• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

[Opgelost] bsod met simcity en need for speed rivals

Status
Niet open voor verdere reacties.
Pascalboy

Pascalboy

Gevestigd lid
Lid geworden
14 jul 2013
Berichten
267
Waarderingsscore
0
Hallo, Ik probeer al een tijdje need for speed rivals te spelen maar dat gaat gewoon totaal niet, mijn cpu wordt 90 graden en ik krijg de error dat mijn ram te vol zit :wall: . Toen had ik het opgegeven bij deze game, Sinds vandaag heb ik simcity gekocht omdat deze in de aanbeiding was en weer heb ik een bsod alleen geen error over mijn ram. Ik heb hier mijn bsod gepost:

Logboeknaam: System
Bron: Microsoft-Windows-Kernel-Power
Datum: 8-12-2013 20:19:57
Gebeurtenis-id:41
Taakcategorie: (63)
Niveau: Kritiek
Trefwoorden: (2)
Gebruiker: SYSTEM
Computer: Pascal-pad
Beschrijving:
Het systeem is opnieuw opgestart zonder eerst correct te zijn afgesloten. Deze fout is mogelijk veroorzaakt doordat het systeem niet meer reageert of is vastgelopen of doordat de stroom is uitgevallen.
Gebeurtenis-XML:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />
<EventID>41</EventID>
<Version>3</Version>
<Level>1</Level>
<Task>63</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000002</Keywords>
<TimeCreated SystemTime="2013-12-08T19:19:57.995853500Z" />
<EventRecordID>101712</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="8" />
<Channel>System</Channel>
<Computer>Pascal-pad</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="BugcheckCode">0</Data>
<Data Name="BugcheckParameter1">0x0</Data>
<Data Name="BugcheckParameter2">0x0</Data>
<Data Name="BugcheckParameter3">0x0</Data>
<Data Name="BugcheckParameter4">0x0</Data>
<Data Name="SleepInProgress">1</Data>
<Data Name="PowerButtonTimestamp">130310018403976349</Data>
<Data Name="BootAppStatus">0</Data>
</EventData>
</Event>


Ik hoop dat jullie hier de oorzaak in kunnen vinden als je meer info wilt moet je het zeggen. Dit is trouwens mijn laptop:

Lenovo ideapad y510p: http://tweakers.net/pricewatch/345048/lenovo-ideapad-y510p-(59375359).html
Toch 1000 euro dus daar kan het niet aan liggen, Ik heb voor alle settings gewoon mijn video kaart optimalaiatie programma gebruikt dus daar zou het niet aan moeten liggen, anders is het wel een erg bagger programma. Ik begin echt te balen van mijn laptop aangezien hij vaak vast loopt tijdens het inloggen ook nog eens plus alle Intel wifi problemen :wall:.


Ik hoop dat jullie me hiermee kunnen helpen en alvast bedankt. en alle spellen zijn legaal!
 
Re: bsod met simcity en need for speed rivals

Enkel de link posten van onderstaand programma:

smiley_says_hello.gif
hartelijk welkom geheten op dit geweldige forum.
 
Re: bsod met simcity en need for speed rivals

euhm 2 kleine dingetjes..
1. Welke programma eigenlijk ik zie alleen een smiley :biggrin:
2.U heeft geholpen met deze laptop kiezen, zo nieuw ben ik nu ook weer niet had wel een ander forum in de tussentijd gebruikt maar dit blijft toch het beste!


edit: simcity reageert ook vaak niet als ik hem opstart

---------- Bericht toegevoegd op 06:48 ---------- Vorige bericht was op 06:14 ----------

Kon hem niet snel bewerken sorry voor de dubbel post maar ik krijg deze error nu ook, moet snel naar school :p http://gyazo.com/a3fd215e374aaa9bccc299ce47ad10fc
 
Laatst bewerkt door een moderator:
Re: bsod met simcity en need for speed rivals

Ik ben schijnbaar iets vergeten te posten.
Dus bij deze (enkel de link posten die je krijgt):

Download
51ec442687372-sp_64_Canned.png
Speccy van Piriform

Bij de installatie van "Speccy" wordt gevraagd om de Google Chrome webbrowser mee te installeren.
Indien je dit niet wenst, verwijder dan de vinkjes.

Speccy van Piriform opstarten:
  • Windows 2000 en Windows XP: start "Speccy" middels dubbelklikken.
  • Windows Vista en Windows 7: start "Speccy" middels rechtsklik en dan kiezen voor Als Administrator uitvoeren.

Speccy van Piriform gebruiken:
  • nadat de analyse van Windows klaar is, plaatst "Speccy" de uitkomst daarvan in een nieuw venster.
  • Klik nu in de menubalk op Bestand(File) en kies voor Publiceren(Publish Snapshot)
  • Bevestig het publiceren door JA(Yes) te klikken.
  • Nu zal een pop-upvenster openen met daarin de vraag voor wel of niet publiceren.
    [*]Bevestig dat eerste dus.
    [*]Kopieer nu de link in het nieuw geopende webvenster en plak die link in jouw volgende bericht.
 
Re: bsod met simcity en need for speed rivals

Wat gebeurt er indien je de snelkoppeling naar need for speed rivals met rechts aanklikt en dan kies voor "Uitvoeren met grafische processor > Krachtige nVidiaprocessor"?
 
Re: bsod met simcity en need for speed rivals

Dat doe ik standaardt maar helaas krijg ik bij dat spel na 10 minuten een bsod en bij simcity soms 2 uur of soms 10 min... mijn temp loopt ook op tot 90 graden, zelfs al zet ik alle settings op low... En de intel grafics zijn niet om mee te werken...
 
Laatst bewerkt door een moderator:
Re: bsod met simcity en need for speed rivals

Ik heb jouw topic verplaatst.

Download
51f51523a23a0-OTL_Canned_Nieuw.png
OTL.exe

Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters!

OTL.exe gebruiken:
  • Windows 2000 en Windows XP: dubbelklik op OTL.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op OTL.exe en kies voor "Als Administrator uitvoeren".
  • Zet een vinkje bij Scan All Users, LOP Check en bij PURITY Check.

  • Kopieer onderstaande in de Code-kader staande tekst en plak deze in het kader onder
    4f9111a6d2a6c-OTL-2.png

    Code: 
    services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
netsvcs
BASESERVICES
DRIVES
msconfig
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /mp /s
%systemroot%\system32\*.sys /90
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /90
%PROGRAMFILES%\*
%USERPROFILE%\..|smtmp;true;true;true /FP
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT
  • Klik vervolgens op de knop
    50cd93c69be5b-OTL_-_Run_Scan_knop.jpg
    .
  • Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
  • De scan zal niet heel erg lang duren.
    • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: OTL.Txt en Extras.txt.
    • Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.
Notabene: indien het log niet in ??n bericht past, spreidt het dan over twee of meer berichten.
Notabene 2: Wanneer je een groot log post van bijv. OTL, dan heb je snel de neiging nogmaals op de knop te drukken, omdat het duurt.
Doordat de forum software even tijd nodig heeft zo'n groot log klaar te maken kan het dus even duren, voordat je resultaat krijgt en ziet.
Heb je dan nogmaals op de nop geklikt, dan wordt het bericht dus nogmaals gepost!
 
Re: bsod met simcity en need for speed rivals

extras.txt http://pastebin.com/6RBYeSXs
OTL.txt http://pastebin.com/wiYpF8cA

Maar mijn simcity enzo staan in G:\Program Files (x86) Ik weet niet of dit wat uitmaakt?

