- E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2014/02/19 06:06:04 | 000,769,904 | ---- | M] (Adobe Systems Incorporated) -- E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2013/09/12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/05/19 11:10:22 | 000,909,824 | ---- | M] (Creative Technology Ltd) -- E:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- E:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
PRC - [2011/02/22 12:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/22 12:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/10/22 05:25:40 | 000,077,088 | ---- | M] () -- E:\Program Files (x86)\Overwolf\0.81.34.0\OverwolfBrowser.exe
MOD - [2014/10/22 05:23:40 | 000,025,600 | ---- | M] () -- E:\Program Files (x86)\Overwolf\0.81.34.0\CoreAudioApi.dll
MOD - [2014/10/22 05:23:26 | 000,514,528 | ---- | M] () -- E:\Program Files (x86)\Overwolf\0.81.34.0\libGLESv2.dll
MOD - [2014/10/22 05:23:26 | 000,105,952 | ---- | M] () -- E:\Program Files (x86)\Overwolf\0.81.34.0\libEGL.dll
MOD - [2014/10/22 05:23:18 | 038,713,856 | ---- | M] () -- E:\Program Files (x86)\Overwolf\0.81.34.0\libcef.dll
MOD - [2014/10/16 18:29:32 | 000,018,944 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\38d6578b4fe29bede85ffff08e3697b6\PresentationFramework-SystemXml.ni.dll
MOD - [2014/10/16 18:29:32 | 000,014,336 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9370714a38ae2805434296b26a9f5b14\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/10/16 18:29:31 | 000,025,088 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\63e9d81bd805aea8f8690fee2efc9a9e\PresentationFramework-SystemCore.ni.dll
MOD - [2014/10/16 18:28:55 | 000,399,872 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll
MOD - [2014/10/16 18:28:38 | 000,240,128 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b20319dfb7dd671d2de2f383cd2551ce\WindowsFormsIntegration.ni.dll
MOD - [2014/10/16 18:28:25 | 000,401,408 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3063abda312516739bc808360071bad9\System.Xml.Linq.ni.dll
MOD - [2014/10/16 18:28:06 | 000,094,208 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\8d244c1a1a93f7112ce256a5ef8f835e\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014/10/16 18:27:56 | 001,669,632 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4226c9534360af6f012709924f6a1160\Microsoft.VisualBasic.ni.dll
MOD - [2014/10/16 18:27:49 | 001,051,136 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll
MOD - [2014/10/16 18:27:21 | 002,297,344 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\e3641fa3359f37ad12c84183ce765093\System.Core.ni.dll
MOD - [2014/10/16 18:27:18 | 002,347,008 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
MOD - [2014/10/16 17:32:51 | 000,368,128 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll
MOD - [2014/10/16 17:32:51 | 000,212,992 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a229c5bed4a12b5db6ca55d223ada6df\System.ServiceProcess.ni.dll
MOD - [2014/10/16 17:32:46 | 011,922,944 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014/10/16 17:32:42 | 000,774,144 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b3011370dcbf33751d3b9dce8091c6c6\System.Runtime.Remoting.ni.dll
MOD - [2014/10/16 17:32:41 | 006,638,592 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\4b335bfaa07fc54f2d72213d33f53e97\System.Data.ni.dll
MOD - [2014/10/16 17:32:35 | 014,340,096 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll
MOD - [2014/10/16 17:32:27 | 000,039,424 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\72f49527a25b388720860af3ab9801ba\PresentationCFFRasterizer.ni.dll
MOD - [2014/10/16 17:32:26 | 012,435,968 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/16 17:32:22 | 001,593,344 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/16 17:32:19 | 005,467,648 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/16 17:32:17 | 000,978,432 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/16 17:32:16 | 012,236,800 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll
MOD - [2014/10/16 17:32:09 | 003,348,480 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/16 17:32:07 | 007,991,808 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/10/16 00:01:52 | 018,813,440 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014/10/16 00:01:44 | 011,025,920 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014/10/16 00:01:42 | 012,894,208 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/16 00:01:39 | 007,668,736 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/16 00:01:39 | 006,990,336 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/16 00:01:39 | 001,889,792 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/10/16 00:01:38 | 003,950,080 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014/10/16 00:01:38 | 000,805,376 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\54565a827b0e5a6f78e93e2ae06dd0e4\System.Runtime.Remoting.ni.dll
MOD - [2014/10/16 00:01:37 | 002,822,144 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014/10/16 00:01:37 | 000,470,528 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014/10/16 00:01:36 | 001,644,544 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/16 00:01:36 | 001,180,672 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\c90a4b709b46b64c89fce02585d55370\System.Management.ni.dll
MOD - [2014/10/16 00:01:36 | 000,976,384 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/16 00:01:36 | 000,794,112 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014/10/16 00:01:36 | 000,122,880 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014/10/16 00:01:35 | 010,100,736 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/10/08 18:22:34 | 001,795,584 | ---- | M] () -- E:\Program Files (x86)\GoPro\Tools\Importer\GPSDKAnalyticsNet.dll
MOD - [2014/09/24 17:21:28 | 003,715,184 | ---- | M] () -- E:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/09/16 13:53:14 | 008,896,160 | ---- | M] () -- E:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
MOD - [2014/09/10 14:48:27 | 000,060,928 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\999c911e76788a9129049c062707dcec\UIAutomationProvider.ni.dll
MOD - [2014/09/10 14:48:26 | 000,025,600 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\0483c93466914f3fbd5b44454b0c8a98\Accessibility.ni.dll
MOD - [2014/09/10 14:48:12 | 011,497,984 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/07/31 12:16:44 | 000,073,544 | ---- | M] () -- E:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 12:16:12 | 001,044,776 | ---- | M] () -- E:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/07/03 06:45:40 | 032,733,056 | ---- | M] () -- E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
MOD - [2014/07/03 06:45:40 | 000,742,784 | ---- | M] () -- E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libGLESv2.dll
MOD - [2014/07/03 06:45:40 | 000,136,576 | ---- | M] () -- E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libEGL.dll
MOD - [2014/05/26 09:44:46 | 000,190,976 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/05/25 23:40:36 | 016,953,856 | ---- | M] () -- E:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/03/20 18:49:19 | 002,952,704 | ---- | M] () -- E:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/05/29 19:28:54 | 021,055,432 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2011/07/04 15:19:30 | 000,395,136 | R--- | M] (cFos Software GmbH) [Auto | Running] -- E:\Program Files\ASRock\XFast LAN\spd.exe -- (cFosSpeedS)
SRV - [2014/10/22 05:25:38 | 000,997,664 | ---- | M] (Overwolf LTD) [On_Demand | Stopped] -- E:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdater)
SRV - [2014/09/24 17:21:28 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/24 17:11:04 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/29 19:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/04/18 11:07:21 | 000,032,960 | ---- | M] (Razer, Inc.) [Auto | Running] -- E:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe -- (RzOvlMon)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- E:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2011/02/22 12:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/22 12:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014/10/29 18:33:43 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014/05/29 19:28:53 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2014/05/24 00:40:29 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2014/05/19 02:47:30 | 000,039,080 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:[b]64bit:[/b] - [2014/05/19 02:47:30 | 000,034,984 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\rzmpos.sys -- (rzmpos)
DRV:[b]64bit:[/b] - [2014/05/19 02:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:[b]64bit:[/b] - [2014/04/18 11:02:50 | 000,129,472 | ---- | M] (Razer, Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\RzDxgk.sys -- (RzDxgk)
DRV:[b]64bit:[/b] - [2014/04/18 11:02:50 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)
DRV:[b]64bit:[/b] - [2014/03/31 21:06:06 | 000,058,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2014/03/31 12:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2013/06/16 08:38:16 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- E:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/07/04 15:19:34 | 001,632,128 | ---- | M] (cFos Software GmbH) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\cfosspeed6.sys -- (cFosSpeed)
DRV:[b]64bit:[/b] - [2011/06/19 18:53:30 | 000,065,632 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:[b]64bit:[/b] - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2011/04/14 23:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2011/04/08 07:00:06 | 000,312,624 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- E:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:[b]64bit:[/b] - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- E:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- E:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/02/14 19:19:56 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2011/02/08 01:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:[b]64bit:[/b] - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- E:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2011/01/27 01:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/06/11 14:37:14 | 000,015,368 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:[b]64bit:[/b] - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:[b]64bit:[/b] - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:[b]64bit:[/b] - [2009/11/17 19:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:[b]64bit:[/b] - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/07/10 22:52:23 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20140723.001\ex64.sys -- (NAVEX15)
DRV - [2014/07/10 22:52:23 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20140723.001\eng64.sys -- (NAVENG)
DRV - [2014/06/11 15:11:43 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/06/11 15:11:43 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/05/23 16:23:54 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20140722.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/05/10 01:12:10 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20140718.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- E:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\Windows\System32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FC 05 87 D6 DE F3 CF 01  [binary data]
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: E:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: E:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: E:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFF [2014/05/24 00:40:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2014/10/30 07:33:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: E:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: E:\Program Files (x86)\Mozilla Firefox\plugins [2014/09/24 17:21:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: E:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: E:\Program Files (x86)\Mozilla Firefox\plugins [2014/09/24 17:21:27 | 000,000,000 | ---D | M]

[2014/05/23 22:03:11 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Adrock\AppData\Roaming\Mozilla\Extensions
[2014/10/29 13:39:01 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Adrock\AppData\Roaming\Mozilla\Firefox\Profiles\6yygbg8j.default\extensions
[2014/09/24 17:21:27 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/24 17:21:28 | 000,000,000 | ---D | M] (Default) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/15 03:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- E:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

O1 HOSTS File: ([2014/10/28 23:25:35 | 000,000,027 | ---- | M]) - E:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:[b]64bit:[/b] - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - E:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - E:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - E:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] E:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] E:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] E:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] "E:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] E:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] E:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] E:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [THXCfg64] E:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [XFast LAN] E:\Program Files\ASRock\XFast LAN\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [Adobe Creative Cloud] E:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [iTunesHelper] E:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Razer Synapse] E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [THX TruStudio NB Settings] E:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] E:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000..\Run: [Overwolf] E:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf LTD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2622789366-4104432293-3959885506-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @E:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @E:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - E:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - E:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - E:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - E:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - E:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - E:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - E:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - E:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - E:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - E:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - E:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - E:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FADB798-4048-4794-80B3-060282232966}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - E:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - E:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - E:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - E:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - E:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - E:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - E:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - E:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - E:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - E:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - E:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - E:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - E:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (E:\PROGRA~1\LUCIDL~1\VIRTU\appinit_dll.dll) - E:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll (Lucidlogix Inc.)
O20:[b]64bit:[/b] - AppInit_DLLs: (E:\Windows\System32\nvinitx.dll) - E:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (E:\PROGRA~1\LUCIDL~1\VIRTU\x86\appinit_dll.dll) - E:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (E:\Windows\SysWOW64\nvinit.dll) - E:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (E:\Windows\system32\userinit.exe) - E:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:\Windows\system32\userinit.exe) - E:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - E:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - E:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - E:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - E:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - E:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - E:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - E:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - E:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - E:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - E:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - E:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (livessp) - E:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - E:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - E:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - E:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - E:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - E:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - E:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - E:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: E:^Users^Adrock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip -  - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] 14505821.sys - Driver
SafeBootMin:[b]64bit:[/b] 49090312.sys - Driver
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] hitmanpro37 - Reg Error: Value error.
SafeBootMin:[b]64bit:[/b] hitmanpro37.sys - Reg Error: Value error.
SafeBootMin:[b]64bit:[/b] HitmanPro37Crusader - Reg Error: Value error.
SafeBootMin:[b]64bit:[/b] HitmanPro37CrusaderBoot - Reg Error: Value error.
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - E:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: 14505821.sys - Driver
SafeBootMin: 49090312.sys - Driver
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: hitmanpro37 - Reg Error: Value error.
SafeBootMin: hitmanpro37.sys - Reg Error: Value error.
SafeBootMin: HitmanPro37Crusader - Reg Error: Value error.
SafeBootMin: HitmanPro37CrusaderBoot - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] 14505821.sys - Driver
SafeBootNet:[b]64bit:[/b] 49090312.sys - Driver
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] hitmanpro37 - Reg Error: Value error.
SafeBootNet:[b]64bit:[/b] hitmanpro37.sys - Reg Error: Value error.
SafeBootNet:[b]64bit:[/b] HitmanPro37Crusader - Reg Error: Value error.
SafeBootNet:[b]64bit:[/b] HitmanPro37CrusaderBoot - Reg Error: Value error.
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - E:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: 14505821.sys - Driver
SafeBootNet: 49090312.sys - Driver
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: hitmanpro37 - Reg Error: Value error.
SafeBootNet: hitmanpro37.sys - Reg Error: Value error.
SafeBootNet: HitmanPro37Crusader - Reg Error: Value error.
SafeBootNet: HitmanPro37CrusaderBoot - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - E:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - E:\Windows\system32\Rundll32.exe E:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - E:\Windows\SysWOW64\Rundll32.exe E:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - E:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] VIDC.CFHD - CFHD.dll (CineForm Inc.)
Drivers32:[b]64bit:[/b] VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - E:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.CFHD - E:\Windows\SysWow64\CFHD.dll (CineForm Inc.)
Drivers32: vidc.cvid - E:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - E:\Windows\SysWow64\frapsvid.dll (Beepa P/L)

[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]

[2014/10/29 17:42:51 | 000,000,000 | ---D | C] -- E:\ProgramData\RogueKiller
[2014/10/29 12:39:23 | 000,000,000 | ---D | C] -- E:\FRST
[2014/10/28 23:26:43 | 000,000,000 | -HSD | C] -- E:\$RECYCLE.BIN
[2014/10/28 23:26:40 | 000,000,000 | ---D | C] -- E:\Windows\temp
[2014/10/28 23:17:10 | 000,518,144 | ---- | C] (SteelWerX) -- E:\Windows\SWREG.exe
[2014/10/28 23:17:10 | 000,406,528 | ---- | C] (SteelWerX) -- E:\Windows\SWSC.exe
[2014/10/28 23:17:10 | 000,060,416 | ---- | C] (NirSoft) -- E:\Windows\NIRCMD.exe
[2014/10/28 23:17:06 | 000,000,000 | ---D | C] -- E:\ComboFix
[2014/10/28 23:17:04 | 000,000,000 | ---D | C] -- E:\Qoobox
[2014/10/28 23:16:58 | 000,000,000 | ---D | C] -- E:\Windows\erdnt
[2014/10/28 23:11:25 | 000,000,000 | ---D | C] -- E:\Config.Msi
[2014/10/28 22:55:18 | 000,000,000 | ---D | C] -- E:\Users\Adrock\Desktop\RK_Quarantine
[2014/10/28 22:09:26 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2014/10/28 22:09:26 | 000,000,000 | ---D | C] -- E:\Program Files\HitmanPro
[2014/10/28 22:09:06 | 000,000,000 | ---D | C] -- E:\ProgramData\HitmanPro
[2014/10/28 21:54:43 | 000,000,000 | ---D | C] -- E:\AdwCleaner
[2014/10/28 21:49:29 | 000,000,000 | ---D | C] -- E:\Windows\pss
[2014/10/28 21:43:16 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\MpEngineStore
[2014/10/28 21:42:14 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\MRT
[2014/10/22 09:59:40 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Roaming\GoPro
[2014/10/22 09:59:40 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Local\GoPro
[2014/10/22 09:59:36 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
[2014/10/22 09:59:36 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\CineForm
[2014/10/22 09:59:35 | 000,000,000 | ---D | C] -- E:\Program Files\DIFX
[2014/10/22 09:59:22 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\QuickTime
[2014/10/22 09:59:22 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\GoPro
[2014/10/22 09:53:26 | 000,000,000 | ---D | C] -- E:\Users\Adrock\Documents\Adobe
[2014/10/15 23:22:26 | 001,943,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dfshim.dll
[2014/10/15 23:22:26 | 001,131,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dfshim.dll
[2014/10/15 23:22:26 | 000,156,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mscorier.dll
[2014/10/15 23:22:26 | 000,156,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mscorier.dll
[2014/10/15 23:22:26 | 000,081,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mscories.dll
[2014/10/15 23:22:26 | 000,073,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mscories.dll
[2014/10/15 23:22:25 | 000,710,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ie4uinit.exe
[2014/10/15 23:22:25 | 000,597,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\jscript9diag.dll
[2014/10/15 23:22:25 | 000,507,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aepdu.dll
[2014/10/15 23:22:25 | 000,424,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aeinv.dll
[2014/10/15 23:22:25 | 000,276,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\generaltel.dll
[2014/10/15 23:22:25 | 000,069,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mshtmled.dll
[2014/10/15 23:22:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/10/15 23:22:25 | 000,051,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ieetwproxystub.dll
[2014/10/15 23:22:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ieetwproxystub.dll
[2014/10/15 23:22:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\iernonce.dll
[2014/10/15 23:22:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iernonce.dll
[2014/10/15 23:22:24 | 002,017,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\inetcpl.cpl
[2014/10/15 23:22:24 | 000,072,704 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/10/15 23:22:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iesetup.dll
[2014/10/15 23:22:23 | 002,108,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\inetcpl.cpl
[2014/10/15 23:22:23 | 000,731,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msfeeds.dll
[2014/10/15 23:22:23 | 000,446,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dxtmsft.dll
[2014/10/15 23:22:23 | 000,440,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ieui.dll
[2014/10/15 23:22:23 | 000,111,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ieetwcollector.exe
[2014/10/15 23:22:23 | 000,066,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\iesetup.dll
[2014/10/15 23:22:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ieetwcollectorres.dll
[2014/10/15 23:22:22 | 001,068,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mshtmlmedia.dll
[2014/10/15 23:22:22 | 000,678,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ieapfltr.dll
[2014/10/15 23:22:22 | 000,289,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dxtrans.dll
[2014/10/15 23:22:22 | 000,164,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msrating.dll
[2014/10/15 23:22:22 | 000,112,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ieUnatt.exe
[2014/10/15 23:22:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MshtmlDac.dll
[2014/10/15 23:22:21 | 005,829,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\jscript9.dll
[2014/10/15 23:22:21 | 001,249,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mshtmlmedia.dll
[2014/10/15 23:22:21 | 000,758,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\jscript9diag.dll
[2014/10/15 23:22:21 | 000,595,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ieui.dll
[2014/10/15 23:22:21 | 000,139,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ieUnatt.exe
[2014/10/15 23:22:21 | 000,085,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mshtmled.dll
[2014/10/15 23:22:20 | 000,940,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/10/15 23:22:20 | 000,775,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ieapfltr.dll
[2014/10/15 23:22:20 | 000,547,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vbscript.dll
[2014/10/15 23:22:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msrating.dll
[2014/10/15 23:22:20 | 000,083,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MshtmlDac.dll
[2014/10/15 23:21:58 | 003,241,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msi.dll
[2014/10/15 23:21:56 | 000,424,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rastls.dll
[2014/10/15 23:21:56 | 000,372,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rastls.dll
[2014/10/15 23:21:55 | 003,722,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mstscax.dll
[2014/10/15 23:21:55 | 003,221,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mstscax.dll
[2014/10/15 23:21:55 | 001,118,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mstsc.exe
[2014/10/15 23:21:55 | 001,051,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mstsc.exe
[2014/10/15 23:21:55 | 000,455,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winlogon.exe
[2014/10/15 23:21:55 | 000,235,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winsta.dll
[2014/10/15 23:21:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpcorekmts.dll
[2014/10/15 23:21:55 | 000,131,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\aaclient.dll
[2014/10/15 23:21:52 | 000,077,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\packager.dll
[2014/10/15 23:21:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\packager.dll
[2014/10/09 12:52:52 | 001,462,272 | ---- | C] (CineForm Inc.) -- E:\Windows\SysNative\CFHD.dll
[2014/10/09 12:50:08 | 001,490,944 | ---- | C] (CineForm Inc.) -- E:\Windows\SysWow64\CFHD.dll
[2014/09/30 14:06:56 | 000,519,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\qdvd.dll
[2014/09/30 14:06:56 | 000,371,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\qdvd.dll
[2014/09/28 21:43:02 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Roaming\vlc
[2014/09/24 17:21:27 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Mozilla Firefox
[2014/09/21 15:55:49 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Roaming\Apple Computer
[2014/09/21 15:55:49 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Local\Apple Computer
[2014/09/21 15:55:47 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- E:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014/09/21 15:55:47 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/09/21 15:55:42 | 000,000,000 | ---D | C] -- E:\Program Files\iTunes
[2014/09/21 15:55:42 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\iTunes
[2014/09/21 15:55:42 | 000,000,000 | ---D | C] -- E:\Program Files\iPod
[2014/09/21 15:55:42 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple Computer
[2014/09/21 15:55:42 | 000,000,000 | ---D | C] -- E:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/09/21 15:54:52 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Apple Software Update
[2014/09/21 15:54:50 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Apple
[2014/09/21 15:54:47 | 000,000,000 | ---D | C] -- E:\Program Files\Bonjour
[2014/09/21 15:54:47 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Bonjour
[2014/09/21 15:54:42 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple
[2014/09/21 15:54:42 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Apple
[2014/09/16 16:35:32 | 005,554,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dcsx_42.dll
[2014/09/16 16:35:32 | 005,501,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dcsx_42.dll
[2014/09/16 16:35:32 | 002,582,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_42.dll
[2014/09/16 16:35:32 | 001,974,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DCompiler_42.dll
[2014/09/16 16:35:32 | 001,907,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dcsx_43.dll
[2014/09/16 16:35:32 | 001,868,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dcsx_43.dll
[2014/09/16 16:35:32 | 000,530,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAudio2_6.dll
[2014/09/16 16:35:32 | 000,528,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAudio2_6.dll
[2014/09/16 16:35:32 | 000,517,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAudio2_5.dll
[2014/09/16 16:35:32 | 000,515,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAudio2_5.dll
[2014/09/16 16:35:32 | 000,239,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine3_7.dll
[2014/09/16 16:35:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine3_6.dll
[2014/09/16 16:35:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine3_5.dll
[2014/09/16 16:35:32 | 000,176,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine3_7.dll
[2014/09/16 16:35:32 | 000,176,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine3_6.dll
[2014/09/16 16:35:32 | 000,176,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine3_5.dll
[2014/09/16 16:35:32 | 000,078,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAPOFX1_4.dll
[2014/09/16 16:35:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAPOFX1_4.dll
[2014/09/16 16:35:32 | 000,024,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\X3DAudio1_7.dll
[2014/09/16 16:35:32 | 000,022,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\X3DAudio1_7.dll
[2014/09/16 16:35:31 | 005,425,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DX9_41.dll
[2014/09/16 16:35:31 | 004,178,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DX9_41.dll
[2014/09/16 16:35:31 | 002,475,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DX9_42.dll
[2014/09/16 16:35:31 | 002,430,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_41.dll
[2014/09/16 16:35:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DX9_42.dll
[2014/09/16 16:35:31 | 000,521,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAudio2_4.dll
[2014/09/16 16:35:31 | 000,520,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_41.dll
[2014/09/16 16:35:31 | 000,517,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAudio2_4.dll
[2014/09/16 16:35:31 | 000,285,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx11_42.dll
[2014/09/16 16:35:31 | 000,235,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine3_4.dll
[2014/09/16 16:35:31 | 000,235,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx11_42.dll
[2014/09/16 16:35:31 | 000,174,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine3_4.dll
[2014/09/16 16:35:31 | 000,073,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAPOFX1_3.dll
[2014/09/16 16:35:31 | 000,069,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAPOFX1_3.dll
[2014/09/16 16:35:31 | 000,024,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\X3DAudio1_6.dll
[2014/09/16 16:35:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\X3DAudio1_6.dll
[2014/09/16 16:35:30 | 005,631,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DX9_40.dll
[2014/09/16 16:35:30 | 004,379,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DX9_40.dll
[2014/09/16 16:35:30 | 002,605,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_40.dll
[2014/09/16 16:35:30 | 002,036,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DCompiler_40.dll
[2014/09/16 16:35:30 | 001,942,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_39.dll
[2014/09/16 16:35:30 | 001,493,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DCompiler_39.dll
[2014/09/16 16:35:30 | 000,540,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_39.dll
[2014/09/16 16:35:30 | 000,519,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_40.dll
[2014/09/16 16:35:30 | 000,518,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAudio2_3.dll
[2014/09/16 16:35:30 | 000,514,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAudio2_3.dll
[2014/09/16 16:35:30 | 000,513,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAudio2_2.dll
[2014/09/16 16:35:30 | 000,509,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAudio2_2.dll
[2014/09/16 16:35:30 | 000,467,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10_39.dll
[2014/09/16 16:35:30 | 000,452,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10_40.dll
[2014/09/16 16:35:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine3_2.dll
[2014/09/16 16:35:30 | 000,235,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine3_3.dll
[2014/09/16 16:35:30 | 000,177,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine3_2.dll
[2014/09/16 16:35:30 | 000,175,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine3_3.dll
[2014/09/16 16:35:30 | 000,074,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAPOFX1_2.dll
[2014/09/16 16:35:30 | 000,072,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAPOFX1_1.dll
[2014/09/16 16:35:30 | 000,070,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAPOFX1_2.dll
[2014/09/16 16:35:30 | 000,068,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAPOFX1_1.dll
[2014/09/16 16:35:30 | 000,025,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\X3DAudio1_5.dll
[2014/09/16 16:35:30 | 000,023,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\X3DAudio1_5.dll
[2014/09/16 16:35:29 | 004,992,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DX9_39.dll
[2014/09/16 16:35:29 | 004,991,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DX9_38.dll
[2014/09/16 16:35:29 | 003,851,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DX9_39.dll
[2014/09/16 16:35:29 | 003,850,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DX9_38.dll
[2014/09/16 16:35:29 | 001,941,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_38.dll
[2014/09/16 16:35:29 | 001,491,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DCompiler_38.dll
[2014/09/16 16:35:29 | 000,540,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_38.dll
[2014/09/16 16:35:29 | 000,511,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAudio2_1.dll
[2014/09/16 16:35:29 | 000,507,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAudio2_1.dll
[2014/09/16 16:35:29 | 000,489,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAudio2_0.dll
[2014/09/16 16:35:29 | 000,479,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAudio2_0.dll
[2014/09/16 16:35:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10_38.dll
[2014/09/16 16:35:29 | 000,238,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine3_1.dll
[2014/09/16 16:35:29 | 000,238,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine3_0.dll
[2014/09/16 16:35:29 | 000,177,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine3_1.dll
[2014/09/16 16:35:29 | 000,177,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine3_0.dll
[2014/09/16 16:35:29 | 000,068,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAPOFX1_0.dll
[2014/09/16 16:35:29 | 000,065,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAPOFX1_0.dll
[2014/09/16 16:35:29 | 000,028,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\X3DAudio1_4.dll
[2014/09/16 16:35:29 | 000,025,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\X3DAudio1_4.dll
[2014/09/16 16:35:28 | 005,081,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_36.dll
[2014/09/16 16:35:28 | 004,910,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DX9_37.dll
[2014/09/16 16:35:28 | 003,786,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DX9_37.dll
[2014/09/16 16:35:28 | 003,734,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_36.dll
[2014/09/16 16:35:28 | 002,006,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_36.dll
[2014/09/16 16:35:28 | 001,860,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_37.dll
[2014/09/16 16:35:28 | 001,420,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DCompiler_37.dll
[2014/09/16 16:35:28 | 001,374,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DCompiler_36.dll
[2014/09/16 16:35:28 | 000,529,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_37.dll
[2014/09/16 16:35:28 | 000,508,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_36.dll
[2014/09/16 16:35:28 | 000,462,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10_37.dll
[2014/09/16 16:35:28 | 000,444,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10_36.dll
[2014/09/16 16:35:28 | 000,411,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_10.dll
[2014/09/16 16:35:28 | 000,267,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_10.dll
[2014/09/16 16:35:28 | 000,028,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\X3DAudio1_3.dll
[2014/09/16 16:35:28 | 000,025,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\X3DAudio1_3.dll
[2014/09/16 16:35:27 | 005,073,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_35.dll
[2014/09/16 16:35:27 | 004,496,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_34.dll
[2014/09/16 16:35:27 | 003,727,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_35.dll
[2014/09/16 16:35:27 | 003,497,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_34.dll
[2014/09/16 16:35:27 | 001,985,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_35.dll
[2014/09/16 16:35:27 | 001,401,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_34.dll
[2014/09/16 16:35:27 | 001,358,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DCompiler_35.dll
[2014/09/16 16:35:27 | 001,124,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DCompiler_34.dll
[2014/09/16 16:35:27 | 000,508,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_35.dll
[2014/09/16 16:35:27 | 000,506,728 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_34.dll
[2014/09/16 16:35:27 | 000,444,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10_35.dll
[2014/09/16 16:35:27 | 000,443,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10_34.dll
[2014/09/16 16:35:27 | 000,411,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_9.dll
[2014/09/16 16:35:27 | 000,409,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_8.dll
[2014/09/16 16:35:27 | 000,403,304 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_7.dll
[2014/09/16 16:35:27 | 000,267,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_9.dll
[2014/09/16 16:35:27 | 000,266,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_8.dll
[2014/09/16 16:35:27 | 000,261,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_7.dll
[2014/09/16 16:35:27 | 000,107,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xinput1_3.dll
[2014/09/16 16:35:27 | 000,081,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xinput1_3.dll
[2014/09/16 16:35:27 | 000,021,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\X3DAudio1_2.dll
[2014/09/16 16:35:27 | 000,017,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\X3DAudio1_2.dll
[2014/09/16 16:35:26 | 004,494,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_33.dll
[2014/09/16 16:35:26 | 003,977,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_31.dll
[2014/09/16 16:35:26 | 003,495,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_33.dll
[2014/09/16 16:35:26 | 002,414,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_31.dll
[2014/09/16 16:35:26 | 001,400,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_33.dll
[2014/09/16 16:35:26 | 001,123,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\D3DCompiler_33.dll
[2014/09/16 16:35:26 | 000,506,728 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_33.dll
[2014/09/16 16:35:26 | 000,469,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10.dll
[2014/09/16 16:35:26 | 000,443,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10_33.dll
[2014/09/16 16:35:26 | 000,440,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10.dll
[2014/09/16 16:35:26 | 000,393,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_6.dll
[2014/09/16 16:35:26 | 000,390,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_5.dll
[2014/09/16 16:35:26 | 000,364,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_4.dll
[2014/09/16 16:35:26 | 000,255,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_6.dll
[2014/09/16 16:35:26 | 000,251,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_5.dll
[2014/09/16 16:35:26 | 000,237,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_4.dll
[2014/09/16 16:35:26 | 000,017,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\x3daudio1_1.dll
[2014/09/16 16:35:26 | 000,015,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\x3daudio1_1.dll
[2014/09/16 16:35:25 | 003,927,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_30.dll
[2014/09/16 16:35:25 | 002,388,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_30.dll
[2014/09/16 16:35:25 | 000,363,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_3.dll
[2014/09/16 16:35:25 | 000,354,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_2.dll
[2014/09/16 16:35:25 | 000,352,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_1.dll
[2014/09/16 16:35:25 | 000,236,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_3.dll
[2014/09/16 16:35:25 | 000,230,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_2.dll
[2014/09/16 16:35:25 | 000,229,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_1.dll
[2014/09/16 16:35:25 | 000,083,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xinput1_2.dll
[2014/09/16 16:35:25 | 000,083,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xinput1_1.dll
[2014/09/16 16:35:25 | 000,062,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xinput1_2.dll
[2014/09/16 16:35:25 | 000,062,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xinput1_1.dll
[2014/09/16 16:35:24 | 003,830,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_29.dll
[2014/09/16 16:35:24 | 003,823,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_25.dll
[2014/09/16 16:35:24 | 003,815,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_28.dll
[2014/09/16 16:35:24 | 003,807,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_27.dll
[2014/09/16 16:35:24 | 003,767,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_26.dll
[2014/09/16 16:35:24 | 002,337,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_25.dll
[2014/09/16 16:35:24 | 002,332,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_29.dll
[2014/09/16 16:35:24 | 002,323,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_28.dll
[2014/09/16 16:35:24 | 002,319,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_27.dll
[2014/09/16 16:35:24 | 002,297,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_26.dll
[2014/09/16 16:35:24 | 000,355,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xactengine2_0.dll
[2014/09/16 16:35:24 | 000,230,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xactengine2_0.dll
[2014/09/16 16:35:24 | 000,016,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\x3daudio1_0.dll
[2014/09/16 16:35:24 | 000,014,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\x3daudio1_0.dll
[2014/09/16 16:35:23 | 003,544,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_24.dll
[2014/09/16 16:35:23 | 002,222,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_24.dll
[2014/09/16 16:34:09 | 000,000,000 | ---D | C] -- E:\Windows\SysWow64\directx
[2014/09/16 16:25:11 | 000,000,000 | ---D | C] -- E:\Users\Adrock\Documents\ArcheAge
[2014/09/16 16:25:11 | 000,000,000 | ---D | C] -- E:\ArcheAge
[2014/09/16 15:34:32 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Local\Glyph
[2014/09/16 15:34:32 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
[2014/09/16 15:34:32 | 000,000,000 | ---D | C] -- E:\ProgramData\Glyph
[2014/09/16 15:34:31 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Glyph
[2014/09/10 00:36:59 | 002,777,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msmpeg2vdec.dll
[2014/09/10 00:36:59 | 002,285,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msmpeg2vdec.dll
[2014/09/09 15:29:02 | 001,031,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TSWorkspace.dll
[2014/09/09 15:29:02 | 000,793,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\TSWorkspace.dll
[2014/09/09 15:28:53 | 002,565,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d10warp.dll
[2014/09/09 15:28:50 | 001,460,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\lsasrv.dll
[2014/09/06 19:52:48 | 000,000,000 | ---D | C] -- E:\Users\Adrock\Documents\Custom Office Templates
[2014/09/05 16:50:31 | 000,000,000 | ---D | C] -- E:\ProgramData\regid.1986-12.com.adobe
[2014/09/05 16:50:19 | 000,000,000 | ---D | C] -- E:\Program Files\Adobe
[2014/09/05 16:49:14 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Adobe
[2014/09/04 16:59:47 | 000,000,000 | ---D | C] -- E:\Users\Adrock\Tracing
[2014/09/04 16:58:49 | 000,000,000 | ---D | C] -- E:\Windows\en
[2014/09/04 16:58:40 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014/09/04 16:58:29 | 000,058,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\fssfltr.sys
[2014/09/04 16:58:29 | 000,000,000 | R--D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2014/09/04 16:58:29 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\DRVSTORE
[2014/09/04 16:58:28 | 000,000,000 | ---D | C] -- E:\Program Files\Windows Live
[2014/09/04 16:58:22 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Windows Live
[2014/09/04 16:58:14 | 002,526,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\D3DCompiler_43.dll
[2014/09/04 16:58:14 | 000,527,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAudio2_7.dll
[2014/09/04 16:58:14 | 000,518,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAudio2_7.dll
[2014/09/04 16:58:14 | 000,077,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XAPOFX1_5.dll
[2014/09/04 16:58:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XAPOFX1_5.dll
[2014/09/04 16:58:08 | 000,523,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx10_42.dll
[2014/09/04 16:58:08 | 000,453,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx10_42.dll
[2014/09/04 16:57:58 | 004,398,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3dx9_32.dll
[2014/09/04 16:57:58 | 003,426,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3dx9_32.dll
[2014/09/04 16:57:42 | 000,000,000 | R--D | C] -- E:\Users\Adrock\OneDrive
[2014/09/04 16:57:42 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft OneDrive
[2014/09/04 16:57:39 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft OneDrive
[2014/09/04 16:57:28 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Local\Windows Live
[2014/09/04 16:57:20 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Windows Live
[2014/09/04 16:40:01 | 000,000,000 | ---D | C] -- E:\Users\Adrock\Desktop\New folder
[2014/08/27 22:35:11 | 000,000,000 | ---D | C] -- E:\ProgramData\Avg_Update_0814tb
[2014/08/27 13:51:20 | 000,404,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\gdi32.dll
[2014/08/22 14:38:17 | 002,620,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wucltux.dll
[2014/08/22 14:38:17 | 000,058,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuauclt.exe
[2014/08/22 14:38:17 | 000,044,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wups2.dll
[2014/08/22 14:38:15 | 000,700,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuapi.dll
[2014/08/22 14:38:15 | 000,581,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wuapi.dll
[2014/08/22 14:38:15 | 000,097,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wudriver.dll
[2014/08/22 14:38:15 | 000,092,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wudriver.dll
[2014/08/22 14:38:15 | 000,038,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wups.dll
[2014/08/22 14:38:15 | 000,036,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wups.dll
[2014/08/22 14:38:13 | 000,198,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuwebv.dll
[2014/08/22 14:38:13 | 000,179,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wuwebv.dll
[2014/08/22 14:38:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuapp.exe
[2014/08/22 14:38:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wuapp.exe
[2014/08/18 22:38:36 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft.NET
[2014/08/18 15:08:34 | 000,000,000 | ---D | C] -- E:\Windows\AutoKMS
[2014/08/18 15:08:00 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft Toolkit
[2014/08/18 15:00:14 | 000,000,000 | R--D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/08/18 15:00:08 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\DESIGNER
[2014/08/18 15:00:04 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft SQL Server
[2014/08/18 15:00:02 | 000,000,000 | ---D | C] -- E:\ProgramData\regid.1991-06.com.microsoft
[2014/08/18 14:59:56 | 000,000,000 | ---D | C] -- E:\Windows\PCHEALTH
[2014/08/18 14:59:56 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft SQL Server
[2014/08/18 14:57:15 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Analysis Services
[2014/08/18 14:57:15 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft Analysis Services
[2014/08/18 14:57:12 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Local\Microsoft Help
[2014/08/18 14:57:11 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft Office
[2014/08/18 14:57:10 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Office
[2014/08/18 14:57:09 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft Help
[2014/08/18 14:56:59 | 000,000,000 | R--D | C] -- E:\MSOCache
[2014/08/18 14:55:44 | 000,000,000 | -H-D | C] -- E:\ProgramData\Common Files
[2014/08/18 14:55:40 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Roaming\Philipp Winterberg
[2014/08/18 14:55:37 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR File Open Knife - Free Opener
[2014/08/18 14:55:37 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\RAR File Open Knife - Free Opener
[2014/08/18 14:55:16 | 000,699,016 | ---- | C] (CNET Download.com) -- E:\Users\Adrock\cbsidlm-cbsi212-RAR_File_Open_Knife__Free_Opener-SEO-10971016.exe
[2014/08/13 23:59:57 | 001,389,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\icardagt.exe
[2014/08/13 23:59:57 | 000,619,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\icardagt.exe
[2014/08/13 23:59:57 | 000,171,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\infocardapi.dll
[2014/08/13 23:59:57 | 000,099,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\infocardapi.dll
[2014/08/13 23:59:57 | 000,008,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\icardres.dll
[2014/08/13 23:59:57 | 000,008,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\icardres.dll
[2014/08/13 23:59:55 | 000,035,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/13 23:59:55 | 000,035,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TsWpfWrp.exe
[2014/08/13 15:22:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDYAK.DLL
[2014/08/13 15:22:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDYAK.DLL
[2014/08/13 15:22:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDTAT.DLL
[2014/08/13 15:22:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDTAT.DLL
[2014/08/13 15:22:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDRU1.DLL
[2014/08/13 15:22:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDBASH.DLL
[2014/08/13 15:22:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDRU1.DLL
[2014/08/13 15:22:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDRU.DLL
[2014/08/13 15:22:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDRU.DLL
[2014/08/13 15:22:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDBASH.DLL
[2014/08/13 15:22:44 | 001,941,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\authui.dll
[2014/08/13 15:22:43 | 001,805,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\authui.dll
[2014/08/13 15:22:43 | 000,504,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msihnd.dll
[2014/08/13 15:22:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msihnd.dll
[2014/08/13 15:22:43 | 000,112,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\consent.exe
[2014/08/13 15:22:18 | 001,216,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rpcrt4.dll
[2014/08/04 13:08:18 | 000,000,000 | ---D | C] -- E:\Users\Adrock\AppData\Local\CrashDumps