Zal het dan echt een virus ofzo zijn? aangezien ik mijn pc altijd scan met een virusscanner en anti-malware
 
Laatst bewerkt door een moderator:
Re: bsod met simcity en need for speed rivals

Dat zal blijken uit het log - dus doe dat nu maar!
 
Re: bsod met simcity en need for speed rivals

Hoe moet ik dat doen in die code aanpassen?
 
Re: bsod met simcity en need for speed rivals

Goed lezen wat er staat.
 
Re: bsod met simcity en need for speed rivals

Zo te zien wat de foutmelding betreft is de Intel Driver voor de onboard videokaart vernieuwd over de oude heen!

En Pastebin is niet bereikbaar,
Als daar het tekstbestand van het log staat - dan de inhoud daarvan kopi?ren en in je volgende bericht plakken!
 
Re: bsod met simcity en need for speed rivals

Verdelen over meerdere vensters.
 
Re: bsod met simcity en need for speed rivals

OTL logfile created on: 9-12-2013 16:53:39 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = G:\pascal\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16438)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

7,73 Gb Total Physical Memory | 5,75 Gb Available Physical Memory | 74,39% Memory free
15,48 Gb Paging File | 13,22 Gb Available in Paging File | 85,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,41 Gb Total Space | 13,97 Gb Free Space | 13,91% Space Free | Partition Type: NTFS
Drive F: | 62,13 Gb Total Space | 43,88 Gb Free Space | 70,62% Space Free | Partition Type: NTFS
Drive G: | 600,54 Gb Total Space | 350,44 Gb Free Space | 58,35% Space Free | Partition Type: NTFS

Computer Name: PASCAL-PAD | User Name: pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-12-09 14:47:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\pascal\Desktop\OTL.exe
PRC - [2013-12-08 15:17:38 | 003,551,576 | ---- | M] (Electronic Arts) -- G:\Program Files (x86)\Origin\Origin.exe
PRC - [2013-12-06 07:36:05 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013-12-04 18:23:36 | 004,161,512 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2013-11-29 17:57:02 | 002,273,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013-11-29 17:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-11-08 21:46:18 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-10-30 19:09:08 | 002,990,304 | ---- | M] (Nota Inc.) -- C:\Program Files (x86)\Gyazo\GyStation.exe
PRC - [2013-10-28 11:42:21 | 003,567,800 | ---- | M] (AVAST Software) -- G:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2013-10-28 11:41:50 | 000,050,344 | ---- | M] (AVAST Software) -- G:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-10-16 00:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\Users\pascal\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013-10-01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013-09-25 17:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013-09-02 11:49:56 | 000,790,368 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2013-09-02 11:49:54 | 003,143,008 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2013-09-02 11:49:50 | 007,015,776 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
PRC - [2013-08-27 11:42:50 | 000,358,480 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2013-08-27 11:42:48 | 000,111,696 | ---- | M] (VMware, Inc.) -- C:\Users\pascal\vmware-tray.exe
PRC - [2013-08-27 11:42:14 | 000,437,328 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2013-08-27 11:09:34 | 014,401,104 | ---- | M] () -- C:\Users\pascal\vmware-hostd.exe
PRC - [2013-08-27 10:50:10 | 000,086,096 | ---- | M] (VMware, Inc.) -- C:\Users\pascal\vmware-authd.exe
PRC - [2013-08-07 11:47:26 | 000,609,056 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2013-04-09 07:37:10 | 000,479,824 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
PRC - [2013-04-09 07:33:48 | 000,479,824 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
PRC - [2012-08-30 17:42:36 | 000,508,176 | ---- | M] (Verbatim) -- C:\Program Files (x86)\Verbatim\GREEN BUTTON\GREEN BUTTON.exe
PRC - [2011-06-09 16:43:50 | 000,499,796 | ---- | M] (Atheros) -- C:\Windows\SysWOW64\acs.exe