[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]

[2014/10/30 18:24:25 | 000,037,624 | ---- | M] () -- E:\Windows\SysNative\drivers\TrueSight.sys
[2014/10/30 18:11:00 | 000,000,830 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2014/10/30 17:50:05 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2014/10/30 07:39:43 | 000,781,790 | ---- | M] () -- E:\Windows\SysNative\PerfStringBackup.INI
[2014/10/30 07:39:43 | 000,662,060 | ---- | M] () -- E:\Windows\SysNative\perfh009.dat
[2014/10/30 07:39:43 | 000,121,928 | ---- | M] () -- E:\Windows\SysNative\perfc009.dat
[2014/10/30 07:39:16 | 000,028,144 | -H-- | M] () -- E:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/30 07:39:16 | 000,028,144 | -H-- | M] () -- E:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/30 07:33:35 | 4294,967,293 | -HS- | M] () -- E:\hiberfil.sys
[2014/10/29 18:33:43 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- E:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/29 17:42:43 | 017,526,360 | ---- | M] () -- E:\Users\Adrock\Desktop\RogueKillerX64.exe
[2014/10/29 13:45:43 | 000,001,421 | ---- | M] () -- E:\Users\Adrock\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/10/28 23:25:35 | 000,000,027 | ---- | M] () -- E:\Windows\SysNative\drivers\etc\hosts
[2014/10/28 22:27:58 | 000,000,686 | ---- | M] () -- E:\Windows\SysNative\.crusader
[2014/10/28 22:09:26 | 000,001,907 | ---- | M] () -- E:\Users\Public\Desktop\HitmanPro.lnk
[2014/10/26 23:31:31 | 000,001,116 | ---- | M] () -- E:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/24 13:05:06 | 005,328,832 | ---- | M] () -- E:\Users\Adrock\Desktop\Phil Edwards Memorial Hockey Tournament.psd
[2014/10/24 13:05:04 | 001,592,592 | ---- | M] () -- E:\Users\Adrock\Desktop\phil cover.psd
[2014/10/24 12:48:21 | 000,281,954 | ---- | M] () -- E:\Users\Adrock\Desktop\phil.png
[2014/10/24 10:37:25 | 000,343,566 | ---- | M] () -- E:\Users\Adrock\Desktop\Phil Edwards Memorial Hockey Tournament 3.png
[2014/10/22 09:59:39 | 000,001,263 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk
[2014/10/22 09:59:39 | 000,001,122 | ---- | M] () -- E:\Users\Adrock\Desktop\GoPro Studio.lnk
[2014/10/16 17:31:50 | 000,435,208 | ---- | M] () -- E:\Windows\SysNative\FNTCACHE.DAT
[2014/10/09 22:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\generaltel.dll
[2014/10/09 22:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\aepdu.dll
[2014/10/09 22:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\aeinv.dll
[2014/10/09 12:52:52 | 001,462,272 | ---- | M] (CineForm Inc.) -- E:\Windows\SysNative\CFHD.dll
[2014/10/09 12:50:08 | 001,490,944 | ---- | M] (CineForm Inc.) -- E:\Windows\SysWow64\CFHD.dll
[2014/10/01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- E:\Windows\SysNative\drivers\mwac.sys
[2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- E:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- E:\Windows\SysNative\drivers\mbam.sys
[2014/09/25 18:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\mshtmled.dll
[2014/09/25 18:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\inetcpl.cpl
[2014/09/25 18:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\inetcpl.cpl
[2014/09/24 22:08:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\qdvd.dll
[2014/09/24 21:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\qdvd.dll
[2014/09/24 17:11:04 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2014/09/24 17:11:04 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/09/21 15:55:47 | 000,001,793 | ---- | M] () -- E:\Users\Public\Desktop\iTunes.lnk
[2014/09/18 21:55:49 | 000,004,096 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\ieetwcollectorres.dll
[2014/09/18 21:40:43 | 000,066,048 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\iesetup.dll
[2014/09/18 21:40:03 | 000,547,328 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\vbscript.dll
[2014/09/18 21:39:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\ieetwproxystub.dll
[2014/09/18 21:38:27 | 000,083,968 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\MshtmlDac.dll
[2014/09/18 21:36:57 | 005,829,632 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\jscript9.dll
[2014/09/18 21:30:58 | 000,033,792 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\iernonce.dll
[2014/09/18 21:27:09 | 000,595,968 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\ieui.dll
[2014/09/18 21:26:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\ieUnatt.exe
[2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\ieetwcollector.exe
[2014/09/18 21:25:09 | 000,758,272 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\jscript9diag.dll
[2014/09/18 21:18:02 | 000,940,032 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/09/18 21:14:28 | 000,446,464 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\dxtmsft.dll
[2014/09/18 21:06:47 | 000,072,704 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/09/18 21:01:47 | 000,061,952 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\iesetup.dll
[2014/09/18 21:01:46 | 000,195,584 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\msrating.dll
[2014/09/18 21:01:03 | 000,051,200 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\ieetwproxystub.dll
[2014/09/18 21:00:45 | 000,085,504 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\mshtmled.dll
[2014/09/18 20:59:40 | 000,061,952 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\MshtmlDac.dll
[2014/09/18 20:58:03 | 000,289,280 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\dxtrans.dll
[2014/09/18 20:53:52 | 000,032,768 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\iernonce.dll
[2014/09/18 20:51:24 | 000,440,320 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\ieui.dll
[2014/09/18 20:50:16 | 000,112,128 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\ieUnatt.exe
[2014/09/18 20:49:31 | 000,597,504 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\jscript9diag.dll
[2014/09/18 20:42:57 | 000,731,136 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\msfeeds.dll
[2014/09/18 20:42:56 | 000,710,656 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\ie4uinit.exe
[2014/09/18 20:40:12 | 001,249,280 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\mshtmlmedia.dll
[2014/09/18 20:36:23 | 000,060,416 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/09/18 20:32:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\msrating.dll
[2014/09/18 20:18:55 | 001,068,032 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\mshtmlmedia.dll
[2014/09/18 19:59:26 | 000,775,168 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\ieapfltr.dll
[2014/09/18 19:52:24 | 000,678,400 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\ieapfltr.dll
[2014/09/17 22:00:42 | 003,241,472 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\msi.dll
[2014/09/16 15:40:19 | 000,001,899 | ---- | M] () -- E:\Users\Adrock\Desktop\Archeage.lnk
[2014/09/16 15:34:33 | 000,001,011 | ---- | M] () -- E:\Users\Adrock\Desktop\Glyph.lnk
[2014/09/12 21:58:18 | 000,077,312 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\packager.dll
[2014/09/12 21:40:05 | 000,067,072 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\packager.dll
[2014/09/10 00:37:52 | 000,773,912 | ---- | M] () -- E:\Windows\SysWow64\PerfStringBackup.INI
[2014/09/05 17:10:33 | 000,001,311 | ---- | M] () -- E:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2014/09/04 01:23:20 | 000,424,448 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\rastls.dll
[2014/09/04 01:04:15 | 000,372,736 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\rastls.dll
[2014/08/22 22:07:00 | 000,404,480 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\gdi32.dll
[2014/08/18 15:09:28 | 000,000,218 | ---- | M] () -- E:\Users\Adrock\AppData\Local\recently-used.xbel
[2014/08/18 14:56:24 | 000,000,000 | ---- | M] () -- E:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014/08/18 14:55:37 | 000,001,170 | ---- | M] () -- E:\Users\Public\Desktop\RAR File Open Knife - Free Opener.lnk
[2014/08/18 14:55:16 | 000,699,016 | ---- | M] (CNET Download.com) -- E:\Users\Adrock\cbsidlm-cbsi212-RAR_File_Open_Knife__Free_Opener-SEO-10971016.exe
[2014/08/06 16:34:21 | 000,039,651 | ---- | M] () -- E:\Users\Adrock\Desktop\primary-secondary-instruments.png

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/10/29 17:42:53 | 000,037,624 | ---- | C] () -- E:\Windows\SysNative\drivers\TrueSight.sys
[2014/10/29 17:42:33 | 017,526,360 | ---- | C] () -- E:\Users\Adrock\Desktop\RogueKillerX64.exe
[2014/10/29 13:45:43 | 000,001,427 | ---- | C] () -- E:\Users\Adrock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/10/29 13:45:43 | 000,001,421 | ---- | C] () -- E:\Users\Adrock\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/10/28 23:17:10 | 000,256,000 | ---- | C] () -- E:\Windows\PEV.exe
[2014/10/28 23:17:10 | 000,208,896 | ---- | C] () -- E:\Windows\MBR.exe
[2014/10/28 23:17:10 | 000,098,816 | ---- | C] () -- E:\Windows\sed.exe
[2014/10/28 23:17:10 | 000,080,412 | ---- | C] () -- E:\Windows\grep.exe
[2014/10/28 23:17:10 | 000,068,096 | ---- | C] () -- E:\Windows\zip.exe
[2014/10/28 22:27:58 | 000,000,686 | ---- | C] () -- E:\Windows\SysNative\.crusader
[2014/10/28 22:09:26 | 000,001,907 | ---- | C] () -- E:\Users\Public\Desktop\HitmanPro.lnk
[2014/10/24 13:05:03 | 001,592,592 | ---- | C] () -- E:\Users\Adrock\Desktop\phil cover.psd
[2014/10/24 12:48:18 | 000,281,954 | ---- | C] () -- E:\Users\Adrock\Desktop\phil.png
[2014/10/24 10:37:17 | 000,343,566 | ---- | C] () -- E:\Users\Adrock\Desktop\Phil Edwards Memorial Hockey Tournament 3.png
[2014/10/23 19:45:43 | 005,328,832 | ---- | C] () -- E:\Users\Adrock\Desktop\Phil Edwards Memorial Hockey Tournament.psd
[2014/10/22 09:59:39 | 000,001,263 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk
[2014/10/22 09:59:39 | 000,001,122 | ---- | C] () -- E:\Users\Adrock\Desktop\GoPro Studio.lnk
[2014/09/21 15:55:47 | 000,001,793 | ---- | C] () -- E:\Users\Public\Desktop\iTunes.lnk
[2014/09/21 15:54:53 | 000,002,519 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014/09/16 15:40:19 | 000,001,899 | ---- | C] () -- E:\Users\Adrock\Desktop\Archeage.lnk
[2014/09/16 15:34:33 | 000,001,011 | ---- | C] () -- E:\Users\Adrock\Desktop\Glyph.lnk
[2014/09/05 17:10:33 | 000,001,323 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
[2014/09/05 17:10:33 | 000,001,311 | ---- | C] () -- E:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2014/09/05 16:50:26 | 000,001,050 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
[2014/09/04 16:58:44 | 000,001,315 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2014/09/04 16:58:42 | 000,001,384 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2014/09/04 16:58:38 | 000,001,468 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2014/09/04 16:58:36 | 000,002,496 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2014/09/04 16:57:42 | 000,002,153 | ---- | C] () -- E:\Users\Adrock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[2014/08/18 15:09:28 | 000,000,218 | ---- | C] () -- E:\Users\Adrock\AppData\Local\recently-used.xbel
[2014/08/18 14:56:24 | 000,000,000 | ---- | C] () -- E:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014/08/18 14:55:37 | 000,001,170 | ---- | C] () -- E:\Users\Public\Desktop\RAR File Open Knife - Free Opener.lnk
[2014/08/06 16:34:21 | 000,039,651 | ---- | C] () -- E:\Users\Adrock\Desktop\primary-secondary-instruments.png
[2014/05/23 21:09:11 | 000,773,912 | ---- | C] () -- E:\Windows\SysWow64\PerfStringBackup.INI
[2014/05/23 20:59:28 | 000,001,424 | ---- | C] () -- E:\Windows\THXCfg_SP_APOIM.ini
[2014/05/23 20:59:28 | 000,001,323 | ---- | C] () -- E:\Windows\THXCfg_HP_APOIM.ini
[2014/05/23 20:59:28 | 000,001,323 | ---- | C] () -- E:\Windows\THXCfg_APOIM.ini
[2014/05/23 20:59:27 | 000,190,464 | ---- | C] () -- E:\Windows\SysWow64\APOMngr.DLL
[2014/05/23 20:59:27 | 000,073,728 | ---- | C] () -- E:\Windows\SysWow64\CmdRtr.DLL
[2014/05/23 20:57:42 | 000,000,003 | ---- | C] () -- E:\Users\Adrock\AppData\Local\user_data.ini
[2014/05/23 20:52:15 | 013,359,616 | ---- | C] () -- E:\Windows\SysWow64\ig4icd32.dll
[2014/05/23 20:52:15 | 000,963,116 | ---- | C] () -- E:\Windows\SysWow64\igkrng600.bin
[2014/05/23 20:52:15 | 000,218,304 | ---- | C] () -- E:\Windows\SysWow64\igfcg600m.bin
[2014/05/23 20:52:15 | 000,145,804 | ---- | C] () -- E:\Windows\SysWow64\igcompkrng600.bin
[2014/05/23 20:52:15 | 000,056,832 | ---- | C] () -- E:\Windows\SysWow64\igdde32.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- E:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = E:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = E:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %SystemRoot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = E:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2014/05/23 21:38:55 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Battle.net
[2014/10/23 12:39:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\BitLord
[2014/05/23 23:09:12 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Curse Advertising
[2014/10/28 20:19:59 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\GoPro
[2014/10/28 20:21:55 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\NCSOFT
[2014/10/28 20:21:56 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\OBS
[2014/07/15 17:40:33 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\OptimumPcBoost
[2014/10/28 20:21:56 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Philipp Winterberg
[2014/07/15 17:41:00 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Python-Eggs
[2014/10/28 20:21:56 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\TS3Client

[color=#E56717]========== Purity Check ==========[/color]


[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2014/10/28 23:26:39 | 000,030,209 | ---- | M] () -- E:\ComboFix.txt
[2014/10/30 07:33:35 | 4294,967,293 | -HS- | M] () -- E:\hiberfil.sys
[2014/10/30 07:33:55 | 4294,967,292 | -HS- | M] () -- E:\pagefile.sys
[2014/10/29 13:27:16 | 000,209,920 | ---- | M] () -- E:\TDSSKiller.3.0.0.41_29.10.2014_13.24.04_log.txt
[2014/10/29 17:53:59 | 000,005,344 | ---- | M] () -- E:\TDSSKiller.3.0.0.41_29.10.2014_17.53.07_log.txt
[2014/10/29 17:59:31 | 000,895,964 | ---- | M] () -- E:\TDSSKiller.3.0.0.41_29.10.2014_17.56.12_log.txt
[2014/10/29 18:05:21 | 000,932,742 | ---- | M] () -- E:\TDSSKiller.3.0.0.41_29.10.2014_18.01.30_log.txt
[2014/10/29 18:26:24 | 000,005,178 | ---- | M] () -- E:\TDSSKiller.3.0.0.41_29.10.2014_18.25.55_log.txt
[2014/10/29 18:29:13 | 000,005,178 | ---- | M] () -- E:\TDSSKiller.3.0.0.41_29.10.2014_18.28.41_log.txt
[2014/10/29 18:30:07 | 000,005,344 | ---- | M] () -- E:\TDSSKiller.3.0.0.41_29.10.2014_18.30.00_log.txt
[2014/10/29 18:33:27 | 000,831,434 | ---- | M] () -- E:\TDSSKiller.3.0.0.41_29.10.2014_18.32.11_log.txt

[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2014/10/28 23:26:43 | 000,000,000 | -HSD | M] -- E:\$RECYCLE.BIN
[2014/10/28 21:56:12 | 000,000,000 | ---D | M] -- E:\AdwCleaner
[2014/10/28 20:18:28 | 000,000,000 | ---D | M] -- E:\ArcheAge
[2014/10/28 23:26:43 | 000,000,000 | ---D | M] -- E:\ComboFix
[2014/10/29 07:30:51 | 000,000,000 | ---D | M] -- E:\Config.Msi
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\Documents and Settings
[2014/10/30 18:33:20 | 000,000,000 | ---D | M] -- E:\FRST
[2014/05/23 20:51:38 | 000,000,000 | ---D | M] -- E:\Intel
[2014/08/18 14:56:59 | 000,000,000 | R--D | M] -- E:\MSOCache
[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- E:\PerfLogs
[2014/10/28 22:09:26 | 000,000,000 | R--D | M] -- E:\Program Files
[2014/10/28 23:11:27 | 000,000,000 | R--D | M] -- E:\Program Files (x86)
[2014/10/29 17:42:51 | 000,000,000 | ---D | M] -- E:\ProgramData
[2014/10/28 23:26:42 | 000,000,000 | ---D | M] -- E:\Qoobox
[2014/05/23 20:01:13 | 000,000,000 | ---D | M] -- E:\Recovery
[2014/10/29 13:03:36 | 000,000,000 | -HSD | M] -- E:\System Volume Information
[2014/05/23 21:16:06 | 000,000,000 | R--D | M] -- E:\Users
[2014/10/30 18:33:18 | 000,000,000 | ---D | M] -- E:\Windows
[2014/05/23 23:53:55 | 000,000,000 | ---D | M] -- E:\Windows.old

[color=#A23BEC]< %USERPROFILE%\*.* >[/color]
[2014/08/18 14:55:16 | 000,699,016 | ---- | M] (CNET Download.com) -- E:\Users\Adrock\cbsidlm-cbsi212-RAR_File_Open_Knife__Free_Opener-SEO-10971016.exe
[2014/10/30 18:39:32 | 002,097,152 | -HS- | M] () -- E:\Users\Adrock\NTUSER.DAT
[2014/10/30 18:39:32 | 000,262,144 | -HS- | M] () -- E:\Users\Adrock\ntuser.dat.LOG1
[2014/05/23 20:01:16 | 000,000,000 | -HS- | M] () -- E:\Users\Adrock\ntuser.dat.LOG2
[2014/05/23 20:15:29 | 000,065,536 | -HS- | M] () -- E:\Users\Adrock\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2014/05/23 20:15:29 | 000,524,288 | -HS- | M] () -- E:\Users\Adrock\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2014/05/23 20:15:29 | 000,524,288 | -HS- | M] () -- E:\Users\Adrock\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2014/05/23 20:56:14 | 000,065,536 | -HS- | M] () -- E:\Users\Adrock\NTUSER.DAT{199bc9d5-e2de-11e3-9209-002522fcd522}.TM.blf
[2014/05/23 20:56:14 | 000,524,288 | -HS- | M] () -- E:\Users\Adrock\NTUSER.DAT{199bc9d5-e2de-11e3-9209-002522fcd522}.TMContainer00000000000000000001.regtrans-ms
[2014/05/23 20:56:14 | 000,524,288 | -HS- | M] () -- E:\Users\Adrock\NTUSER.DAT{199bc9d5-e2de-11e3-9209-002522fcd522}.TMContainer00000000000000000002.regtrans-ms
[2014/05/23 20:01:16 | 000,000,020 | -HS- | M] () -- E:\Users\Adrock\ntuser.ini

[color=#A23BEC]< %USERPROFILE%\*. >[/color]
[2014/10/29 13:36:32 | 000,000,000 | -H-D | M] -- E:\Users\Adrock\AppData
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\Application Data
[2014/08/14 16:55:50 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Contacts
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\Cookies
[2014/10/29 18:33:24 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Desktop
[2014/10/29 13:36:32 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Documents
[2014/10/30 18:34:25 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Downloads
[2014/08/14 16:55:50 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Favorites
[2014/09/04 16:59:53 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Links
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\Local Settings
[2014/05/23 20:56:10 | 000,000,000 | ---D | M] -- E:\Users\Adrock\Lucidlogix
[2014/09/21 15:55:55 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Music
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\My Documents
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\NetHood
[2014/09/04 16:57:42 | 000,000,000 | R--D | M] -- E:\Users\Adrock\OneDrive
[2014/10/22 09:59:40 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Pictures
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\PrintHood
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\Recent
[2014/08/14 16:55:50 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Saved Games
[2014/08/14 16:55:50 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Searches
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\SendTo
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\Start Menu
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\Templates
[2014/09/04 16:59:47 | 000,000,000 | ---D | M] -- E:\Users\Adrock\Tracing
[2014/08/14 16:55:50 | 000,000,000 | R--D | M] -- E:\Users\Adrock\Videos

[color=#A23BEC]< %USERPROFILE%\*.exe /s >[/color]
[2014/08/18 14:55:16 | 000,699,016 | ---- | M] (CNET Download.com) -- E:\Users\Adrock\cbsidlm-cbsi212-RAR_File_Open_Knife__Free_Opener-SEO-10971016.exe
[2014/06/12 12:42:56 | 000,133,632 | ---- | M] () -- E:\Users\Adrock\AppData\Local\Apps\2.0\HNPDP3HL.3LH\0K4MMRZY.6GT\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee691605167f2968\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe
[2014/10/09 16:16:17 | 000,133,632 | ---- | M] () -- E:\Users\Adrock\AppData\Local\Apps\2.0\HNPDP3HL.3LH\0K4MMRZY.6GT\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee691605167f2969\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe
[2014/05/23 23:07:30 | 001,918,976 | ---- | M] (Curse) -- E:\Users\Adrock\AppData\Local\Apps\2.0\HNPDP3HL.3LH\0K4MMRZY.6GT\curs..ient_9e9e83ddf3ed3ead_0004.0000_none_96bf5013b3b33ec2\CurseClient.exe
[2014/06/12 12:42:58 | 001,920,000 | ---- | M] (Curse) -- E:\Users\Adrock\AppData\Local\Apps\2.0\HNPDP3HL.3LH\0K4MMRZY.6GT\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe
[2014/06/12 12:42:56 | 000,133,632 | ---- | M] () -- E:\Users\Adrock\AppData\Local\Apps\2.0\HNPDP3HL.3LH\0K4MMRZY.6GT\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe
[2014/10/09 16:16:20 | 001,920,000 | ---- | M] (Curse) -- E:\Users\Adrock\AppData\Local\Apps\2.0\HNPDP3HL.3LH\0K4MMRZY.6GT\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
[2014/10/09 16:16:17 | 000,133,632 | ---- | M] () -- E:\Users\Adrock\AppData\Local\Apps\2.0\HNPDP3HL.3LH\0K4MMRZY.6GT\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe
[2014/09/04 16:59:49 | 000,251,040 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
[2014/09/04 16:59:48 | 006,014,120 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\OneDriveSetup.exe
[2014/09/04 16:59:49 | 000,087,200 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveConfig.exe
[2014/09/04 16:59:48 | 006,014,120 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\AppData\Local\Microsoft\SkyDrive\Update\OneDriveSetup.exe
[2014/10/28 11:57:14 | 000,172,984 | ---- | M] (NVIDIA Corporation) -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
[2014/05/25 18:53:16 | 005,420,808 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00004acb\vops-world_of_warcraft_mists_of_pandaria.16790368.exe
[2014/05/23 21:16:44 | 000,295,840 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005234\drsupdate.17125755_RUNASUSER.exe
[2014/05/25 18:53:12 | 000,287,560 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\0000599b\streaming-assets-world_of_warcraft_mists_of_pandaria.18171778.exe
[2014/05/23 21:16:47 | 003,554,320 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005af9\DAO.18491361.exe
[2014/05/23 21:16:49 | 000,382,864 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005b0f\updatus.18499177_RUNASUSER.exe
[2014/05/26 09:02:32 | 000,383,360 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005b2f\updatus.18514097_RUNASUSER.exe
[2014/05/28 21:33:03 | 003,573,920 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005b51\DAO.18524159.exe
[2014/05/30 08:20:11 | 003,574,800 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005b71\DAO.18531324.exe
[2014/05/30 08:20:13 | 000,383,624 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005b73\updatus.18533054_RUNASUSER.exe
[2014/05/31 08:21:06 | 003,574,928 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005b7b\DAO.18533958.exe
[2014/06/03 07:10:01 | 000,383,456 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005b8d\updatus.18543140_RUNASUSER.exe
[2014/06/04 07:14:42 | 003,594,176 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005b92\DAO.18543664.exe
[2014/06/06 07:54:19 | 000,383,808 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005ba5\updatus.18551782_RUNASUSER.exe
[2014/06/10 16:35:22 | 003,603,960 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005bbc\DAO.18564880.exe
[2014/06/13 16:37:08 | 000,384,248 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005bd3\updatus.18586353_RUNASUSER.exe
[2014/06/17 18:10:19 | 003,604,320 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005be7\DAO.18606833.exe
[2014/06/17 18:10:21 | 000,295,880 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005bed\drsupdate.18604483_RUNASUSER.exe
[2014/06/17 18:10:23 | 000,384,824 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005bf4\updatus.18607500_RUNASUSER.exe
[2014/06/20 18:12:09 | 003,633,616 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c18\DAO.18618300.exe
[2014/06/20 18:12:11 | 000,384,872 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c20\updatus.18618995_RUNASUSER.exe
[2014/06/24 16:33:40 | 000,385,176 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c36\updatus.18626308_RUNASUSER.exe
[2014/06/24 16:33:44 | 003,656,928 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c3b\DAO.18629648.exe
[2014/06/25 21:25:41 | 000,385,408 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c45\updatus.18632966_RUNASUSER.exe
[2014/06/28 18:06:00 | 000,385,552 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c70\updatus.18640491_RUNASUSER.exe
[2014/06/28 18:06:04 | 003,708,096 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c76\DAO.18641604.exe
[2014/06/30 18:07:50 | 000,385,600 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c7c\updatus.18646966_RUNASUSER.exe
[2014/07/01 22:17:03 | 003,708,328 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c95\DAO.18651267.exe
[2014/07/01 22:17:06 | 000,385,688 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005c99\updatus.18653672_RUNASUSER.exe
[2014/07/03 22:18:10 | 003,708,816 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005cae\DAO.18659624.exe
[2014/07/04 22:18:26 | 000,386,080 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005cb3\updatus.18662328_RUNASUSER.exe
[2014/07/08 15:26:36 | 003,722,216 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005cc5\DAO.18671673.exe
[2014/07/10 16:25:03 | 000,387,552 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005ced\updatus.18679380_RUNASUSER.exe
[2014/07/10 16:25:07 | 003,722,312 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005cf0\DAO.18679456.exe
[2014/07/11 17:23:16 | 000,389,640 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d05\updatus.18684592_RUNASUSER.exe
[2014/07/15 17:25:22 | 000,390,104 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d17\updatus.18693073_RUNASUSER.exe
[2014/07/15 17:25:26 | 003,722,416 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d19\DAO.18693465.exe
[2014/07/18 21:34:19 | 000,391,920 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d4e\updatus.18705484_RUNASUSER.exe
[2014/07/18 21:34:23 | 003,727,400 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d55\DAO.18705904.exe
[2014/07/23 21:37:44 | 000,393,048 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d73\updatus.18718861_RUNASUSER.exe
[2014/07/23 21:37:50 | 003,766,008 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d75\DAO.18716353.exe
[2014/07/24 21:38:19 | 000,393,560 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d84\updatus.18722395_RUNASUSER.exe
[2014/07/25 21:39:24 | 003,769,784 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d8b\DAO.18726867.exe
[2014/07/28 22:48:41 | 000,393,672 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005d99\updatus.18732029_RUNASUSER.exe
[2014/07/29 22:49:06 | 003,795,984 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005e37\DAO.18736091.exe
[2014/07/31 22:50:11 | 003,807,672 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005e59\DAO.18742722.exe
[2014/08/01 22:51:03 | 001,215,584 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005e5c\vops-wildstar.18742620.exe
[2014/07/31 22:50:14 | 000,394,152 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005e5e\updatus.18742786_RUNASUSER.exe
[2014/08/01 22:50:58 | 003,807,928 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005e6f\DAO.18746566.exe
[2014/08/05 22:54:02 | 003,810,992 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00005fca\DAO.18755938.exe
[2014/08/12 21:08:09 | 000,413,032 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006011\updatus.18774435_RUNASUSER.exe
[2014/08/12 21:08:12 | 003,832,696 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006016\DAO.18776925.exe
[2014/08/15 22:39:51 | 003,835,880 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006027\DAO.18783991.exe
[2014/09/16 22:36:28 | 006,228,952 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\0000602c\vops-arche_age.18784284.exe
[2014/08/14 21:09:02 | 000,414,624 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006046\updatus.18784877_RUNASUSER.exe
[2014/08/19 14:42:08 | 000,414,688 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006057\updatus.18793555_RUNASUSER.exe
[2014/08/19 14:42:13 | 003,938,680 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006060\DAO.18796622.exe
[2014/08/22 14:36:29 | 000,414,872 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\0000607e\CoProc update.18806887.exe
[2014/08/22 14:36:37 | 003,894,872 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006085\DAO.18807565.exe
[2014/08/23 14:37:38 | 000,415,160 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\0000608d\CoProc update.18808273.exe
[2014/08/26 15:19:20 | 003,920,432 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000060e7\DAO.18821094.exe
[2014/08/28 16:22:00 | 003,929,488 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006156\DAO.18829147.exe
[2014/09/03 22:27:15 | 003,955,713 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006186\DAO.18842956.exe
[2014/09/05 22:29:04 | 004,005,520 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000061b3\DAO.18850839.exe
[2014/09/09 22:31:56 | 004,021,336 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000061bf\DAO.18861439.exe
[2014/09/09 22:32:00 | 000,414,984 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000061c7\CoProc update.18861717.exe
[2014/09/10 22:32:35 | 004,020,960 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000061da\DAO.18867346.exe
[2014/09/11 22:33:12 | 000,415,168 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000061e6\CoProc update.18871062.exe
[2014/09/11 22:33:13 | 000,306,376 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006277\streaming-assets-world_of_warcraft_mists_of_pandaria.18870976.exe
[2014/09/16 22:36:19 | 004,029,368 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006290\DAO.18888151.exe
[2014/09/17 22:37:10 | 000,415,248 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000062cd\CoProc update.18892431.exe
[2014/09/18 22:38:13 | 004,034,992 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000062d6\DAO.18896101.exe
[2014/09/18 22:38:18 | 001,234,128 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006322\vops-wildstar.18896248.exe
[2014/09/18 22:38:25 | 005,439,288 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006325\vops-world_of_warcraft_mists_of_pandaria.18896248.exe
[2014/09/23 13:40:38 | 000,415,480 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\0000638c\CoProc update.18911331.exe
[2014/09/23 13:40:43 | 000,306,408 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000063cb\streaming-assets-world_of_warcraft_mists_of_pandaria.18910951.exe
[2014/09/23 13:40:40 | 004,055,528 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000063d4\DAO.18911600.exe
[2014/09/24 17:05:23 | 000,314,600 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000063eb\DRS update.18604483.exe
[2014/09/24 17:05:26 | 000,415,840 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000063f1\CoProc update.18914650.exe
[2014/09/25 19:24:39 | 004,056,392 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006404\DAO.18918539.exe
[2014/09/29 21:03:01 | 000,416,632 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006450\CoProc update.18927913.exe
[2014/09/30 21:03:58 | 000,416,856 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\0000648b\CoProc update.18931226.exe
[2014/10/01 21:05:02 | 004,081,616 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006490\DAO.18932928.exe
[2014/10/01 21:05:08 | 000,306,416 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000064d3\streaming-assets-world_of_warcraft_mists_of_pandaria.18932537.exe
[2014/10/01 21:05:06 | 000,417,008 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000064d6\CoProc update.18935016.exe
[2014/10/03 21:06:38 | 004,082,712 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000064e9\DAO.18941849.exe
[2014/10/04 23:02:37 | 000,417,416 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000064ec\CoProc update.18944339.exe
[2014/10/06 23:04:15 | 000,418,624 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000064ef\CoProc update.18946249.exe
[2014/10/06 23:04:18 | 004,082,680 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000064f6\DAO.18947111.exe
[2014/10/07 23:04:50 | 004,131,072 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000064fe\DAO.18949842.exe
[2014/10/07 23:04:54 | 000,418,920 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006505\CoProc update.18950239.exe
[2014/10/09 23:06:07 | 004,141,792 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006572\DAO.18959739.exe
[2014/10/11 00:31:54 | 000,420,672 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006575\CoProc update.18962103.exe
[2014/10/14 18:14:43 | 004,157,720 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000065a4\DAO.18971568.exe
[2014/10/14 18:14:47 | 000,422,800 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000065b7\CoProc update.18973585.exe
[2014/10/15 23:14:16 | 000,306,408 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000065ff\streaming-assets-world_of_warcraft_mists_of_pandaria.18975565.exe
[2014/10/15 23:14:14 | 004,170,416 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006604\DAO.18975834.exe
[2014/10/17 18:55:11 | 001,233,016 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006641\vops-wildstar.18982567.exe
[2014/10/17 18:55:03 | 004,189,280 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006645\DAO.18983047.exe
[2014/10/17 18:55:17 | 005,439,424 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006646\vops-world_of_warcraft_mists_of_pandaria.18983057.exe
[2014/10/17 18:55:08 | 000,423,664 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006647\CoProc update.18983142.exe
[2014/10/21 09:53:05 | 004,191,384 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\0000664d\DAO.18987878.exe
[2014/10/22 09:54:12 | 004,227,128 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006673\DAO.18991687.exe
[2014/10/23 11:22:42 | 004,242,728 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006687\DAO.18997836.exe
[2014/10/24 11:23:55 | 000,424,248 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006694\CoProc update.19000563.exe
[2014/10/24 11:23:58 | 004,243,112 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\00006697\DAO.19000750.exe
[2014/10/27 22:38:54 | 004,046,000 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000066a7\DAO.19005644.exe
[2014/10/28 22:39:17 | 004,061,224 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\Packages\000066b3\DAO.19009537.exe
[2014/10/15 04:52:00 | 000,035,840 | ---- | M] () -- E:\Users\Adrock\AppData\Local\NVIDIA\NvBackend\StreamingAssets\world_of_warcraft_mists_of_pandaria\automated_launch.exe
[2014/06/06 22:16:53 | 003,445,248 | ---- | M] (TODO: <Company name>) -- E:\Users\Adrock\Desktop\MissionControl.exe
[2014/10/29 17:42:43 | 017,526,360 | ---- | M] () -- E:\Users\Adrock\Desktop\RogueKillerX64.exe
[2014/09/05 16:39:54 | 002,831,560 | ---- | M] (Adobe Systems Incorporated) -- E:\Users\Adrock\Documents\BitLord\Adobe Photoshop CC 2014 (64 bit) (Crack) [ChingLiu]\Adobe CC 2014\Set-up.exe
[2014/09/05 16:40:06 | 005,207,896 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Adobe Photoshop CC 2014 (64 bit) (Crack) [ChingLiu]\Adobe CC 2014\payloads\Microsoft VC 2008 Redist (x64)\vcredist_x64.exe
[2014/09/05 16:40:02 | 004,479,832 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Adobe Photoshop CC 2014 (64 bit) (Crack) [ChingLiu]\Adobe CC 2014\payloads\Microsoft VC 2008 Redist (x86)\vcredist_x86.exe
[2014/09/05 16:40:18 | 010,274,136 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Adobe Photoshop CC 2014 (64 bit) (Crack) [ChingLiu]\Adobe CC 2014\payloads\Microsoft VC 2010 Redist (x64)\vcredist_x64.exe
[2014/09/05 16:40:18 | 008,990,552 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Adobe Photoshop CC 2014 (64 bit) (Crack) [ChingLiu]\Adobe CC 2014\payloads\Microsoft VC 2010 Redist (x86)\vcredist_x86.exe
[2014/09/05 16:40:18 | 007,186,992 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Adobe Photoshop CC 2014 (64 bit) (Crack) [ChingLiu]\Adobe CC 2014\payloads\Microsoft VC 2012 Redist (x64)\vcredist_x64.exe
[2014/09/05 16:40:18 | 006,554,576 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Adobe Photoshop CC 2014 (64 bit) (Crack) [ChingLiu]\Adobe CC 2014\payloads\Microsoft VC 2012 Redist (x86)\vcredist_x86.exe
[2009/09/17 10:27:34 | 000,365,920 | ---- | M] (Diskeeper Corporation) -- E:\Users\Adrock\Documents\BitLord\Microsoft Office 2013 Professional Plus\Autorun.exe
[2014/01/30 23:17:05 | 038,431,744 | ---- | M] () -- E:\Users\Adrock\Documents\BitLord\Microsoft Office 2013 Professional Plus\# Crack\Microsoft Toolkit.exe
[2012/10/01 17:25:34 | 000,214,664 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Microsoft Office 2013 Professional Plus\x64\setup.exe
[2012/10/01 17:44:34 | 000,178,824 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Microsoft Office 2013 Professional Plus\x64\proplus.ww\ose.exe
[2012/10/01 03:13:16 | 000,207,496 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Microsoft Office 2013 Professional Plus\x86\setup.exe
[2012/10/01 03:22:32 | 000,150,648 | ---- | M] (Microsoft Corporation) -- E:\Users\Adrock\Documents\BitLord\Microsoft Office 2013 Professional Plus\x86\proplus.ww\ose.exe
[2014/10/28 23:16:45 | 005,591,695 | R--- | M] (Swearware) -- E:\Users\Adrock\Downloads\ComboFix.exe
[2014/05/23 22:01:47 | 000,282,928 | ---- | M] (Mozilla) -- E:\Users\Adrock\Downloads\Firefox Setup Stub 29.0.1.exe
[2014/10/29 12:39:15 | 002,113,536 | ---- | M] (Farbar) -- E:\Users\Adrock\Downloads\FRST64.exe
[2014/05/24 09:18:37 | 062,122,112 | ---- | M] (Logitech Inc.) -- E:\Users\Adrock\Downloads\LGS_8.53.154_x64_Logitech.exe
[2014/10/29 17:41:08 | 001,944,824 | ---- | M] (Bleeping Computer, LLC) -- E:\Users\Adrock\Downloads\rkill.exe
[2014/10/29 18:27:38 | 001,063,160 | ---- | M] (Bleeping Computer, LLC) -- E:\Users\Adrock\Downloads\rkill64.exe
[2014/10/29 17:52:56 | 004,184,008 | ---- | M] (Kaspersky Lab ZAO) -- E:\Users\Adrock\Downloads\tdsskiller(1).exe
[2014/10/29 13:23:55 | 004,184,008 | ---- | M] (Kaspersky Lab ZAO) -- E:\Users\Adrock\Downloads\tdsskiller.exe
[2014/05/23 21:47:39 | 029,498,592 | ---- | M] (TeamSpeak Systems GmbH) -- E:\Users\Adrock\Downloads\TeamSpeak3-Client-win64-3.0.14.exe
[2014/05/24 00:24:37 | 010,318,296 | ---- | M] (NCSOFT) -- E:\Users\Adrock\Downloads\Wildstar.exe
[2014/05/23 21:22:40 | 002,942,368 | ---- | M] (Blizzard Entertainment) -- E:\Users\Adrock\Downloads\World-of-Warcraft-Setup-enUS.exe