========== Modules (No Company Name) ==========

MOD - [2013-12-09 16:19:41 | 000,805,888 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._gdi_.pyd
MOD - [2013-12-09 16:19:41 | 000,557,056 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\pysqlite2._sqlite.pyd
MOD - [2013-12-09 16:19:41 | 000,320,512 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32com.shell.shell.pyd
MOD - [2013-12-09 16:19:41 | 000,128,512 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_elementtree.pyd
MOD - [2013-12-09 16:19:41 | 000,098,816 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32api.pyd
MOD - [2013-12-09 16:19:41 | 000,070,656 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._html2.pyd
MOD - [2013-12-09 16:19:41 | 000,044,032 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_socket.pyd
MOD - [2013-12-09 16:19:41 | 000,026,624 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_multiprocessing.pyd
MOD - [2013-12-09 16:19:41 | 000,022,528 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32ts.pyd
MOD - [2013-12-09 16:19:41 | 000,011,264 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32crypt.pyd
MOD - [2013-12-09 16:19:40 | 001,175,040 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._core_.pyd
MOD - [2013-12-09 16:19:40 | 001,153,024 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_ssl.pyd
MOD - [2013-12-09 16:19:40 | 000,811,008 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._windows_.pyd
MOD - [2013-12-09 16:19:40 | 000,735,232 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._misc_.pyd
MOD - [2013-12-09 16:19:40 | 000,711,680 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_hashlib.pyd
MOD - [2013-12-09 16:19:40 | 000,504,832 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\windows._cacheinvalidation.pyd
MOD - [2013-12-09 16:19:40 | 000,364,544 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\pythoncom27.dll
MOD - [2013-12-09 16:19:40 | 000,110,080 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\pywintypes27.dll
MOD - [2013-12-09 16:19:40 | 000,108,544 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32security.pyd
MOD - [2013-12-09 16:19:40 | 000,087,040 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_ctypes.pyd
MOD - [2013-12-09 16:19:40 | 000,035,840 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32process.pyd
MOD - [2013-12-09 16:19:40 | 000,025,600 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32pdh.pyd
MOD - [2013-12-09 16:19:40 | 000,017,408 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32profile.pyd
MOD - [2013-12-09 16:19:39 | 000,122,368 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._wizard.pyd
MOD - [2013-12-09 16:19:39 | 000,119,808 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32file.pyd
MOD - [2013-12-09 16:19:39 | 000,038,912 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32inet.pyd
MOD - [2013-12-09 16:19:38 | 001,062,400 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._controls_.pyd
MOD - [2013-12-09 16:19:38 | 000,686,080 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\unicodedata.pyd
MOD - [2013-12-09 16:19:38 | 000,127,488 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\pyexpat.pyd
MOD - [2013-12-09 16:19:38 | 000,018,432 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32event.pyd
MOD - [2013-12-09 16:19:38 | 000,010,240 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\select.pyd
MOD - [2013-12-08 15:17:40 | 000,064,000 | ---- | M] () -- G:\Program Files (x86)\Origin\tufao.dll
MOD - [2013-11-23 20:26:48 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013-10-28 11:41:51 | 019,336,120 | ---- | M] () -- G:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013-11-29 17:56:40 | 015,128,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013-10-22 02:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013-10-19 06:37:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013-10-18 14:31:54 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV:64bit: - [2013-10-10 17:23:32 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013-10-10 11:40:53 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013-10-04 22:58:24 | 000,087,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV:64bit: - [2013-10-04 09:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013-09-30 05:15:09 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013-09-30 05:15:09 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013-09-30 05:15:08 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013-09-30 05:15:07 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013-08-28 15:24:04 | 003,378,416 | ---- | M] (Intel? Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013-08-28 15:23:48 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013-08-28 15:23:40 | 000,626,416 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013-08-28 15:23:20 | 000,149,744 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013-08-22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013-08-22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013-08-22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013-08-22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013-08-22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013-08-22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013-08-22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013-08-22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013-08-22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013-08-22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013-08-22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013-08-22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013-08-22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-08-22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013-08-22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013-08-22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-08-22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-08-22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013-08-22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013-08-22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013-08-22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013-08-22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-08-22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013-05-21 07:14:18 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2013-02-13 20:47:04 | 000,820,184 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2013-02-13 20:46:48 | 000,731,648 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2013-01-31 23:20:50 | 000,015,344 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2012-09-12 17:07:06 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2013-12-04 18:23:36 | 004,161,512 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2013-12-04 03:51:18 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-11-29 17:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013-11-17 15:23:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-10-28 11:41:50 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- G:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013-10-03 22:43:02 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013-10-01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013-09-30 05:15:06 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013-09-11 03:26:44 | 000,118,680 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-09-05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-02 11:49:56 | 000,790,368 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2013-08-27 11:42:50 | 000,358,480 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013-08-27 11:42:14 | 000,437,328 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2013-08-27 11:09:34 | 014,401,104 | ---- | M] () [Auto | Running] -- C:\Users\pascal\vmware-hostd.exe -- (VMwareHostd)
SRV - [2013-08-27 10:50:10 | 000,086,096 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Users\pascal\vmware-authd.exe -- (VMAuthdService)
SRV - [2013-08-26 22:33:42 | 000,904,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2013-08-22 14:37:02 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2013-08-22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013-08-22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013-08-22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013-08-22 03:21:36 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2013-08-22 02:55:00 | 000,142,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2013-08-07 11:47:26 | 000,609,056 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2013-05-16 03:08:46 | 000,366,552 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013-05-16 03:08:14 | 000,169,432 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013-05-16 03:08:14 | 000,131,544 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2013-04-15 21:39:56 | 000,161,736 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe -- (Intel(R)
SRV - [2013-04-09 07:37:10 | 000,479,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe -- (vmware-converter-worker)
SRV - [2013-04-09 07:37:10 | 000,479,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe -- (vmware-converter-server)
SRV - [2013-04-09 07:33:48 | 000,479,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe -- (vmware-converter-agent)
SRV - [2013-03-18 23:25:26 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2013-03-18 23:25:08 | 001,124,728 | ---- | M] (Motorola Solutions, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011-06-09 16:43:50 | 000,499,796 | ---- | M] (Atheros) [Auto | Running] -- C:\Windows\SysWOW64\acs.exe -- (ACS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-11-23 20:26:48 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013-11-10 06:15:55 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2013-10-30 18:03:12 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-10-28 11:41:52 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-10-28 11:41:52 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-10-28 11:41:52 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-10-28 11:41:52 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-10-28 11:41:52 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-10-28 11:41:52 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-10-15 11:42:24 | 001,390,904 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2013-10-15 11:42:10 | 000,069,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2013-10-13 03:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013-10-08 12:07:14 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013-10-05 16:25:54 | 000,371,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013-10-05 16:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013-10-03 22:42:44 | 004,185,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013-09-30 05:15:06 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013-09-30 05:15:06 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013-09-30 05:15:06 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013-09-30 05:15:06 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013-09-30 05:02:01 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013-09-30 05:01:56 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013-09-26 10:08:22 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013-09-26 10:08:22 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013-09-11 13:46:25 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013-08-27 11:42:46 | 000,030,800 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2013-08-27 11:42:20 | 000,064,080 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2013-08-27 11:42:02 | 000,046,160 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2013-08-27 11:42:02 | 000,020,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2013-08-26 22:33:30 | 000,053,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2013-08-26 22:33:26 | 000,051,256 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2013-08-22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013-08-22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013-08-22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013-08-22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013-08-22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-08-22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013-08-22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013-08-22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013-08-22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013-08-22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013-08-22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013-08-22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013-08-22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013-08-22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013-08-22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013-08-22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013-08-22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013-08-22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013-08-22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013-08-22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013-08-22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013-08-22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013-08-22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013-08-22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013-08-22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013-08-22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013-08-22 13:43:31 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013-08-22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-08-22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013-08-22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013-08-22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013-08-22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013-08-22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013-08-22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013-08-22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013-08-22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013-08-22 13:35:30 | 003,345,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013-08-22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013-08-22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013-08-22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013-08-22 12:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013-08-22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013-08-22 12:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013-08-22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013-08-22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013-08-22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013-08-22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013-08-22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013-08-22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013-08-22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-08-22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013-08-22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013-08-22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013-08-22 12:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013-08-22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013-08-22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013-08-22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013-08-22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013-08-22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013-08-22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013-08-22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013-08-22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013-08-22 12:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013-08-22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013-08-22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013-08-22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013-08-22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013-08-22 11:27:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2013-08-22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013-08-15 17:25:16 | 000,073,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2013-08-15 17:25:12 | 000,085,584 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2013-08-13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013-08-10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013-07-30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013-07-25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013-07-01 09:25:12 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013-07-01 09:25:10 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013-06-27 23:54:16 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2013-06-27 23:54:16 | 000,033,560 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2013-06-18 15:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013-05-21 07:14:00 | 000,165,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013-05-16 03:08:14 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013-05-08 01:25:22 | 000,442,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013-03-22 04:06:30 | 000,091,368 | ---- | M] (GenesysLogic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GeneStor.sys -- (GeneStor)
DRV:64bit: - [2013-03-15 05:38:48 | 008,243,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2013-03-08 09:58:18 | 000,473,840 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013-03-08 09:58:18 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013-01-31 23:20:10 | 000,652,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012-06-14 01:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2011-11-25 01:25:52 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2010-01-05 02:23:20 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV - [2013-08-24 17:22:58 | 000,070,960 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2013-03-28 18:03:02 | 000,026,176 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {DAC5111B-0E44-4B1F-8C26-38ACD38117FF}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{DAC5111B-0E44-4B1F-8C26-38ACD38117FF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=NL&userid=07fd3b04-7404-3fa0-9ffd-1b2a02befff5&searchtype=ds&q={searchTerms}&installDate=11/10/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=NL&userid=07fd3b04-7404-3fa0-9ffd-1b2a02befff5&searchtype=ds&q={searchTerms}&installDate=11/10/2013
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=NL&userid=07fd3b04-7404-3fa0-9ffd-1b2a02befff5&searchtype=hp&installDate=11/10/2013"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..keyword.URL: "http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=NL&userid=07fd3b04-7404-3fa0-9ffd-1b2a02befff5&searchtype=ds&installDate=11/10/2013&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: G:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-28 11:41:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-11-19 07:11:33 | 000,000,000 | ---D | M]