[color=#A23BEC]< %USERPROFILE%\Documents\*.* >[/color]
[2014/08/14 16:55:50 | 000,000,402 | -HS- | M] () -- E:\Users\Adrock\Documents\desktop.ini

[color=#A23BEC]< %USERPROFILE%\Downloads\*.* >[/color]
[2014/10/29 13:47:29 | 000,030,485 | ---- | M] () -- E:\Users\Adrock\Downloads\Addition.txt
[2014/10/28 23:16:45 | 005,591,695 | R--- | M] (Swearware) -- E:\Users\Adrock\Downloads\ComboFix.exe
[2014/08/14 16:55:50 | 000,000,282 | -HS- | M] () -- E:\Users\Adrock\Downloads\desktop.ini
[2014/05/23 22:01:47 | 000,282,928 | ---- | M] (Mozilla) -- E:\Users\Adrock\Downloads\Firefox Setup Stub 29.0.1.exe
[2014/10/30 18:33:20 | 000,010,379 | ---- | M] () -- E:\Users\Adrock\Downloads\Fixlog.txt
[2014/10/29 13:47:29 | 000,039,690 | ---- | M] () -- E:\Users\Adrock\Downloads\FRST.txt
[2014/10/29 12:39:15 | 002,113,536 | ---- | M] (Farbar) -- E:\Users\Adrock\Downloads\FRST64.exe
[2014/05/24 09:18:37 | 062,122,112 | ---- | M] (Logitech Inc.) -- E:\Users\Adrock\Downloads\LGS_8.53.154_x64_Logitech.exe
[2014/10/30 18:34:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Adrock\Downloads\OTL.scr
[2014/10/29 17:41:08 | 001,944,824 | ---- | M] (Bleeping Computer, LLC) -- E:\Users\Adrock\Downloads\rkill.exe
[2014/10/29 18:27:38 | 001,063,160 | ---- | M] (Bleeping Computer, LLC) -- E:\Users\Adrock\Downloads\rkill64.exe
[2014/10/29 17:52:56 | 004,184,008 | ---- | M] (Kaspersky Lab ZAO) -- E:\Users\Adrock\Downloads\tdsskiller(1).exe
[2014/10/29 13:23:55 | 004,184,008 | ---- | M] (Kaspersky Lab ZAO) -- E:\Users\Adrock\Downloads\tdsskiller.exe
[2014/05/23 21:47:39 | 029,498,592 | ---- | M] (TeamSpeak Systems GmbH) -- E:\Users\Adrock\Downloads\TeamSpeak3-Client-win64-3.0.14.exe
[2014/05/24 00:24:37 | 010,318,296 | ---- | M] (NCSOFT) -- E:\Users\Adrock\Downloads\Wildstar.exe
[2014/05/23 21:22:40 | 002,942,368 | ---- | M] (Blizzard Entertainment) -- E:\Users\Adrock\Downloads\World-of-Warcraft-Setup-enUS.exe

[color=#A23BEC]< %USERPROFILE%\AppData\Local\*.* >[/color]
[2014/10/16 17:32:15 | 000,113,920 | ---- | M] () -- E:\Users\Adrock\AppData\Local\GDIPFONTCACHEV1.DAT
[2014/10/29 23:15:59 | 003,248,627 | -H-- | M] () -- E:\Users\Adrock\AppData\Local\IconCache.db
[2014/08/18 15:09:28 | 000,000,218 | ---- | M] () -- E:\Users\Adrock\AppData\Local\recently-used.xbel
[2014/05/23 20:57:42 | 000,000,003 | ---- | M] () -- E:\Users\Adrock\AppData\Local\user_data.ini

[color=#A23BEC]< %USERPROFILE%\AppData\Local\*. >[/color]
[2014/10/30 07:43:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Adobe
[2014/07/15 17:47:40 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Apple
[2014/10/28 20:19:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Apple Computer
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\AppData\Local\Application Data
[2014/05/23 22:16:09 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Apps
[2014/10/28 20:19:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Battle.net
[2014/10/28 20:19:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Blizzard Entertainment
[2014/10/28 20:19:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\cFos
[2014/10/29 14:14:25 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\CrashDumps
[2014/10/28 21:48:20 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Deployment
[2014/07/01 22:17:11 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Diagnostics
[2014/05/25 23:17:49 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\AppData\Local\EmieSiteList
[2014/05/25 23:17:49 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\AppData\Local\EmieUserList
[2014/09/16 15:34:34 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Glyph
[2014/10/28 20:19:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\GoPro
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\AppData\Local\History
[2014/07/15 17:40:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\IsolatedStorage
[2014/05/24 11:22:17 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Logitech
[2014/05/23 23:53:46 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Macromedia
[2014/10/28 20:19:54 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Microsoft
[2014/08/18 14:57:12 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Microsoft Help
[2014/10/28 20:19:54 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Mozilla
[2014/05/24 00:25:09 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\NCSOFT
[2014/05/23 21:16:50 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\NVIDIA
[2014/06/03 07:11:04 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\NVIDIA Corporation
[2014/10/30 07:34:01 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Overwolf
[2014/07/15 17:42:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Programs
[2014/06/19 19:37:25 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Razer
[2014/06/19 19:35:47 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Razer_Inc
[2014/10/30 18:37:39 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Temp
[2014/05/23 20:01:16 | 000,000,000 | -HSD | M] -- E:\Users\Adrock\AppData\Local\Temporary Internet Files
[2014/10/22 10:00:03 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\VirtualStore
[2014/10/22 09:43:24 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Local\Windows Live

[color=#A23BEC]< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\Default\*.* >[/color]

[color=#A23BEC]< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\Default\*. >[/color]

[color=#A23BEC]< %USERPROFILE%\AppData\Roaming\*.* >[/color]
[2014/10/23 12:39:29 | 000,000,000 | ---- | M] () -- E:\Users\Adrock\AppData\Roaming\bitlord_log.txt

[color=#A23BEC]< %USERPROFILE%\AppData\Roaming\*. >[/color]
[2014/10/28 20:19:55 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Adobe
[2014/09/21 16:17:56 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Apple Computer
[2014/05/23 21:38:55 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Battle.net
[2014/10/23 12:39:52 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\BitLord
[2014/05/23 23:09:12 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Curse Advertising
[2014/10/28 20:19:59 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\GoPro
[2014/05/23 20:01:19 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Identities
[2014/05/23 20:54:48 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\InstallShield
[2014/05/24 11:20:59 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Logishrd
[2014/05/24 11:20:59 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Logitech
[2014/05/23 20:58:47 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Macromedia
[2010/11/21 03:16:41 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Media Center Programs
[2014/10/28 20:20:00 | 000,000,000 | --SD | M] -- E:\Users\Adrock\AppData\Roaming\Microsoft
[2014/10/28 20:20:00 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Mozilla
[2014/10/28 20:21:55 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\NCSOFT
[2014/09/05 16:51:11 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\NVIDIA
[2014/10/28 20:21:56 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\OBS
[2014/07/15 17:40:33 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\OptimumPcBoost
[2014/10/28 20:21:56 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Philipp Winterberg
[2014/07/15 17:41:00 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\Python-Eggs
[2014/10/28 20:21:56 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\TS3Client
[2014/09/28 21:43:02 | 000,000,000 | ---D | M] -- E:\Users\Adrock\AppData\Roaming\vlc

[color=#A23BEC]< %ProgramData%\*.* >[/color]
[2014/05/23 22:29:08 | 000,262,144 | ---- | M] () -- E:\ProgramData\NTUser.dat
[2014/05/23 22:29:08 | 000,005,120 | -HS- | M] () -- E:\ProgramData\NTUser.dat.LOG1
[2014/05/23 22:29:08 | 000,000,000 | -HS- | M] () -- E:\ProgramData\NTUser.dat.LOG2
[2014/05/23 22:29:08 | 000,065,536 | -HS- | M] () -- E:\ProgramData\NTUser.dat{5c551c5e-e2e0-11e3-bff9-002522fcd522}.TM.blf
[2014/05/23 22:29:08 | 000,524,288 | -HS- | M] () -- E:\ProgramData\NTUser.dat{5c551c5e-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000001.regtrans-ms
[2014/05/23 22:29:08 | 000,524,288 | -HS- | M] () -- E:\ProgramData\NTUser.dat{5c551c5e-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000002.regtrans-ms
[2014/05/23 22:29:08 | 000,065,536 | -HS- | M] () -- E:\ProgramData\NTUser.dat{5c551c69-e2e0-11e3-bff9-002522fcd522}.TM.blf
[2014/05/23 22:29:08 | 000,524,288 | -HS- | M] () -- E:\ProgramData\NTUser.dat{5c551c69-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000001.regtrans-ms
[2014/05/23 22:29:08 | 000,524,288 | -HS- | M] () -- E:\ProgramData\NTUser.dat{5c551c69-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000002.regtrans-ms

[color=#A23BEC]< %ProgramData%\*. >[/color]
[2014/09/21 15:55:46 | 000,000,000 | ---D | M] -- E:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/09/06 10:20:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Adobe
[2014/09/21 15:54:52 | 000,000,000 | ---D | M] -- E:\ProgramData\Apple
[2014/09/21 15:55:42 | 000,000,000 | ---D | M] -- E:\ProgramData\Apple Computer
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2014/08/27 22:35:11 | 000,000,000 | ---D | M] -- E:\ProgramData\Avg_Update_0814tb
[2014/10/28 20:18:29 | 000,000,000 | ---D | M] -- E:\ProgramData\Battle.net
[2014/05/23 21:23:34 | 000,000,000 | ---D | M] -- E:\ProgramData\Blizzard Entertainment
[2014/05/23 20:57:39 | 000,000,000 | ---D | M] -- E:\ProgramData\cFos
[2014/08/18 14:55:44 | 000,000,000 | -H-D | M] -- E:\ProgramData\Common Files
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2014/05/23 20:57:35 | 000,000,000 | ---D | M] -- E:\ProgramData\FNET
[2014/09/16 15:34:32 | 000,000,000 | ---D | M] -- E:\ProgramData\Glyph
[2014/10/28 22:28:12 | 000,000,000 | ---D | M] -- E:\ProgramData\HitmanPro
[2014/05/23 21:11:59 | 000,000,000 | ---D | M] -- E:\ProgramData\Intel
[2014/10/28 20:18:29 | 000,000,000 | ---D | M] -- E:\ProgramData\LogiShrd
[2014/07/15 17:43:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Malwarebytes
[2014/09/04 16:58:30 | 000,000,000 | --SD | M] -- E:\ProgramData\Microsoft
[2014/10/20 00:14:34 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft Help
[2014/09/04 16:57:39 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft OneDrive
[2014/08/18 15:08:01 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft Toolkit
[2014/05/23 22:02:40 | 000,000,000 | ---D | M] -- E:\ProgramData\Mozilla
[2014/05/23 21:01:28 | 000,000,000 | ---D | M] -- E:\ProgramData\Norton
[2014/05/23 20:59:49 | 000,000,000 | ---D | M] -- E:\ProgramData\NortonInstaller
[2014/10/30 07:33:45 | 000,000,000 | ---D | M] -- E:\ProgramData\NVIDIA
[2014/05/23 21:16:40 | 000,000,000 | ---D | M] -- E:\ProgramData\NVIDIA Corporation
[2014/06/03 07:10:29 | 000,000,000 | ---D | M] -- E:\ProgramData\Overwolf
[2014/10/28 22:58:04 | 000,000,000 | ---D | M] -- E:\ProgramData\Package Cache
[2014/10/28 20:19:51 | 000,000,000 | ---D | M] -- E:\ProgramData\Razer
[2014/09/05 16:50:31 | 000,000,000 | ---D | M] -- E:\ProgramData\regid.1986-12.com.adobe
[2014/08/18 15:00:02 | 000,000,000 | ---D | M] -- E:\ProgramData\regid.1991-06.com.microsoft
[2014/10/29 17:42:53 | 000,000,000 | ---D | M] -- E:\ProgramData\RogueKiller
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2014/05/23 20:59:45 | 000,000,000 | -H-D | M] -- E:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}

[color=#A23BEC]< %programdata%\Microsoft\Windows\DRM\*.tmp >[/color]

[color=#A23BEC]< %programdata%\Microsoft\DRM\*.tmp >[/color]