[2013-09-22 20:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pascal\AppData\Roaming\mozilla\Extensions
[2013-11-11 08:00:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pascal\AppData\Roaming\mozilla\Firefox\Profiles\fgvchz34.default\extensions
[2013-10-11 05:23:26 | 000,002,427 | ---- | M] () -- C:\Users\pascal\AppData\Roaming\mozilla\firefox\profiles\fgvchz34.default\searchplugins\Web Search.xml
[2013-09-23 18:33:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions
[2013-09-22 20:48:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013-09-22 20:48:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-10-17 11:25:52 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - Extension: Google Drive = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0\
CHR - Extension: AdBlock = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: Spell Checker for Chrome = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg\0.9.3.8_0\
CHR - Extension: ImageShack-Clickberry Extension = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoheopifiepihlmifonnknocnlfapgc\2.1.3_0\
CHR - Extension: SPDY indicator = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpbpobfflnpcgagjijhmgnchggcjblin\0.4.0_0\
CHR - Extension: Google Wallet = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: 3D Bomb Destroyer = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom\1.0.6_0\
CHR - Extension: Cacoo - Diagramming & Real-Time Collaboration = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcflmbddgcmomcfngehfhlajjapabojh\1.2.0_0\

O1 HOSTS File: ([2013-10-27 16:23:17 | 000,000,021 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - G:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Microsoft Web Test Recorder 12.0 Helper) - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - G:\Program Files (x86)\Microsoft Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - G:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - G:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - G:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - G:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtsFT] C:\windows\RTFTrack.exe (Realtek semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
O4:64bit: - HKLM..\Run: [UMonit64] C:\Windows\SysWOW64\UMonit64.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [20131121] G:\Program Files\AVAST Software\Avast\setup\emupdate\b6ff59fd-771a-4764-bcfb-e23d5aed51ef.exe (AVAST Software)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] G:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [ICIDU AWCU] C:\Program Files (x86)\Wireless\ICIDU NI-707535 Wireless N Client Utility\ICIDU AWCU.exe ()
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vmware-tray.exe] C:\Users\pascal\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [Akamai NetSession Interface] C:\Users\pascal\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [EADM] G:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [f.lux] C:\Users\pascal\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [HP Photosmart Plus B210 series (NET)] C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [RESTART_STICKY_NOTES] C:\WINDOWS\system32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [uTorrent] C:\Users\pascal\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
O4 - Startup: C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verbatim GREEN BUTTON.lnk = C:\Program Files (x86)\Verbatim\GREEN BUTTON\GREEN BUTTON.exe (Verbatim)
O4 - Startup: C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
 
Re: bsod met simcity en need for speed rivals

OTL logfile created on: 9-12-2013 16:53:39 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = G:\pascal\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16438)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

7,73 Gb Total Physical Memory | 5,75 Gb Available Physical Memory | 74,39% Memory free
15,48 Gb Paging File | 13,22 Gb Available in Paging File | 85,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,41 Gb Total Space | 13,97 Gb Free Space | 13,91% Space Free | Partition Type: NTFS
Drive F: | 62,13 Gb Total Space | 43,88 Gb Free Space | 70,62% Space Free | Partition Type: NTFS
Drive G: | 600,54 Gb Total Space | 350,44 Gb Free Space | 58,35% Space Free | Partition Type: NTFS

Computer Name: PASCAL-PAD | User Name: pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-12-09 14:47:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\pascal\Desktop\OTL.exe
PRC - [2013-12-08 15:17:38 | 003,551,576 | ---- | M] (Electronic Arts) -- G:\Program Files (x86)\Origin\Origin.exe
PRC - [2013-12-06 07:36:05 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013-12-04 18:23:36 | 004,161,512 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2013-11-29 17:57:02 | 002,273,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013-11-29 17:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-11-08 21:46:18 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-10-30 19:09:08 | 002,990,304 | ---- | M] (Nota Inc.) -- C:\Program Files (x86)\Gyazo\GyStation.exe
PRC - [2013-10-28 11:42:21 | 003,567,800 | ---- | M] (AVAST Software) -- G:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2013-10-28 11:41:50 | 000,050,344 | ---- | M] (AVAST Software) -- G:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-10-16 00:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\Users\pascal\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013-10-01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013-09-25 17:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013-09-02 11:49:56 | 000,790,368 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2013-09-02 11:49:54 | 003,143,008 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2013-09-02 11:49:50 | 007,015,776 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
PRC - [2013-08-27 11:42:50 | 000,358,480 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2013-08-27 11:42:48 | 000,111,696 | ---- | M] (VMware, Inc.) -- C:\Users\pascal\vmware-tray.exe
PRC - [2013-08-27 11:42:14 | 000,437,328 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2013-08-27 11:09:34 | 014,401,104 | ---- | M] () -- C:\Users\pascal\vmware-hostd.exe
PRC - [2013-08-27 10:50:10 | 000,086,096 | ---- | M] (VMware, Inc.) -- C:\Users\pascal\vmware-authd.exe
PRC - [2013-08-07 11:47:26 | 000,609,056 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2013-04-09 07:37:10 | 000,479,824 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
PRC - [2013-04-09 07:33:48 | 000,479,824 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
PRC - [2012-08-30 17:42:36 | 000,508,176 | ---- | M] (Verbatim) -- C:\Program Files (x86)\Verbatim\GREEN BUTTON\GREEN BUTTON.exe
PRC - [2011-06-09 16:43:50 | 000,499,796 | ---- | M] (Atheros) -- C:\Windows\SysWOW64\acs.exe


========== Modules (No Company Name) ==========

MOD - [2013-12-09 16:19:41 | 000,805,888 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._gdi_.pyd
MOD - [2013-12-09 16:19:41 | 000,557,056 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\pysqlite2._sqlite.pyd
MOD - [2013-12-09 16:19:41 | 000,320,512 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32com.shell.shell.pyd
MOD - [2013-12-09 16:19:41 | 000,128,512 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_elementtree.pyd
MOD - [2013-12-09 16:19:41 | 000,098,816 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32api.pyd
MOD - [2013-12-09 16:19:41 | 000,070,656 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._html2.pyd
MOD - [2013-12-09 16:19:41 | 000,044,032 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_socket.pyd
MOD - [2013-12-09 16:19:41 | 000,026,624 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_multiprocessing.pyd
MOD - [2013-12-09 16:19:41 | 000,022,528 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32ts.pyd
MOD - [2013-12-09 16:19:41 | 000,011,264 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32crypt.pyd
MOD - [2013-12-09 16:19:40 | 001,175,040 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._core_.pyd
MOD - [2013-12-09 16:19:40 | 001,153,024 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_ssl.pyd
MOD - [2013-12-09 16:19:40 | 000,811,008 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._windows_.pyd
MOD - [2013-12-09 16:19:40 | 000,735,232 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._misc_.pyd
MOD - [2013-12-09 16:19:40 | 000,711,680 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_hashlib.pyd
MOD - [2013-12-09 16:19:40 | 000,504,832 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\windows._cacheinvalidation.pyd
MOD - [2013-12-09 16:19:40 | 000,364,544 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\pythoncom27.dll
MOD - [2013-12-09 16:19:40 | 000,110,080 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\pywintypes27.dll
MOD - [2013-12-09 16:19:40 | 000,108,544 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32security.pyd
MOD - [2013-12-09 16:19:40 | 000,087,040 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\_ctypes.pyd
MOD - [2013-12-09 16:19:40 | 000,035,840 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32process.pyd
MOD - [2013-12-09 16:19:40 | 000,025,600 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32pdh.pyd
MOD - [2013-12-09 16:19:40 | 000,017,408 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32profile.pyd
MOD - [2013-12-09 16:19:39 | 000,122,368 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._wizard.pyd
MOD - [2013-12-09 16:19:39 | 000,119,808 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32file.pyd
MOD - [2013-12-09 16:19:39 | 000,038,912 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32inet.pyd
MOD - [2013-12-09 16:19:38 | 001,062,400 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\wx._controls_.pyd
MOD - [2013-12-09 16:19:38 | 000,686,080 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\unicodedata.pyd
MOD - [2013-12-09 16:19:38 | 000,127,488 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\pyexpat.pyd
MOD - [2013-12-09 16:19:38 | 000,018,432 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\win32event.pyd
MOD - [2013-12-09 16:19:38 | 000,010,240 | ---- | M] () -- C:\Users\pascal\AppData\Local\Temp\_MEI10722\select.pyd
MOD - [2013-12-08 15:17:40 | 000,064,000 | ---- | M] () -- G:\Program Files (x86)\Origin\tufao.dll
MOD - [2013-11-23 20:26:48 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013-10-28 11:41:51 | 019,336,120 | ---- | M] () -- G:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013-11-29 17:56:40 | 015,128,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013-10-22 02:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013-10-19 06:37:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013-10-18 14:31:54 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV:64bit: - [2013-10-10 17:23:32 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013-10-10 11:40:53 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013-10-04 22:58:24 | 000,087,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV:64bit: - [2013-10-04 09:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013-09-30 05:15:09 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013-09-30 05:15:09 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013-09-30 05:15:08 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013-09-30 05:15:07 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013-08-28 15:24:04 | 003,378,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013-08-28 15:23:48 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013-08-28 15:23:40 | 000,626,416 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013-08-28 15:23:20 | 000,149,744 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013-08-22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013-08-22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013-08-22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013-08-22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013-08-22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013-08-22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013-08-22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013-08-22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013-08-22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013-08-22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013-08-22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013-08-22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013-08-22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013-08-22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-08-22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013-08-22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013-08-22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-08-22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-08-22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013-08-22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013-08-22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013-08-22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013-08-22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-08-22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013-05-21 07:14:18 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2013-02-13 20:47:04 | 000,820,184 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2013-02-13 20:46:48 | 000,731,648 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2013-01-31 23:20:50 | 000,015,344 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2012-09-12 17:07:06 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2013-12-04 18:23:36 | 004,161,512 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2013-12-04 03:51:18 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-11-29 17:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013-11-17 15:23:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-10-28 11:41:50 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- G:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013-10-03 22:43:02 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013-10-01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013-09-30 05:15:06 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013-09-11 03:26:44 | 000,118,680 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-09-05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-02 11:49:56 | 000,790,368 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2013-08-27 11:42:50 | 000,358,480 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013-08-27 11:42:14 | 000,437,328 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2013-08-27 11:09:34 | 014,401,104 | ---- | M] () [Auto | Running] -- C:\Users\pascal\vmware-hostd.exe -- (VMwareHostd)
SRV - [2013-08-27 10:50:10 | 000,086,096 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Users\pascal\vmware-authd.exe -- (VMAuthdService)
SRV - [2013-08-26 22:33:42 | 000,904,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2013-08-22 14:37:02 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2013-08-22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013-08-22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013-08-22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013-08-22 03:21:36 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2013-08-22 02:55:00 | 000,142,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2013-08-07 11:47:26 | 000,609,056 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2013-05-16 03:08:46 | 000,366,552 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013-05-16 03:08:14 | 000,169,432 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013-05-16 03:08:14 | 000,131,544 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2013-04-15 21:39:56 | 000,161,736 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe -- (Intel(R)
SRV - [2013-04-09 07:37:10 | 000,479,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe -- (vmware-converter-worker)
SRV - [2013-04-09 07:37:10 | 000,479,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe -- (vmware-converter-server)
SRV - [2013-04-09 07:33:48 | 000,479,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe -- (vmware-converter-agent)
SRV - [2013-03-18 23:25:26 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2013-03-18 23:25:08 | 001,124,728 | ---- | M] (Motorola Solutions, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011-06-09 16:43:50 | 000,499,796 | ---- | M] (Atheros) [Auto | Running] -- C:\Windows\SysWOW64\acs.exe -- (ACS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-11-23 20:26:48 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013-11-10 06:15:55 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2013-10-30 18:03:12 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-10-28 11:41:52 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-10-28 11:41:52 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-10-28 11:41:52 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-10-28 11:41:52 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-10-28 11:41:52 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-10-28 11:41:52 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-10-15 11:42:24 | 001,390,904 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2013-10-15 11:42:10 | 000,069,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2013-10-13 03:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013-10-08 12:07:14 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013-10-05 16:25:54 | 000,371,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013-10-05 16:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013-10-03 22:42:44 | 004,185,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013-09-30 05:15:06 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013-09-30 05:15:06 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013-09-30 05:15:06 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013-09-30 05:15:06 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013-09-30 05:02:01 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013-09-30 05:01:56 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013-09-26 10:08:22 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013-09-26 10:08:22 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013-09-11 13:46:25 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013-08-27 11:42:46 | 000,030,800 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2013-08-27 11:42:20 | 000,064,080 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2013-08-27 11:42:02 | 000,046,160 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2013-08-27 11:42:02 | 000,020,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2013-08-26 22:33:30 | 000,053,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2013-08-26 22:33:26 | 000,051,256 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2013-08-22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013-08-22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013-08-22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013-08-22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013-08-22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-08-22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013-08-22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013-08-22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013-08-22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013-08-22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013-08-22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013-08-22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013-08-22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013-08-22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013-08-22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013-08-22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013-08-22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013-08-22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013-08-22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013-08-22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013-08-22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013-08-22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013-08-22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013-08-22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013-08-22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013-08-22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013-08-22 13:43:31 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013-08-22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-08-22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013-08-22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013-08-22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013-08-22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013-08-22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013-08-22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013-08-22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013-08-22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013-08-22 13:35:30 | 003,345,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013-08-22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013-08-22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013-08-22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013-08-22 12:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013-08-22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013-08-22 12:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013-08-22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013-08-22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013-08-22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013-08-22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013-08-22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013-08-22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013-08-22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-08-22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013-08-22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013-08-22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013-08-22 12:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013-08-22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013-08-22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013-08-22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013-08-22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013-08-22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013-08-22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013-08-22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013-08-22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013-08-22 12:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013-08-22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013-08-22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013-08-22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013-08-22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013-08-22 11:27:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2013-08-22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013-08-15 17:25:16 | 000,073,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2013-08-15 17:25:12 | 000,085,584 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2013-08-13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013-08-10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013-07-30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013-07-25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013-07-01 09:25:12 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013-07-01 09:25:10 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013-06-27 23:54:16 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2013-06-27 23:54:16 | 000,033,560 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2013-06-18 15:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013-05-21 07:14:00 | 000,165,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013-05-16 03:08:14 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013-05-08 01:25:22 | 000,442,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013-03-22 04:06:30 | 000,091,368 | ---- | M] (GenesysLogic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GeneStor.sys -- (GeneStor)
DRV:64bit: - [2013-03-15 05:38:48 | 008,243,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2013-03-08 09:58:18 | 000,473,840 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013-03-08 09:58:18 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013-01-31 23:20:10 | 000,652,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012-06-14 01:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2011-11-25 01:25:52 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2010-01-05 02:23:20 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV - [2013-08-24 17:22:58 | 000,070,960 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2013-03-28 18:03:02 | 000,026,176 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {DAC5111B-0E44-4B1F-8C26-38ACD38117FF}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{DAC5111B-0E44-4B1F-8C26-38ACD38117FF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=NL&userid=07fd3b04-7404-3fa0-9ffd-1b2a02befff5&searchtype=ds&q={searchTerms}&installDate=11/10/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=NL&userid=07fd3b04-7404-3fa0-9ffd-1b2a02befff5&searchtype=ds&q={searchTerms}&installDate=11/10/2013
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1604072601-479498276-4294810608-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=NL&userid=07fd3b04-7404-3fa0-9ffd-1b2a02befff5&searchtype=hp&installDate=11/10/2013"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..keyword.URL: "http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=NL&userid=07fd3b04-7404-3fa0-9ffd-1b2a02befff5&searchtype=ds&installDate=11/10/2013&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: G:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-28 11:41:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-11-19 07:11:33 | 000,000,000 | ---D | M]