[color=#A23BEC]< C:\Users\All Users\*.exe /s >[/color]
[2012/08/21 13:01:28 | 001,977,816 | ---- | M] (GEAR Software, Inc.) -- C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69\GEARDIFx.exe
[2012/08/21 13:01:20 | 000,131,544 | ---- | M] (GEAR Software, Inc.) -- C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DifXInst64.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10476\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10476\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10476\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10476\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10573\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10573\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10573\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10573\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\1064\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\1064\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\1064\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\1064\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10795\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10795\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10795\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\10795\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\13010\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\13010\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\13010\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\13010\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\13700\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\13700\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\13700\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\13700\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\14508\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\14508\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\14508\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\14508\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\1490\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\1490\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\1490\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\1490\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15014\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15014\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15014\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15014\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15333\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15333\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15333\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15333\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15379\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15379\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15379\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\15379\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\16964\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\16964\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\16964\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\16964\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\17908\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\17908\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\17908\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\17908\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\18802\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\18802\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\18802\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\18802\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\19362\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\19362\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\19362\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\19362\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\19989\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\19989\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\19989\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\19989\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\20547\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\20547\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\20547\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\20547\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2067\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2067\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2067\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2067\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\22838\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\22838\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\22838\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\22838\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\23492\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\23492\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\23492\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\23492\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\23592\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\23592\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\23592\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\23592\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24270\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24270\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24270\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24270\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24275\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24275\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24275\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24275\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24805\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24805\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24805\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\24805\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\25625\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\25625\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\25625\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\25625\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2610\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2610\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2610\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2610\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\26492\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\26492\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\26492\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\26492\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27133\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27133\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27133\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27133\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2718\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2718\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2718\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\2718\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27588\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27588\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27588\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27588\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27647\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27647\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27647\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27647\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27672\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27672\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27672\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\27672\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\28260\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\28260\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\28260\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\28260\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\28574\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\28574\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\28574\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\28574\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\30036\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\30036\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\30036\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\30036\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\30532\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\30532\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\30532\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\30532\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\31060\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\31060\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\31060\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\31060\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\31930\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\31930\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\31930\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\31930\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\32543\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\32543\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\32543\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\32543\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\3542\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\3542\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\3542\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\3542\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\3585\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\3585\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\3585\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\3585\ReaderUpdater.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5611\AcrobatUpdater.exe
[2013/04/04 17:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5611\AdobeARM.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5611\AdobeARMHelper.exe
[2013/04/04 17:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5611\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5642\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5642\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5642\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5642\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5646\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5646\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5646\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\5646\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\6037\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\6037\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\6037\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\6037\ReaderUpdater.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\6829\AcrobatUpdater.exe
[2012/12/03 03:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\6829\AdobeARM.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\6829\AdobeARMHelper.exe
[2012/12/03 03:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Reader\9.5\ARM\6829\ReaderUpdater.exe
[2012/01/03 13:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001}\Setup.exe
[2013/09/05 11:53:27 | 000,364,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\All Users\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-AB0000000001}\setup.exe
[2013/10/06 21:32:44 | 000,077,136 | ---- | M] (Apple Inc.) -- C:\Users\All Users\Apple Computer\Installer Cache\iTunes 11.1.1.11\SetupAdmin.exe
[2013/03/07 16:10:53 | 000,077,280 | ---- | M] (Apple Inc.) -- C:\Users\All Users\Apple\Installer Cache\iCloud Control Panel 2.1.1.3\SetupAdmin.exe
[2014/05/07 12:51:41 | 000,399,920 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Agent.exe
[2013/12/17 20:42:59 | 001,620,016 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Blizzard Uninstaller.exe
[2013/12/17 20:42:59 | 000,333,360 | ---- | M] (Blizzard Entertainment, Inc.) -- C:\Users\All Users\Battle.net\Agent\BlizzardError.exe
[2013/12/17 20:42:55 | 000,499,712 | ---- | M] (Blizzard Entertainment, Inc.) -- C:\Users\All Users\Battle.net\Agent\ErrorReporter.exe
[2014/04/17 11:15:27 | 008,896,048 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Agent.2816\Agent.exe
[2014/05/07 12:51:41 | 009,177,648 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Agent.2880\Agent.exe
[2014/03/13 09:11:06 | 008,839,728 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Agent.beta.2737\Agent.exe
[2014/03/23 20:11:43 | 008,840,240 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Agent.beta.2753\Agent.exe
[2013/12/17 20:43:13 | 000,533,184 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Client\Blizzard Launcher.exe
[2013/12/17 20:43:02 | 017,735,288 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Client\Blizzard Launcher.1682\Blizzard Launcher.exe
[2013/12/17 20:43:13 | 019,252,784 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Client\Blizzard Launcher.2005\Blizzard Launcher.exe
[2013/12/17 20:42:54 | 001,842,736 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Setup\wow_enus\World of Warcraft Setup.exe
[2013/11/06 12:53:00 | 001,715,696 | ---- | M] (Conduit) -- C:\Users\All Users\Conduit\Multi\CT3314880\UninstallerUI.exe
[2013/04/10 16:25:35 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2013/12/12 10:04:40 | 000,368,448 | ---- | M] () -- C:\Users\All Users\MediaDev\1386857077\mediadev.exe
[2014/05/23 19:15:11 | 232,480,872 | ---- | M] (NVIDIA Corporation) -- C:\Users\All Users\NVIDIA Corporation\NetService\335.23-desktop-win8-win7-winvista-64bit-english-whql-g.exe
[2013/11/05 14:08:40 | 000,453,960 | ---- | M] (Microsoft Corporation) -- C:\Users\All Users\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe
[2013/11/05 14:04:03 | 000,453,920 | ---- | M] (Microsoft Corporation) -- C:\Users\All Users\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe
[2013/10/31 21:11:34 | 000,453,968 | ---- | M] (Microsoft Corporation) -- C:\Users\All Users\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
[2013/10/31 21:12:05 | 000,454,112 | ---- | M] (Microsoft Corporation) -- C:\Users\All Users\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
[2011/11/28 21:48:23 | 000,042,280 | ---- | M] ( ) -- C:\Users\All Users\Temp\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\PostBuild.exe
[2013/12/12 10:06:39 | 000,368,448 | ---- | M] () -- C:\Users\All Users\UpdateServer\1386857198\webdev.exe
[2013/12/12 10:15:42 | 000,261,440 | ---- | M] () -- C:\Users\All Users\UpdateTask\feedback.exe
[2013/12/05 10:24:59 | 000,246,080 | ---- | M] () -- C:\Users\All Users\UpdateTask\feedback_install.exe
[2014/05/11 17:21:57 | 000,262,976 | ---- | M] () -- C:\Users\All Users\UpdateTask\vmhost.exe
[2013/04/19 21:16:16 | 000,611,672 | ---- | M] (Yahoo! Inc.) -- C:\Users\All Users\Yahoo!\YUpdater\yupdater.exe
[2009/07/14 01:08:49 | 000,000,006 | -H-- | C] () -- E:\Windows\Tasks\SA.DAT
[2009/07/14 01:08:49 | 000,032,596 | ---- | C] () -- E:\Windows\Tasks\SCHEDLGU.TXT
[2014/05/23 22:21:18 | 000,000,830 | ---- | C] () -- E:\Windows\Tasks\Adobe Flash Player Updater.job

[color=#A23BEC]< C:\Users\Default\*.exe /s >[/color]
[2013/02/26 22:24:48 | 000,054,776 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

[color=#A23BEC]< C:\Users\Public\*.exe /s >[/color]
[2012/04/24 19:40:00 | 000,011,816 | ---- | M] (En Masse Entertainment) -- C:\Users\Public\Games\TERA\EMEVersionCheck.exe

[color=#A23BEC]< %CommonProgramFiles%\*.* >[/color]

[color=#A23BEC]< %CommonProgramFiles%\*. >[/color]
[2014/09/05 17:10:37 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\Adobe
[2014/05/23 20:58:52 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\Adobe AIR
[2014/09/21 15:55:42 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\Apple
[2014/09/06 16:54:56 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014/05/23 20:54:04 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\InstallShield
[2014/05/23 20:52:21 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\Intel
[2014/09/05 16:49:20 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\microsoft shared
[2014/10/29 12:27:05 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\Overwolf
[2014/05/23 20:54:50 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\postureAgent
[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\Services
[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\SpeechEngines
[2014/05/24 00:37:20 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\Symantec Shared
[2014/05/25 18:45:09 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\System
[2014/09/04 16:57:20 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files\Windows Live

[color=#A23BEC]< %CommonProgramFiles%\ComObjects\*.* >[/color]

[color=#A23BEC]< %ProgramFiles%\*.* >[/color]
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- E:\Program Files (x86)\desktop.ini
[2014/08/18 14:56:24 | 000,000,000 | ---- | M] () -- E:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml

[color=#A23BEC]< %ProgramFiles%\*. >[/color]
[2014/09/05 17:10:17 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Adobe
[2014/05/23 21:10:44 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\AGEIA Technologies
[2014/09/21 15:54:52 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Apple Software Update
[2014/05/23 22:56:56 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\ASRock Utility
[2014/09/11 21:46:39 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Battle.net
[2014/07/15 17:40:55 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\BitLord 2
[2014/09/21 15:54:47 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Bonjour
[2014/10/22 09:59:36 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\CineForm
[2014/10/28 23:21:45 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Common Files
[2014/05/23 20:59:18 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Creative
[2014/05/23 20:55:59 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Etron Technology
[2014/09/16 15:40:19 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Glyph
[2014/10/22 09:59:35 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\GoPro
[2014/05/23 20:59:27 | 000,000,000 | -H-D | M] -- E:\Program Files (x86)\InstallShield Installation Information
[2014/05/23 20:54:49 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Intel
[2014/10/29 13:03:39 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Internet Explorer
[2014/09/21 15:55:46 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\iTunes
[2014/10/26 23:31:31 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/05/23 20:54:40 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Marvell
[2014/08/18 14:57:15 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Microsoft Analysis Services
[2014/08/18 14:57:11 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Microsoft Office
[2014/09/04 16:57:42 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Microsoft OneDrive
[2014/07/24 16:17:11 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Microsoft Silverlight
[2014/08/18 15:00:04 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Microsoft SQL Server
[2014/09/04 16:58:40 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014/08/18 22:38:36 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Microsoft.NET
[2014/09/24 17:21:28 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Mozilla Firefox
[2014/09/25 13:22:41 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Mozilla Maintenance Service
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\MSBuild
[2014/05/24 00:25:09 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\NCSOFT
[2014/05/23 21:00:22 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Norton Internet Security
[2014/05/23 20:59:49 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\NortonInstaller
[2014/05/23 21:16:23 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\NVIDIA Corporation
[2014/07/04 20:53:58 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\OBS
[2014/10/29 12:27:05 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Overwolf
[2014/10/22 09:59:22 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\QuickTime
[2014/08/18 14:55:37 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\RAR File Open Knife - Free Opener
[2014/10/01 20:22:49 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Razer
[2014/05/23 20:54:06 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Realtek
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Reference Assemblies
[2014/05/23 20:54:16 | 000,000,000 | -H-D | M] -- E:\Program Files (x86)\Temp
[2009/07/14 00:57:06 | 000,000,000 | -H-D | M] -- E:\Program Files (x86)\Uninstall Information
[2014/05/25 18:45:06 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Windows Defender
[2014/09/04 16:58:39 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Windows Live
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Windows Mail
[2014/05/25 18:45:10 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Windows Media Player
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Windows NT
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Windows Photo Viewer
[2010/11/20 23:31:38 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Windows Portable Devices
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\Windows Sidebar
[2014/09/11 21:47:04 | 000,000,000 | ---D | M] -- E:\Program Files (x86)\World of Warcraft

[color=#A23BEC]< %Public%\Documents\*.* >[/color]
[2009/07/14 00:54:24 | 000,000,278 | -HS- | M] () -- E:\Users\Public\Documents\desktop.ini

[color=#A23BEC]< %Public%\Documents\*. >[/color]
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\Users\Public\Documents\My Music
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\Users\Public\Documents\My Pictures
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\Users\Public\Documents\My Videos

[color=#A23BEC]< %Public%\Downloads\*.* >[/color]
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- E:\Users\Public\Downloads\desktop.ini

[color=#A23BEC]< %Public%\Downloads\*. >[/color]

[color=#A23BEC]< %systemroot%\System32\config\systemprofile\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\System32\config\systemprofile\*.* >[/color]
[2014/05/24 00:39:12 | 000,262,144 | ---- | M] () -- E:\Windows\System32\config\systemprofile\ntuser.dat
[2014/10/28 23:17:51 | 000,005,120 | -HS- | M] () -- E:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
[2014/05/24 00:39:12 | 000,000,000 | -HS- | M] () -- E:\Windows\System32\config\systemprofile\ntuser.dat.LOG2
[2014/05/24 00:39:12 | 000,065,536 | -HS- | M] () -- E:\Windows\System32\config\systemprofile\ntuser.dat{5c551ccd-e2e0-11e3-bff9-002522fcd522}.TM.blf
[2014/05/24 00:39:12 | 000,524,288 | -HS- | M] () -- E:\Windows\System32\config\systemprofile\ntuser.dat{5c551ccd-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000001.regtrans-ms
[2014/05/24 00:39:12 | 000,524,288 | -HS- | M] () -- E:\Windows\System32\config\systemprofile\ntuser.dat{5c551ccd-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000002.regtrans-ms
[2014/05/24 00:39:12 | 000,065,536 | -HS- | M] () -- E:\Windows\System32\config\systemprofile\ntuser.dat{5c551cd1-e2e0-11e3-bff9-002522fcd522}.TM.blf
[2014/05/24 00:39:12 | 000,524,288 | -HS- | M] () -- E:\Windows\System32\config\systemprofile\ntuser.dat{5c551cd1-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000001.regtrans-ms
[2014/05/24 00:39:12 | 000,524,288 | -HS- | M] () -- E:\Windows\System32\config\systemprofile\ntuser.dat{5c551cd1-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000002.regtrans-ms

[color=#A23BEC]< %systemroot%\System32\config\systemprofile\*. >[/color]
[2009/07/14 00:55:33 | 000,000,000 | --SD | M] -- E:\Windows\System32\config\systemprofile\AppData

[color=#A23BEC]< %systemroot%\system32\config\systemprofile\AppData\Local\*.* >[/color]
[2014/06/19 19:33:13 | 000,058,400 | ---- | M] () -- E:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#A23BEC]< %systemroot%\system32\config\systemprofile\AppData\Local\*. >[/color]
[2014/05/25 18:45:44 | 000,000,000 | ---D | M] -- E:\Windows\system32\config\systemprofile\AppData\Local\CrashDumps
[2009/07/14 00:54:17 | 000,000,000 | ---D | M] -- E:\Windows\system32\config\systemprofile\AppData\Local\Microsoft
[2014/06/17 19:10:49 | 000,000,000 | ---D | M] -- E:\Windows\system32\config\systemprofile\AppData\Local\Overwolf
[2014/06/19 19:33:13 | 000,000,000 | ---D | M] -- E:\Windows\system32\config\systemprofile\AppData\Local\Razer

[color=#A23BEC]< %systemroot%\system32\config\systemprofile\AppData\Roaming\*.* >[/color]

[color=#A23BEC]< %systemroot%\system32\config\systemprofile\AppData\Roaming\*. >[/color]
[2014/09/21 15:54:52 | 000,000,000 | ---D | M] -- E:\Windows\system32\config\systemprofile\AppData\Roaming\Apple Computer
[2009/07/14 00:54:17 | 000,000,000 | ---D | M] -- E:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft

[color=#A23BEC]< %systemroot%\SysWow64\config\systemprofile\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\SysWow64\config\systemprofile\*.* >[/color]
[2014/05/24 00:39:12 | 000,262,144 | ---- | M] () -- E:\Windows\SysWow64\config\systemprofile\ntuser.dat
[2014/10/28 23:17:51 | 000,005,120 | -HS- | M] () -- E:\Windows\SysWow64\config\systemprofile\ntuser.dat.LOG1
[2014/05/24 00:39:12 | 000,000,000 | -HS- | M] () -- E:\Windows\SysWow64\config\systemprofile\ntuser.dat.LOG2
[2014/05/24 00:39:12 | 000,065,536 | -HS- | M] () -- E:\Windows\SysWow64\config\systemprofile\ntuser.dat{5c551ccd-e2e0-11e3-bff9-002522fcd522}.TM.blf
[2014/05/24 00:39:12 | 000,524,288 | -HS- | M] () -- E:\Windows\SysWow64\config\systemprofile\ntuser.dat{5c551ccd-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000001.regtrans-ms
[2014/05/24 00:39:12 | 000,524,288 | -HS- | M] () -- E:\Windows\SysWow64\config\systemprofile\ntuser.dat{5c551ccd-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000002.regtrans-ms
[2014/05/24 00:39:12 | 000,065,536 | -HS- | M] () -- E:\Windows\SysWow64\config\systemprofile\ntuser.dat{5c551cd1-e2e0-11e3-bff9-002522fcd522}.TM.blf
[2014/05/24 00:39:12 | 000,524,288 | -HS- | M] () -- E:\Windows\SysWow64\config\systemprofile\ntuser.dat{5c551cd1-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000001.regtrans-ms
[2014/05/24 00:39:12 | 000,524,288 | -HS- | M] () -- E:\Windows\SysWow64\config\systemprofile\ntuser.dat{5c551cd1-e2e0-11e3-bff9-002522fcd522}.TMContainer00000000000000000002.regtrans-ms

[color=#A23BEC]< %systemroot%\SysWow64\config\systemprofile\*. >[/color]
[2009/07/14 00:55:33 | 000,000,000 | --SD | M] -- E:\Windows\SysWow64\config\systemprofile\AppData

[color=#A23BEC]< %systemroot%\SysWOW64\config\systemprofile\AppData\Local\*.* >[/color]
[2014/06/19 19:33:13 | 000,058,400 | ---- | M] () -- E:\Windows\SysWOW64\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#A23BEC]< %systemroot%\SysWOW64\config\systemprofile\AppData\Local\*. >[/color]
[2014/05/25 18:45:44 | 000,000,000 | ---D | M] -- E:\Windows\SysWOW64\config\systemprofile\AppData\Local\CrashDumps
[2009/07/14 00:54:17 | 000,000,000 | ---D | M] -- E:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft
[2014/06/17 19:10:49 | 000,000,000 | ---D | M] -- E:\Windows\SysWOW64\config\systemprofile\AppData\Local\Overwolf
[2014/06/19 19:33:13 | 000,000,000 | ---D | M] -- E:\Windows\SysWOW64\config\systemprofile\AppData\Local\Razer

[color=#A23BEC]< %systemroot%\SysWOW64\config\systemprofile\AppData\Roaming\*.* >[/color]

[color=#A23BEC]< %systemroot%\SysWOW64\config\systemprofile\AppData\Roaming\*. >[/color]
[2014/09/21 15:54:52 | 000,000,000 | ---D | M] -- E:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Apple Computer
[2009/07/14 00:54:17 | 000,000,000 | ---D | M] -- E:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft

[color=#A23BEC]< %systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\ServiceProfiles\LocalService\AppData\Local\*.* >[/color]
[2014/05/24 13:14:45 | 000,226,804 | ---- | M] () -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2622789366-4104432293-3959885506-1000-12288.dat
[2014/05/24 13:14:45 | 006,971,216 | ---- | M] () -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2622789366-4104432293-3959885506-1000-8192.dat
[2014/10/29 23:17:24 | 001,914,320 | ---- | M] () -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
[2014/10/30 07:33:45 | 000,000,000 | -HS- | M] () -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
[2014/10/30 07:33:45 | 000,000,000 | -HS- | M] () -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
[2014/10/28 23:07:26 | 016,777,216 | ---- | M] () -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat
[2014/10/28 23:07:50 | 008,388,608 | ---- | M] () -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2622789366-4104432293-3959885506-1000.dat
[2014/10/28 23:07:31 | 000,606,776 | ---- | M] () -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat

[color=#A23BEC]< %systemroot%\ServiceProfiles\LocalService\AppData\Local\*. >[/color]
[2009/07/14 00:45:47 | 000,000,000 | ---D | M] -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft
[2014/10/28 20:37:38 | 000,000,000 | ---D | M] -- E:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp

[color=#A23BEC]< %systemroot%\ServiceProfiles\LocalService\AppData\Roaming\*.* >[/color]

[color=#A23BEC]< %systemroot%\ServiceProfiles\LocalService\AppData\Roaming\*. >[/color]
[2014/05/27 17:11:23 | 000,000,000 | --SD | M] -- E:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft

[color=#A23BEC]< %systemroot%\ServiceProfiles\NetworkService\AppData\Local\*.* >[/color]

[color=#A23BEC]< %systemroot%\ServiceProfiles\NetworkService\AppData\Local\*. >[/color]
[2009/07/14 00:45:47 | 000,000,000 | ---D | M] -- E:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft
[2014/10/30 07:34:27 | 000,000,000 | ---D | M] -- E:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp

[color=#A23BEC]< %systemroot%\ServiceProfiles\NetworkService\AppData\Roaming\*.* >[/color]

[color=#A23BEC]< %systemroot%\ServiceProfiles\NetworkService\AppData\Roaming\*. >[/color]
[2014/09/04 16:48:48 | 000,000,000 | --SD | M] -- E:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft

[color=#A23BEC]< %windir%\temp\*.* >[/color]
[2014/10/30 07:43:49 | 000,000,300 | ---- | M] () -- E:\Windows\temp\ScheduledHeartbeat.log

[color=#A23BEC]< %windir%\temp\*. >[/color]

[color=#A23BEC]< %windir%\*. >[/color]
[2009/07/14 01:32:39 | 000,000,000 | ---D | M] -- E:\Windows\addins
[2014/10/29 18:12:59 | 000,000,000 | ---D | M] -- E:\Windows\AppCompat
[2014/10/28 23:21:45 | 000,000,000 | ---D | M] -- E:\Windows\AppPatch
[2014/10/20 00:14:07 | 000,000,000 | R-SD | M] -- E:\Windows\assembly
[2014/08/19 14:34:48 | 000,000,000 | ---D | M] -- E:\Windows\AutoKMS
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\Boot
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\Branding
[2009/07/14 01:32:39 | 000,000,000 | ---D | M] -- E:\Windows\Cursors
[2014/10/28 21:42:12 | 000,000,000 | ---D | M] -- E:\Windows\debug
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\diagnostics
[2009/07/14 01:37:46 | 000,000,000 | ---D | M] -- E:\Windows\DigitalLocker
[2014/05/23 22:21:22 | 000,000,000 | ---D | M] -- E:\Windows\Downloaded Program Files
[2014/08/14 16:51:31 | 000,000,000 | ---D | M] -- E:\Windows\ehome
[2014/09/04 16:58:49 | 000,000,000 | ---D | M] -- E:\Windows\en
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\en-US
[2014/10/28 23:25:50 | 000,000,000 | ---D | M] -- E:\Windows\erdnt
[2014/10/15 23:59:07 | 000,000,000 | R-SD | M] -- E:\Windows\Fonts
[2010/11/21 03:19:27 | 000,000,000 | ---D | M] -- E:\Windows\Globalization
[2014/05/23 21:10:00 | 000,000,000 | ---D | M] -- E:\Windows\Help
[2009/07/14 01:37:46 | 000,000,000 | ---D | M] -- E:\Windows\IME
[2014/10/30 07:39:43 | 000,000,000 | ---D | M] -- E:\Windows\inf
[2014/10/28 23:11:27 | 000,000,000 | -HSD | M] -- E:\Windows\Installer
[2009/07/14 01:32:39 | 000,000,000 | ---D | M] -- E:\Windows\L2Schemas
[2009/07/13 22:34:24 | 000,000,000 | ---D | M] -- E:\Windows\LiveKernelReports
[2014/05/24 13:01:37 | 000,000,000 | ---D | M] -- E:\Windows\Logs
[2009/07/14 01:32:40 | 000,000,000 | R-SD | M] -- E:\Windows\Media
[2014/10/28 23:11:26 | 000,000,000 | ---D | M] -- E:\Windows\Microsoft.NET
[2014/05/24 13:05:43 | 000,000,000 | ---D | M] -- E:\Windows\Migration
[2009/07/13 22:34:34 | 000,000,000 | ---D | M] -- E:\Windows\ModemLogs
[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- E:\Windows\Offline Web Pages
[2014/05/23 20:01:14 | 000,000,000 | ---D | M] -- E:\Windows\Panther
[2014/10/28 21:47:51 | 000,000,000 | ---D | M] -- E:\Windows\PCHEALTH
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\Performance
[2009/07/13 23:20:10 | 000,000,000 | ---D | M] -- E:\Windows\PLA
[2014/08/14 16:51:29 | 000,000,000 | ---D | M] -- E:\Windows\PolicyDefinitions
[2014/05/23 23:12:37 | 000,000,000 | ---D | M] -- E:\Windows\Prefetch
[2014/10/28 21:49:29 | 000,000,000 | ---D | M] -- E:\Windows\pss
[2014/06/19 19:34:11 | 000,000,000 | ---D | M] -- E:\Windows\Razer Core
[2009/07/13 23:20:11 | 000,000,000 | ---D | M] -- E:\Windows\Registration
[2014/10/16 18:41:50 | 000,000,000 | ---D | M] -- E:\Windows\rescache
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\Resources
[2009/07/13 22:35:47 | 000,000,000 | ---D | M] -- E:\Windows\SchCache
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\schemas
[2009/07/13 23:20:10 | 000,000,000 | ---D | M] -- E:\Windows\security
[2009/07/14 00:45:47 | 000,000,000 | ---D | M] -- E:\Windows\ServiceProfiles
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\servicing
[2009/07/14 00:45:50 | 000,000,000 | ---D | M] -- E:\Windows\Setup
[2014/08/18 15:00:10 | 000,000,000 | ---D | M] -- E:\Windows\ShellNew
[2014/05/23 21:07:01 | 000,000,000 | ---D | M] -- E:\Windows\SoftwareDistribution
[2010/11/21 03:06:49 | 000,000,000 | ---D | M] -- E:\Windows\Speech
[2009/07/13 22:36:55 | 000,000,000 | ---D | M] -- E:\Windows\system
[2014/10/30 07:39:43 | 000,000,000 | ---D | M] -- E:\Windows\System32
[2014/10/29 13:03:39 | 000,000,000 | ---D | M] -- E:\Windows\SysWOW64
[2009/07/14 00:57:13 | 000,000,000 | ---D | M] -- E:\Windows\TAPI
[2014/10/28 23:00:45 | 000,000,000 | ---D | M] -- E:\Windows\Tasks
[2014/10/30 07:57:20 | 000,000,000 | ---D | M] -- E:\Windows\temp
[2009/07/13 22:34:33 | 000,000,000 | ---D | M] -- E:\Windows\tracing
[2009/07/14 01:32:39 | 000,000,000 | ---D | M] -- E:\Windows\twain_32
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\Vss
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\Web
[2014/10/29 13:03:41 | 000,000,000 | ---D | M] -- E:\Windows\winsxs

[color=#A23BEC]< %windir%\AppPatch\*.exe /s >[/color]

[color=#A23BEC]< %windir%\ShellNew\*.* >[/color]
[2012/09/29 14:11:14 | 000,005,770 | ---- | M] () -- E:\Windows\ShellNew\EXCEL12.XLSX
[2009/06/10 16:44:28 | 000,004,544 | ---- | M] () -- E:\Windows\ShellNew\Journal.jnt
[2012/09/29 14:11:36 | 000,059,904 | ---- | M] () -- E:\Windows\ShellNew\MSPUB.PUB

[color=#A23BEC]< %windir%\installer\*. >[/color]
[2014/05/24 13:05:43 | 000,000,000 | -HSD | M] -- E:\Windows\installer\$PatchCache$
[2014/09/04 16:58:45 | 000,000,000 | ---D | M] -- E:\Windows\installer\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}
[2014/06/19 19:34:13 | 000,000,000 | ---D | M] -- E:\Windows\installer\{0CD55593-F275-4aea-92B2-9170B5A14644}
[2014/07/23 22:37:03 | 000,000,000 | ---D | M] -- E:\Windows\installer\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}
[2014/09/21 15:54:47 | 000,000,000 | ---D | M] -- E:\Windows\installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
[2014/09/21 15:54:44 | 000,000,000 | ---D | M] -- E:\Windows\installer\{78002155-F025-4070-85B3-7C0453561701}
[2014/09/21 15:54:52 | 000,000,000 | ---D | M] -- E:\Windows\installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
[2014/05/23 21:10:44 | 000,000,000 | ---D | M] -- E:\Windows\installer\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}
[2014/07/23 23:51:59 | 000,000,000 | ---D | M] -- E:\Windows\installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
[2014/10/20 00:14:29 | 000,000,000 | ---D | M] -- E:\Windows\installer\{90150000-0011-0000-1000-0000000FF1CE}
[2014/08/18 22:37:37 | 000,000,000 | ---D | M] -- E:\Windows\installer\{90150000-001F-0409-1000-0000000FF1CE}
[2014/08/18 22:37:36 | 000,000,000 | ---D | M] -- E:\Windows\installer\{90150000-001F-040C-1000-0000000FF1CE}
[2014/08/18 22:39:10 | 000,000,000 | ---D | M] -- E:\Windows\installer\{90150000-001F-0C0A-1000-0000000FF1CE}
[2014/10/20 00:13:52 | 000,000,000 | ---D | M] -- E:\Windows\installer\{90150000-006E-0409-1000-0000000FF1CE}
[2014/08/18 14:59:38 | 000,000,000 | ---D | M] -- E:\Windows\installer\{90150000-00C1-0000-1000-0000000FF1CE}
[2014/05/23 20:58:38 | 000,000,000 | ---D | M] -- E:\Windows\installer\{AC76BA86-7AD7-1033-7B44-A90000000001}
[2014/09/21 15:54:52 | 000,000,000 | ---D | M] -- E:\Windows\installer\{B678797F-DF38-4556-8A31-8B818E261868}
[2014/05/23 20:54:32 | 000,000,000 | ---D | M] -- E:\Windows\installer\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}
[2014/09/04 16:58:29 | 000,000,000 | ---D | M] -- E:\Windows\installer\{CB3CA48C-95CB-412B-B7AE-6F2EA8F89907}
[2014/05/23 20:56:01 | 000,000,000 | ---D | M] -- E:\Windows\installer\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}
[2014/09/04 16:58:36 | 000,000,000 | ---D | M] -- E:\Windows\installer\{E703613B-BDAB-433E-A66A-DE0263E3D35D}
[2014/09/04 16:58:40 | 000,000,000 | ---D | M] -- E:\Windows\installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
[2014/09/21 15:55:47 | 000,000,000 | ---D | M] -- E:\Windows\installer\{F46AA0F1-E284-4878-A462-5F11B9166C0E}

[color=#A23BEC]< %windir%\system32\*. >[/color]
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\0409
[2010/11/20 23:31:14 | 000,000,000 | ---D | M] -- E:\Windows\system32\AdvancedInstallers
[2009/07/13 23:20:16 | 000,000,000 | ---D | M] -- E:\Windows\system32\ar-SA
[2009/07/13 23:20:16 | 000,000,000 | ---D | M] -- E:\Windows\system32\bg-BG
[2009/07/13 22:35:36 | 000,000,000 | ---D | M] -- E:\Windows\system32\catroot
[2009/07/13 22:35:36 | 000,000,000 | ---D | M] -- E:\Windows\system32\catroot2
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\com
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\system32\config
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\cs-CZ
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\da-DK
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\de-DE
[2014/09/16 16:35:33 | 000,000,000 | ---D | M] -- E:\Windows\system32\directx
[2014/07/10 15:27:29 | 000,000,000 | ---D | M] -- E:\Windows\system32\Dism
[2014/10/28 23:21:45 | 000,000,000 | ---D | M] -- E:\Windows\system32\drivers
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\DriverStore
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\el-GR
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\en
[2014/10/16 17:30:13 | 000,000,000 | ---D | M] -- E:\Windows\system32\en-US
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\es-ES
[2009/07/13 23:20:17 | 000,000,000 | ---D | M] -- E:\Windows\system32\et-EE
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\fi-FI
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\fr-FR
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\system32\FxsTmp
[2009/07/13 22:34:27 | 000,000,000 | ---D | M] -- E:\Windows\system32\GroupPolicy
[2009/07/13 22:34:27 | 000,000,000 | ---D | M] -- E:\Windows\system32\GroupPolicyUsers
[2009/07/13 23:20:17 | 000,000,000 | ---D | M] -- E:\Windows\system32\he-IL
[2009/07/13 23:20:17 | 000,000,000 | ---D | M] -- E:\Windows\system32\hr-HR
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\hu-HU
[2009/07/13 23:20:17 | 000,000,000 | ---D | M] -- E:\Windows\system32\icsxml
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\system32\IME
[2009/07/13 22:36:55 | 000,000,000 | ---D | M] -- E:\Windows\system32\inetsrv
[2009/07/13 23:20:17 | 000,000,000 | ---D | M] -- E:\Windows\system32\InstallShield
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\it-IT
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\ja-JP
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\ko-KR
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\system32\LogFiles
[2009/07/13 23:20:17 | 000,000,000 | ---D | M] -- E:\Windows\system32\lt-LT
[2009/07/13 23:20:19 | 000,000,000 | ---D | M] -- E:\Windows\system32\lv-LV
[2014/05/23 22:21:17 | 000,000,000 | ---D | M] -- E:\Windows\system32\Macromed
[2010/11/20 23:31:14 | 000,000,000 | ---D | M] -- E:\Windows\system32\manifeststore
[2014/05/25 18:45:09 | 000,000,000 | ---D | M] -- E:\Windows\system32\migration
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\migwiz
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\system32\Msdtc
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\MUI
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\nb-NO
[2009/07/13 22:34:31 | 000,000,000 | ---D | M] -- E:\Windows\system32\NDF
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\system32\NetworkList
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\nl-NL
[2014/05/23 21:11:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\NV
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\oobe
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\pl-PL
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\Printing_Admin_Scripts
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\pt-BR
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\pt-PT
[2009/07/13 23:20:19 | 000,000,000 | ---D | M] -- E:\Windows\system32\ras
[2009/07/13 23:20:19 | 000,000,000 | ---D | M] -- E:\Windows\system32\Recovery
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\system32\restore
[2009/07/13 23:20:19 | 000,000,000 | ---D | M] -- E:\Windows\system32\ro-RO
[2014/05/23 20:54:12 | 000,000,000 | ---D | M] -- E:\Windows\system32\RTCOM
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\ru-RU
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\Setup
[2009/07/13 23:20:19 | 000,000,000 | ---D | M] -- E:\Windows\system32\sk-SK
[2009/07/13 23:20:19 | 000,000,000 | ---D | M] -- E:\Windows\system32\sl-SI
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\slmgr
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\system32\Speech
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\system32\spp
[2010/11/20 23:31:13 | 000,000,000 | ---D | M] -- E:\Windows\system32\sppui
[2009/07/13 23:20:19 | 000,000,000 | ---D | M] -- E:\Windows\system32\sr-Latn-CS
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\sv-SE
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\sysprep
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\system32\Tasks
[2009/07/13 23:20:19 | 000,000,000 | ---D | M] -- E:\Windows\system32\th-TH
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\tr-TR
[2009/07/13 23:20:19 | 000,000,000 | ---D | M] -- E:\Windows\system32\uk-UA
[2014/05/25 18:45:05 | 000,000,000 | ---D | M] -- E:\Windows\system32\Wat
[2010/11/21 03:16:47 | 000,000,000 | ---D | M] -- E:\Windows\system32\wbem
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\WCN
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\system32\wdi
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\system32\WindowsPowerShell
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\system32\winrm
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\zh-CN
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\zh-HK
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\system32\zh-TW

[color=#A23BEC]< %windir%\sysnative\*. >[/color]
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\0409
[2010/11/20 23:30:27 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\AdvancedInstallers
[2009/07/13 23:20:11 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\ar-SA
[2009/07/13 23:20:11 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\bg-BG
[2014/05/25 18:45:04 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Boot
[2014/10/22 09:59:35 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\catroot
[2014/10/27 13:57:19 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\catroot2
[2014/05/23 20:09:09 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\CodeIntegrity
[2010/11/21 03:06:49 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\com
[2014/10/16 17:30:13 | 000,000,000 | --SD | M] -- E:\Windows\sysnative\CompatTel
[2014/10/30 07:47:25 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\config
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\cs-CZ
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\da-DK
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\de-DE
[2014/07/10 15:27:29 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Dism
[2014/10/30 18:24:25 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\drivers
[2014/10/22 09:59:35 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\DriverStore
[2014/09/21 15:55:47 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\DRVSTORE
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\el-GR
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\en
[2014/10/16 17:30:13 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\en-US
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\es-ES
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\et-EE
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\fi-FI
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\fr-FR
[2009/07/14 01:09:04 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\FxsTmp
[2009/07/13 22:34:27 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\GroupPolicy
[2009/07/13 22:34:27 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\GroupPolicyUsers
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\he-IL
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\hr-HR
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\hu-HU
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\ias
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\icsxml
[2009/07/13 23:20:11 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\IME
[2009/07/13 22:36:55 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\inetsrv
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\it-IT
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\ja-JP
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\ko-KR
[2014/09/05 17:38:34 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\LogFiles
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\lt-LT
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\lv-LV
[2014/05/23 22:21:16 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Macromed
[2010/11/20 23:30:27 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\manifeststore
[2009/07/14 00:45:42 | 000,000,000 | --SD | M] -- E:\Windows\sysnative\Microsoft
[2014/05/25 18:45:09 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\migration
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\migwiz
[2014/10/28 21:49:53 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\MpEngineStore
[2014/10/28 21:42:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\MRT
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Msdtc
[2010/11/21 03:06:50 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\MUI
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\nb-NO
[2014/05/23 20:14:38 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\NDF
[2009/07/13 23:20:11 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\NetworkList
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\nl-NL
[2014/05/23 21:11:51 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\NV
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\oobe
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\pl-PL
[2010/11/21 03:06:50 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Printing_Admin_Scripts
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\pt-BR
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\pt-PT
[2009/07/13 23:20:15 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\ras
[2010/11/21 03:08:28 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Recovery
[2014/05/23 20:55:02 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\restore
[2009/07/13 23:20:15 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\ro-RO
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\ru-RU
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Setup
[2009/07/13 23:20:15 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\sk-SK
[2009/07/13 23:20:15 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\sl-SI
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\slmgr
[2009/07/13 23:20:13 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\SMI
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Speech
[2009/07/14 00:53:31 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\spool
[2009/07/13 23:20:13 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\spp
[2010/11/20 23:30:26 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\sppui
[2009/07/13 23:20:16 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\sr-Latn-CS
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\sv-SE
[2014/10/26 23:22:32 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\sysprep
[2014/10/30 07:34:17 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Tasks
[2009/07/13 23:20:16 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\th-TH
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\tr-TR
[2009/07/13 23:20:16 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\uk-UA
[2014/05/25 18:45:05 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\Wat
[2014/05/25 18:45:06 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\wbem
[2010/11/21 03:06:50 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\WCN
[2014/10/30 07:35:26 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\wdi
[2009/07/14 01:09:49 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\wfp
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\WinBioDatabase
[2009/07/14 01:37:46 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\WinBioPlugIns
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\WindowsPowerShell
[2009/07/13 23:20:14 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\winevt
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\winrm
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\zh-CN
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\zh-HK
[2014/05/25 18:45:08 | 000,000,000 | ---D | M] -- E:\Windows\sysnative\zh-TW