[2013-09-22 20:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pascal\AppData\Roaming\mozilla\Extensions
[2013-11-11 08:00:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pascal\AppData\Roaming\mozilla\Firefox\Profiles\fgvchz34.default\extensions
[2013-10-11 05:23:26 | 000,002,427 | ---- | M] () -- C:\Users\pascal\AppData\Roaming\mozilla\firefox\profiles\fgvchz34.default\searchplugins\Web Search.xml
[2013-09-23 18:33:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions
[2013-09-22 20:48:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013-09-22 20:48:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-10-17 11:25:52 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - Extension: Google Drive = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0\
CHR - Extension: AdBlock = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: Spell Checker for Chrome = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg\0.9.3.8_0\
CHR - Extension: ImageShack-Clickberry Extension = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoheopifiepihlmifonnknocnlfapgc\2.1.3_0\
CHR - Extension: SPDY indicator = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpbpobfflnpcgagjijhmgnchggcjblin\0.4.0_0\
CHR - Extension: Google Wallet = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: 3D Bomb Destroyer = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom\1.0.6_0\
CHR - Extension: Cacoo - Diagramming & Real-Time Collaboration = C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcflmbddgcmomcfngehfhlajjapabojh\1.2.0_0\

O1 HOSTS File: ([2013-10-27 16:23:17 | 000,000,021 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - G:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Microsoft Web Test Recorder 12.0 Helper) - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - G:\Program Files (x86)\Microsoft Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - G:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - G:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - G:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - G:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtsFT] C:\windows\RTFTrack.exe (Realtek semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
O4:64bit: - HKLM..\Run: [UMonit64] C:\Windows\SysWOW64\UMonit64.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [20131121] G:\Program Files\AVAST Software\Avast\setup\emupdate\b6ff59fd-771a-4764-bcfb-e23d5aed51ef.exe (AVAST Software)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] G:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [ICIDU AWCU] C:\Program Files (x86)\Wireless\ICIDU NI-707535 Wireless N Client Utility\ICIDU AWCU.exe ()
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vmware-tray.exe] C:\Users\pascal\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [Akamai NetSession Interface] C:\Users\pascal\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [EADM] G:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [f.lux] C:\Users\pascal\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [HP Photosmart Plus B210 series (NET)] C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [RESTART_STICKY_NOTES] C:\WINDOWS\system32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1604072601-479498276-4294810608-1002..\Run: [uTorrent] C:\Users\pascal\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
O4 - Startup: C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verbatim GREEN BUTTON.lnk = C:\Program Files (x86)\Verbatim\GREEN BUTTON\GREEN BUTTON.exe (Verbatim)
O4 - Startup: C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
 
Re: bsod met simcity en need for speed rivals

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.116 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15B73645-7201-4CC6-B8ED-2ED0DC159DFB}: DhcpNameServer = 10.17.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C303FFB-F639-43D1-90DC-72D9DF183B7A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FCBF3D8-27BD-4330-911D-6C374A35D945}: DhcpNameServer = 192.168.1.116 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6CE200F-CC83-4BCC-962C-CC45720C6E7D}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

MsConfig:64bit - State: "services" - Reg Error: Key error.

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013-12-09 14:47:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- G:\pascal\Desktop\OTL.exe
[2013-12-08 15:31:06 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvad64v.sys
[2013-12-08 15:31:06 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvaudcap32v.dll
[2013-12-08 15:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity
[2013-12-08 15:26:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013-12-08 15:17:49 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Roaming\Origin
[2013-12-08 15:17:48 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Local\Origin
[2013-12-08 15:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2013-12-08 15:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013-12-08 15:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013-12-07 08:53:36 | 000,000,000 | ---D | C] -- G:\pascal\Desktop\mh-magazine-lite
[2013-12-06 19:43:38 | 000,000,000 | ---D | C] -- G:\pascal\Documents\OneNote Notebooks
[2013-12-06 19:40:47 | 000,000,000 | ---D | C] -- G:\pascal\Documents\OneNote-notitieblokken
[2013-12-05 17:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2013-12-05 17:58:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2013-12-05 17:58:05 | 000,000,000 | ---D | C] -- G:\pascal\Documents\Anti-Malware
[2013-12-05 07:18:00 | 000,000,000 | ---D | C] -- G:\pascal\Documents\Website
[2013-12-05 07:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013-12-05 07:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013-12-05 07:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013-12-05 07:15:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013-12-05 07:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013-12-03 21:58:11 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_43.dll
[2013-12-03 21:58:11 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_7.dll
[2013-12-03 21:58:11 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_7.dll
[2013-12-03 21:58:11 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_7.dll
[2013-12-03 21:58:11 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_7.dll
[2013-12-03 21:58:11 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_5.dll
[2013-12-03 21:58:11 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2013-12-03 21:58:10 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_43.dll
[2013-12-03 21:58:10 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_43.dll
[2013-12-03 21:58:10 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_43.dll
[2013-12-03 21:58:10 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_43.dll
[2013-12-03 21:58:09 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_43.dll
[2013-12-03 21:58:09 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_43.dll
[2013-12-03 21:58:08 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_43.dll
[2013-12-03 21:58:08 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_43.dll
[2013-12-03 21:58:08 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_6.dll
[2013-12-03 21:58:08 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_6.dll
[2013-12-03 21:58:08 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_6.dll
[2013-12-03 21:58:08 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_6.dll
[2013-12-03 21:58:08 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_4.dll
[2013-12-03 21:58:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_4.dll
[2013-12-03 21:58:07 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_5.dll
[2013-12-03 21:58:07 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_5.dll
[2013-12-03 21:58:07 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_7.dll
[2013-12-03 21:58:07 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_7.dll
[2013-12-03 21:58:06 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_42.dll
[2013-12-03 21:58:06 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_42.dll
[2013-12-03 21:58:06 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_5.dll
[2013-12-03 21:58:06 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_5.dll
[2013-12-03 21:58:05 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_42.dll
[2013-12-03 21:58:05 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_42.dll
[2013-12-03 21:58:04 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_42.dll
[2013-12-03 21:58:04 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_42.dll
[2013-12-03 21:58:04 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_42.dll
[2013-12-03 21:58:04 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_42.dll
[2013-12-03 21:58:03 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_42.dll
[2013-12-03 21:58:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_42.dll
[2013-12-03 21:58:02 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_41.dll
[2013-12-03 21:58:02 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_41.dll
[2013-12-03 21:58:02 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_41.dll
[2013-12-03 21:58:02 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_41.dll
[2013-12-03 21:58:01 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_41.dll
[2013-12-03 21:58:01 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_41.dll
[2013-12-03 21:58:01 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_4.dll
[2013-12-03 21:58:01 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_4.dll
[2013-12-03 21:58:01 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_4.dll
[2013-12-03 21:58:01 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_4.dll
[2013-12-03 21:58:01 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_3.dll
[2013-12-03 21:58:01 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_3.dll
[2013-12-03 21:58:00 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_6.dll
[2013-12-03 21:58:00 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_6.dll
[2013-12-03 21:57:59 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_40.dll
[2013-12-03 21:57:59 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_40.dll
[2013-12-03 21:57:59 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_40.dll
[2013-12-03 21:57:59 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_40.dll
[2013-12-03 21:57:58 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_40.dll
[2013-12-03 21:57:58 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_40.dll
[2013-12-03 21:57:58 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_3.dll
[2013-12-03 21:57:58 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_3.dll
[2013-12-03 21:57:58 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_2.dll
[2013-12-03 21:57:58 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_2.dll
[2013-12-03 21:57:57 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_3.dll
[2013-12-03 21:57:57 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_3.dll
[2013-12-03 21:57:57 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_5.dll
[2013-12-03 21:57:57 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_5.dll
[2013-12-03 21:57:56 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_2.dll
[2013-12-03 21:57:56 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_2.dll
[2013-12-03 21:57:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_2.dll
[2013-12-03 21:57:56 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_2.dll
[2013-12-03 21:57:56 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_1.dll
[2013-12-03 21:57:56 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_1.dll
[2013-12-03 21:57:55 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_39.dll
[2013-12-03 21:57:55 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_39.dll
[2013-12-03 21:57:55 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_39.dll
[2013-12-03 21:57:54 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_1.dll
[2013-12-03 21:57:54 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_1.dll
[2013-12-03 21:57:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_1.dll
[2013-12-03 21:57:54 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_1.dll
[2013-12-03 21:57:54 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_0.dll
[2013-12-03 21:57:54 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_0.dll
[2013-12-03 21:57:54 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_4.dll
[2013-12-03 21:57:54 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_4.dll
[2013-12-03 21:57:53 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_38.dll
[2013-12-03 21:57:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_38.dll
[2013-12-03 21:57:53 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_38.dll
[2013-12-03 21:57:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_38.dll
[2013-12-03 21:57:52 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_38.dll
[2013-12-03 21:57:52 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_38.dll
[2013-12-03 21:57:52 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_0.dll
[2013-12-03 21:57:52 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_0.dll
[2013-12-03 21:57:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_0.dll
[2013-12-03 21:57:51 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_0.dll
[2013-12-03 21:57:51 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_3.dll
[2013-12-03 21:57:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_3.dll
[2013-12-03 21:57:50 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_37.dll
[2013-12-03 21:57:50 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_37.dll
[2013-12-03 21:57:50 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_37.dll
[2013-12-03 21:57:50 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_37.dll
[2013-12-03 21:57:50 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_37.dll
[2013-12-03 21:57:50 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_37.dll
[2013-12-03 21:57:49 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_36.dll
[2013-12-03 21:57:49 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_36.dll
[2013-12-03 21:57:49 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_36.dll
[2013-12-03 21:57:49 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_36.dll
[2013-12-03 21:57:49 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_10.dll
[2013-12-03 21:57:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_10.dll
[2013-12-03 21:57:48 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_36.dll
[2013-12-03 21:57:48 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_36.dll
[2013-12-03 21:57:47 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_9.dll
[2013-12-03 21:57:47 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_9.dll
[2013-12-03 21:57:46 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_35.dll
[2013-12-03 21:57:46 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_35.dll
[2013-12-03 21:57:46 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_35.dll
[2013-12-03 21:57:46 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_35.dll
[2013-12-03 21:57:46 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_35.dll
[2013-12-03 21:57:46 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_35.dll
[2013-12-03 21:57:45 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_8.dll
[2013-12-03 21:57:45 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_8.dll
[2013-12-03 21:57:45 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_2.dll
[2013-12-03 21:57:45 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_2.dll
[2013-12-03 21:57:44 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_34.dll
[2013-12-03 21:57:44 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_34.dll
[2013-12-03 21:57:44 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_34.dll
[2013-12-03 21:57:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_34.dll
[2013-12-03 21:57:43 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_34.dll
[2013-12-03 21:57:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_34.dll
[2013-12-03 21:57:43 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_7.dll
[2013-12-03 21:57:43 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_7.dll
[2013-12-03 21:57:43 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_3.dll
[2013-12-03 21:57:43 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll
[2013-12-03 21:57:42 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_33.dll
[2013-12-03 21:57:42 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_33.dll
[2013-12-03 21:57:42 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_33.dll
[2013-12-03 21:57:42 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_33.dll
[2013-12-03 21:57:41 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_33.dll
[2013-12-03 21:57:41 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_33.dll
[2013-12-03 21:57:40 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10.dll
[2013-12-03 21:57:40 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10.dll
[2013-12-03 21:57:40 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_6.dll
[2013-12-03 21:57:40 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_5.dll
[2013-12-03 21:57:40 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_6.dll
[2013-12-03 21:57:40 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_5.dll
[2013-12-03 21:57:39 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_32.dll
[2013-12-03 21:57:38 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_4.dll
[2013-12-03 21:57:38 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_4.dll
[2013-12-03 21:57:38 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_1.dll
[2013-12-03 21:57:38 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_1.dll
[2013-12-03 21:57:37 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_31.dll
[2013-12-03 21:57:37 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_31.dll
[2013-12-03 21:57:37 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_3.dll
[2013-12-03 21:57:37 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_3.dll
[2013-12-03 21:57:37 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_2.dll
[2013-12-03 21:57:37 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_2.dll
[2013-12-03 21:57:36 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_2.dll
[2013-12-03 21:57:36 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_1.dll
[2013-12-03 21:57:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_2.dll
[2013-12-03 21:57:36 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_1.dll
[2013-12-03 21:57:36 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_1.dll
[2013-12-03 21:57:36 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_1.dll
[2013-12-03 21:57:31 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_30.dll
[2013-12-03 21:57:30 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_29.dll
[2013-12-03 21:57:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_29.dll
[2013-12-03 21:57:30 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_0.dll
[2013-12-03 21:57:30 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_0.dll
[2013-12-03 21:57:30 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_0.dll
[2013-12-03 21:57:30 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_0.dll
[2013-12-03 21:57:29 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_28.dll
[2013-12-03 21:57:29 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_28.dll
[2013-12-03 21:57:28 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_27.dll
[2013-12-03 21:57:28 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_27.dll
[2013-12-03 21:57:27 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_25.dll
[2013-12-03 21:57:27 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_26.dll
[2013-12-03 21:57:27 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_26.dll
[2013-12-03 21:57:25 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_24.dll
[2013-12-03 21:57:25 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_24.dll
[2013-12-02 16:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2013-12-02 16:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2013-12-02 16:59:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2013-12-02 16:58:16 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Roaming\HpUpdate
[2013-12-02 16:57:41 | 000,741,480 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\SysNative\HPDiscoPM8e11.dll
[2013-12-02 16:57:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013-12-02 16:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013-12-02 16:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013-12-02 16:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013-12-02 16:55:46 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Local\HP
[2013-11-30 19:25:13 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Applicatie Detect
[2013-11-30 19:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013-11-30 19:25:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2013-11-30 19:24:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013-11-30 19:24:50 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Roaming\Winamp
[2013-11-30 19:24:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2013-11-29 20:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SystemRequirementsLab
[2013-11-29 19:15:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013-11-29 19:05:17 | 000,000,000 | ---D | C] -- G:\pascal\Documents\Ghost Games
[2013-11-28 17:33:42 | 000,000,000 | ---D | C] -- G:\pascal\Documents\simcity
[2013-11-28 10:49:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NV
[2013-11-28 10:49:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NV
[2013-11-28 10:48:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013-11-28 10:46:10 | 030,361,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013-11-28 10:46:10 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013-11-28 10:46:10 | 022,951,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013-11-28 10:46:10 | 018,293,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2013-11-28 10:46:10 | 018,208,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013-11-28 10:46:10 | 011,566,648 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013-11-28 10:46:10 | 009,663,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013-11-28 10:46:10 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013-11-28 10:46:10 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013-11-28 10:46:10 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433193.dll
[2013-11-28 10:46:10 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433193.dll
[2013-11-28 10:46:10 | 000,707,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013-11-28 10:46:10 | 000,657,184 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013-11-28 10:46:10 | 000,609,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013-11-28 10:46:10 | 000,562,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013-11-28 10:46:10 | 000,479,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2013-11-28 10:46:10 | 000,405,280 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2013-11-28 10:46:10 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys
[2013-11-28 10:46:09 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013-11-28 10:46:09 | 015,862,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013-11-28 10:46:09 | 015,218,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2013-11-28 10:46:09 | 011,441,664 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013-11-28 10:46:09 | 009,619,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013-11-28 10:46:09 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013-11-28 10:46:09 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013-11-28 10:46:09 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2013-11-28 10:46:09 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2013-11-28 10:44:51 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013-11-26 06:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-11-26 06:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-11-20 07:31:24 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433182.dll
[2013-11-20 07:31:24 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433182.dll
[2013-11-17 15:45:19 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013-11-17 15:45:19 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013-11-17 15:45:19 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2013-11-17 15:45:19 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2013-11-17 15:45:16 | 002,801,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2013-11-17 15:45:16 | 001,085,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2013-11-17 15:45:16 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2013-11-17 15:45:03 | 018,577,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013-11-17 15:45:01 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013-11-17 15:45:00 | 013,176,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013-11-17 15:44:57 | 011,674,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013-11-17 15:44:44 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2013-11-17 15:44:40 | 006,639,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2013-11-17 15:44:38 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013-11-17 15:44:38 | 005,769,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2013-11-17 15:44:36 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2013-11-17 15:44:34 | 004,104,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2013-11-17 15:44:34 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013-11-17 15:44:34 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013-11-17 15:44:32 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013-11-17 15:44:32 | 001,231,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2013-11-17 15:44:31 | 002,328,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