[color=#A23BEC]< %Temp%\smtmp\1\*.* >[/color]

[color=#A23BEC]< %Temp%\smtmp\2\*.* >[/color]

[color=#A23BEC]< %Temp%\smtmp\3\*.* >[/color]

[color=#A23BEC]< %Temp%\smtmp\4\*.* >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\syswow64\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /60 >[/color]
[2014/10/30 18:11:00 | 000,000,830 | ---- | M] () -- E:\Windows\Tasks\Adobe Flash Player Updater.job

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /60 >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\syswow64\drivers\*.sys /60 >[/color]

[color=#A23BEC]< %systemroot%\syswow64\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*. /rp /s >[/color]

[color=#A23BEC]< %systemroot%\assembly\tmp\*.* /S /MD5 >[/color]

[color=#A23BEC]< %systemroot%\assembly\temp\*.* /S /MD5 >[/color]

[color=#A23BEC]< %systemroot%\assembly\GAC\*.ini >[/color]

[color=#A23BEC]< %systemroot%\assembly\GAC_32\*.ini >[/color]

[color=#A23BEC]< %systemroot%\assembly\GAC_64\*.ini >[/color]

[color=#A23BEC]< %SystemRoot%\assembly\GAC_MSIL\*.ini >[/color]

[color=#A23BEC]< wsSystemRoot|l,n,u,@;True;False;True;$,{ /fn >[/color]

[color=#A23BEC]< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} /s >[/color]
"" = Thumbnail Cache Class Factory for Out of Proc Server
"AppID" = {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}
[HKEY_CLASSES_ROOT\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
"" = E:\Windows\SysWOW64\thumbcache.dll -- [2010/11/20 23:24:08 | 000,082,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s >[/color]
"" = PSFactoryBuffer
[HKEY_CLASSES_ROOT\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemsvc.dll -- [2009/07/13 21:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >[/color]

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >[/color]
"" = MruPidlList
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} /s >[/color]
"" = Start Menu Pin
"ImplementsVerbs" = startpin;startunpin
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s >[/color]
"" = PSFactoryBuffer
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemsvc.dll -- [2009/07/13 21:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#A23BEC]< HKEY_CLASSES_ROOT\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /s >[/color]
"" = Microsoft WBEM _WbemFetchRefresherMgr Proxy Helper
[HKEY_CLASSES_ROOT\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32]
"" = %SystemRoot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[color=#A23BEC]< HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /s >[/color]
"" = ShellFolder for CD Burning
[HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"" = %SystemRoot%\system32\SHELL32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\MergedFolder]
"Attributes" = 0x0
"AttributeMask" = 0xffffffff
"Location" = @shell32.dll,-12591 -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ConflictOverlayIcon" = %SystemRoot%\system32\imageres.dll,-169 -- [2009/07/13 21:06:03 | 020,268,032 | ---- | M] (Microsoft Corporation)

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /s >[/color]
"" = Microsoft WBEM _WbemFetchRefresherMgr Proxy Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32]
"" = %SystemRoot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9
"DelayedExpansion" = 0

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64
"DelayedExpansion" = 0

[color=#A23BEC]< HKCU\Software\Classes\CLSID\{ECD4FC4D-521C-11D0-B792-00A0C90312E1}\InprocServer32 /s >[/color]

[color=#A23BEC]< HKLM\Software\Classes\CLSID\{E6BB64BE-0618-4353-9193-0AFE606D6F0C}\InprocServer32 /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\scsimap /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{118BEDCC-A901-4203-B4F2-ADCB957D1887} /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{312BED3C-A901-4203-B4F2-ADCB957D1887} /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887} /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{312BFDCE-A901-4203-B4F2-ADCB957D1887} /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{212B3DCC-A901-4203-B4F2-ADCB957D1887} /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{A12BEDCC-A901-4203-B4F2-ADCB957D1887} /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{118BEDCA-A901-4203-B4F2-ADCB957D188F} /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{118BEDCA-A901-4203-B4F2-ADCB957D188B} /s >[/color]

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{3543619C-D563-43f7-95EA-4DA7E1CC396A} /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3543619C-D563-43f7-95EA-4DA7E1CC396A} /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3543619C-D563-43f7-95EA-4DA7E1CC396A} /s >[/color]

[color=#A23BEC]< HKEY_CURRENT_USER\Software\MSOLoad /s >[/color]

[color=#A23BEC]< type C:\WINDOWS\system.ini >> test.txt /c >[/color]
; for 16-bit app support
[386Enh]
woafont=dosapp.fon
EGA80WOA.FON=EGA80WOA.FON
EGA40WOA.FON=EGA40WOA.FON
CGA80WOA.FON=CGA80WOA.FON
CGA40WOA.FON=CGA40WOA.FON
[drivers]
wave=mmdrv.dll
timer=timer.drv
[mci]

[color=#A23BEC]< MD5 for: AFD.SYS  >[/color]
[2013/09/13 21:11:05 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=26EF7E0DF4EDCD898EB7A671529410B8 -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22457_none_366f8b668e482477\afd.sys
[2013/09/13 21:10:19 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=314C17917AC8523EC77A710215012A65 -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18264_none_35d81beb75355772\afd.sys
[2013/09/27 21:14:56 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=50AB05903CBEF298D135A943D4432E3C -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22467_none_3664bb7a8e504068\afd.sys
[2013/09/27 21:09:10 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=79059559E89D06E8B80CE2944BE20228 -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18272_none_35cb4b6b753f40b5\afd.sys
[2014/05/30 02:41:14 | 000,496,640 | ---- | M] (Microsoft Corporation) MD5=BDF76C3CE993FFB6214287272708364F -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22705_none_36a3a0208e215d89\afd.sys
[2010/11/20 23:24:08 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2014/05/30 02:45:52 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=FA886682CFC5D36718D3E436AACF10B9 -- E:\Windows\SysNative\drivers\afd.sys
[2014/05/30 02:45:52 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=FA886682CFC5D36718D3E436AACF10B9 -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18489_none_35c7815175410855\afd.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\erdnt\cache64\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

[color=#A23BEC]< MD5 for: CSC.SYS  >[/color]
[2010/11/20 23:24:41 | 000,514,560 | ---- | M] (Microsoft Corporation) MD5=54DA3DFD29ED9F1619B6F53F3CE55E49 -- E:\Windows\winsxs\amd64_microsoft-windows-offlinefiles-core_31bf3856ad364e35_6.1.7601.17514_none_fc6e4e567286d457\csc.sys

[color=#A23BEC]< MD5 for: DFSC.SYS  >[/color]
[2010/11/20 23:24:32 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=9BB2EF44EAA163B29C4A4587887A0FE4 -- E:\Windows\SysNative\drivers\dfsc.sys
[2010/11/20 23:24:32 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=9BB2EF44EAA163B29C4A4587887A0FE4 -- E:\Windows\winsxs\amd64_microsoft-windows-dfsclient_31bf3856ad364e35_6.1.7601.17514_none_e5c0334cfcbb6f1f\dfsc.sys

[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2009/07/13 21:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- E:\Windows\SysNative\drivers\disk.sys
[2009/07/13 21:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- E:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/13 21:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- E:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- E:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- E:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- E:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: FASTFAT.SYS  >[/color]
[2009/07/13 19:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- E:\Windows\SysNative\drivers\fastfat.sys
[2009/07/13 19:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- E:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys

[color=#A23BEC]< MD5 for: I8042PRT.SYS  >[/color]
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\SysNative\drivers\i8042prt.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

[color=#A23BEC]< MD5 for: KBDCLASS.SYS  >[/color]
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\erdnt\cache64\kbdclass.sys
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\SysNative\drivers\kbdclass.sys
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\kbdclass.sys
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdclass.sys

[color=#A23BEC]< MD5 for: KBDHID.SYS  >[/color]
[2010/11/20 23:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=0705EFF5B42A9DB58548EEC3B26BB484 -- E:\Windows\SysNative\drivers\kbdhid.sys
[2010/11/20 23:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=0705EFF5B42A9DB58548EEC3B26BB484 -- E:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\kbdhid.sys
[2010/11/20 23:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=0705EFF5B42A9DB58548EEC3B26BB484 -- E:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdhid.sys

[color=#A23BEC]< MD5 for: LSASS.EXE  >[/color]
[2014/05/30 04:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009/07/13 21:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 02:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014/04/11 22:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- E:\Windows\erdnt\cache64\lsass.exe
[2014/04/11 22:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- E:\Windows\SysNative\lsass.exe
[2014/04/11 22:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/11 22:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014/04/11 22:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014/04/11 22:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014/04/11 22:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014/04/11 22:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[2014/04/11 22:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2012/06/04 03:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2014/05/30 04:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe

[color=#A23BEC]< MD5 for: MOUCLASS.SYS  >[/color]
[2009/07/13 21:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) MD5=7D27EA49F3C1F687D357E77A470AEA99 -- E:\Windows\SysNative\drivers\mouclass.sys
[2009/07/13 21:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) MD5=7D27EA49F3C1F687D357E77A470AEA99 -- E:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\mouclass.sys
[2009/07/13 21:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) MD5=7D27EA49F3C1F687D357E77A470AEA99 -- E:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\mouclass.sys

[color=#A23BEC]< MD5 for: MOUHID.SYS  >[/color]
[2009/07/13 20:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D3BF052C40B0C4166D9FD86A4288C1E6 -- E:\Windows\SysNative\drivers\mouhid.sys
[2009/07/13 20:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D3BF052C40B0C4166D9FD86A4288C1E6 -- E:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\mouhid.sys
[2009/07/13 20:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D3BF052C40B0C4166D9FD86A4288C1E6 -- E:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\mouhid.sys

[color=#A23BEC]< MD5 for: NETBT.SYS  >[/color]
[2010/11/20 23:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- E:\Windows\SysNative\drivers\netbt.sys
[2010/11/20 23:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- E:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys

[color=#A23BEC]< MD5 for: SERIAL.SYS  >[/color]
[2009/07/13 20:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 -- E:\Windows\SysNative\drivers\serial.sys
[2009/07/13 20:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 -- E:\Windows\SysNative\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/07/13 20:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 -- E:\Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys

[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- E:\Windows\erdnt\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- E:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- E:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

[color=#A23BEC]< MD5 for: SMSS.EXE  >[/color]
[2009/07/13 21:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- E:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014/04/11 22:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- E:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013/08/28 21:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- E:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 01:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- E:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/03/18 23:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- E:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/01 20:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- E:\Windows\SysNative\smss.exe
[2013/08/01 20:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- E:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

[color=#A23BEC]< MD5 for: SPLDR.SYS  >[/color]
[2009/07/13 21:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=B9E31E5CACDFE584F34F730A677803F9 -- E:\Windows\SysNative\drivers\spldr.sys
[2009/07/13 21:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=B9E31E5CACDFE584F34F730A677803F9 -- E:\Windows\winsxs\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59\spldr.sys

[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- E:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- E:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- E:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014/10/01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- E:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- E:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- E:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- E:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2014/04/04 22:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- E:\Windows\erdnt\cache64\tcpip.sys
[2014/04/04 22:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- E:\Windows\SysNative\drivers\tcpip.sys
[2014/04/04 22:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 13:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/07 22:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/04 22:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/20 23:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/06 22:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013/07/06 01:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012/10/03 13:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 02:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013/11/26 07:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\SysWOW64\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- E:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- E:\Windows\SysNative\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- E:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS  >[/color]
[2010/11/20 23:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- E:\Windows\SysNative\drivers\volsnap.sys
[2010/11/20 23:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- E:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 23:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- E:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys

[color=#A23BEC]< MD5 for: WININIT.EXE  >[/color]
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- E:\Windows\erdnt\cache64\wininit.exe
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- E:\Windows\SysNative\wininit.exe
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- E:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- E:\Windows\erdnt\cache86\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- E:\Windows\SysWOW64\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- E:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 07:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 05:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/16 22:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- E:\Windows\erdnt\cache64\winlogon.exe
[2014/07/16 22:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- E:\Windows\SysNative\winlogon.exe
[2014/07/16 22:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/15 23:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2014/10/01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- E:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

[color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color]
[E:\ArcheAge\Documents] -> e:\Users\Adrock\Documents\ArcheAge\ -> Junction
[E:\ArcheAge\Working] -> e:\Program Files (x86)\Glyph\Games\ArcheAge\Live\ -> Junction
[E:\Documents and Settings] -> E:\Users -> Junction
[E:\ProgramData\Application Data] -> E:\ProgramData -> Junction
[E:\ProgramData\Desktop] -> E:\Users\Public\Desktop -> Junction
[E:\ProgramData\Documents] -> E:\Users\Public\Documents -> Junction
[E:\ProgramData\Favorites] -> E:\Users\Public\Favorites -> Junction
[E:\ProgramData\Start Menu] -> E:\ProgramData\Microsoft\Windows\Start Menu -> Junction
[E:\ProgramData\Templates] -> E:\ProgramData\Microsoft\Windows\Templates -> Junction
[E:\Users\Adrock\AppData\Local\Application Data] -> E:\Users\Adrock\AppData\Local -> Junction
[E:\Users\Adrock\AppData\Local\History] -> E:\Users\Adrock\AppData\Local\Microsoft\Windows\History -> Junction
[E:\Users\Adrock\AppData\Local\Temporary Internet Files] -> E:\Users\Adrock\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[E:\Users\Adrock\Application Data] -> E:\Users\Adrock\AppData\Roaming -> Junction
[E:\Users\Adrock\Cookies] -> E:\Users\Adrock\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[E:\Users\Adrock\Documents\My Music] -> E:\Users\Adrock\Music -> Junction
[E:\Users\Adrock\Documents\My Pictures] -> E:\Users\Adrock\Pictures -> Junction
[E:\Users\Adrock\Documents\My Videos] -> E:\Users\Adrock\Videos -> Junction
[E:\Users\Adrock\Local Settings] -> E:\Users\Adrock\AppData\Local -> Junction
[E:\Users\Adrock\My Documents] -> E:\Users\Adrock\Documents -> Junction
[E:\Users\Adrock\NetHood] -> E:\Users\Adrock\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[E:\Users\Adrock\PrintHood] -> E:\Users\Adrock\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[E:\Users\Adrock\Recent] -> E:\Users\Adrock\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[E:\Users\Adrock\SendTo] -> E:\Users\Adrock\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[E:\Users\Adrock\Start Menu] -> E:\Users\Adrock\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[E:\Users\Adrock\Templates] -> E:\Users\Adrock\AppData\Roaming\Microsoft\Windows\Templates -> Junction
[E:\Users\All Users\Application Data] -> E:\ProgramData -> Junction
[E:\Users\All Users\Desktop] -> E:\Users\Public\Desktop -> Junction
[E:\Users\All Users\Documents] -> E:\Users\Public\Documents -> Junction
[E:\Users\All Users\Favorites] -> E:\Users\Public\Favorites -> Junction
[E:\Users\All Users\Start Menu] -> E:\ProgramData\Microsoft\Windows\Start Menu -> Junction
[E:\Users\All Users\Templates] -> E:\ProgramData\Microsoft\Windows\Templates -> Junction
[E:\Users\All Users] ->  -> Unknown point type
[E:\Users\Default User] -> E:\Users\Default -> Junction
[E:\Users\Default\AppData\Local\Application Data] -> E:\Users\Default\AppData\Local -> Junction
[E:\Users\Default\AppData\Local\History] -> E:\Users\Default\AppData\Local\Microsoft\Windows\History -> Junction
[E:\Users\Default\AppData\Local\Temporary Internet Files] -> E:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[E:\Users\Default\Application Data] -> E:\Users\Default\AppData\Roaming -> Junction
[E:\Users\Default\Documents\My Music] -> E:\Users\Default\Music -> Junction
[E:\Users\Default\Documents\My Pictures] -> E:\Users\Default\Pictures -> Junction
[E:\Users\Default\Documents\My Videos] -> E:\Users\Default\Videos -> Junction
[E:\Users\Default\Local Settings] -> E:\Users\Default\AppData\Local -> Junction
[E:\Users\Default\My Documents] -> E:\Users\Default\Documents -> Junction
[E:\Users\Default\NetHood] -> E:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[E:\Users\Default\PrintHood] -> E:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[E:\Users\Default\Recent] -> E:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[E:\Users\Default\SendTo] -> E:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[E:\Users\Default\Start Menu] -> E:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[E:\Users\Default\Templates] -> E:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates -> Junction
[E:\Users\Public\Documents\My Music] -> E:\Users\Public\Music -> Junction
[E:\Users\Public\Documents\My Pictures] -> E:\Users\Public\Pictures -> Junction
[E:\Users\Public\Documents\My Videos] -> E:\Users\Public\Videos -> Junction

< End of report >