---------- Bericht toegevoegd op 19:34 ---------- Vorige bericht was op 19:33 ----------

[2013-11-17 15:44:31 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2013-11-17 15:44:31 | 001,147,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2013-11-17 15:44:30 | 002,065,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2013-11-17 15:44:30 | 001,067,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2013-11-17 15:44:29 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013-11-17 15:44:29 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2013-11-17 15:44:29 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2013-11-17 15:44:28 | 000,883,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2013-11-17 15:44:28 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013-11-17 15:44:27 | 002,134,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2013-11-17 15:44:27 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013-11-17 15:44:27 | 000,700,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013-11-17 15:44:27 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013-11-17 15:44:27 | 000,481,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2013-11-17 15:44:26 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2013-11-17 15:44:26 | 000,699,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10level9.dll
[2013-11-17 15:44:26 | 000,380,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2013-11-17 15:44:25 | 004,599,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2013-11-17 15:44:25 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2013-11-17 15:44:25 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013-11-17 15:44:24 | 001,373,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2013-11-17 15:44:24 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2013-11-17 15:44:23 | 001,011,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2013-11-17 15:44:23 | 000,708,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2013-11-17 15:44:22 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2013-11-17 15:44:22 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2013-11-17 15:44:22 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2013-11-17 15:44:21 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2013-11-17 15:44:21 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2013-11-17 15:44:20 | 000,518,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2013-11-17 15:44:20 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapphost.dll
[2013-11-17 15:44:20 | 000,031,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2013-11-17 15:44:19 | 000,465,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2013-11-17 15:44:19 | 000,391,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2013-11-17 15:44:19 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2013-11-17 15:44:19 | 000,171,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_8086.dll
[2013-11-17 15:44:18 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2013-11-17 15:44:18 | 000,558,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2013-11-17 15:44:18 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapp3hst.dll
[2013-11-17 15:44:17 | 000,795,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2013-11-17 15:44:17 | 000,345,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2013-11-17 15:44:17 | 000,317,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2013-11-17 15:44:17 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2013-11-17 15:44:16 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll
[2013-11-17 15:44:16 | 000,104,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2013-11-17 15:44:15 | 000,371,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013-11-17 15:44:15 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msched.dll
[2013-11-17 15:44:15 | 000,088,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2013-11-17 15:44:14 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2013-11-17 15:44:14 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapphost.dll
[2013-11-17 15:44:12 | 000,044,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2013-11-17 15:44:11 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2013-11-17 15:44:11 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2013-11-17 15:44:11 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWbPrxy.exe
[2013-11-17 15:44:11 | 000,057,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2013-11-17 15:44:11 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013-11-17 15:44:10 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2013-11-17 15:44:10 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013-11-17 15:44:10 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2013-11-17 15:44:10 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2013-11-17 15:44:10 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2013-11-17 15:44:09 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2013-11-17 15:44:08 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappcfg.dll
[2013-11-17 15:44:08 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappcfg.dll
[2013-11-17 15:44:08 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapp3hst.dll
[2013-11-17 15:44:08 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2013-11-17 15:44:08 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shsetup.dll
[2013-11-17 15:44:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappgnui.dll
[2013-11-17 15:44:07 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappgnui.dll
[2013-11-17 15:44:06 | 001,704,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013-11-17 15:44:06 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2013-11-17 15:44:06 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ftp.exe
[2013-11-17 15:44:05 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2013-11-17 15:44:05 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013-11-17 15:44:05 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013-11-17 15:44:04 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013-11-17 15:44:04 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ftp.exe
[2013-11-17 15:44:03 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013-11-17 15:44:03 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\miutils.dll
[2013-11-17 15:44:03 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\miutils.dll
[2013-11-17 11:22:34 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Local\Macromedia
[2013-11-16 18:32:09 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Roaming\Unified Remote
[2013-11-16 18:32:08 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote
[2013-11-15 11:57:28 | 000,015,360 | ---- | C] (June Fabrics Technology Inc.) -- C:\WINDOWS\SysNative\drivers\pneteth.sys
[2013-11-15 11:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
[2013-11-15 11:57:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdaNet for Android
[2013-11-15 10:00:57 | 000,000,000 | ---D | C] -- C:\Users\pascal\.android
[2013-11-15 09:58:31 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
[2013-11-15 09:58:17 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Local\Android
[2013-11-14 06:23:50 | 000,693,240 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013-11-14 06:23:50 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013-11-13 20:14:17 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Local\Paint.NET
[2013-11-13 18:21:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2013-11-13 14:34:11 | 000,000,000 | ---D | C] -- C:\Downloads
[2013-11-13 14:29:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013-11-13 14:29:07 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013-11-13 14:29:00 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013-11-13 14:29:00 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013-11-13 14:29:00 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013-11-13 14:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013-11-13 14:20:12 | 000,000,000 | ---D | C] -- C:\Users\pascal\AppData\Roaming\.minecraft
[2013-11-13 13:53:26 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2013-11-13 13:53:23 | 001,943,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2013-11-13 13:53:20 | 001,341,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013-11-13 13:53:12 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2013-11-13 13:53:12 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2013-11-13 13:53:11 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013-11-13 13:53:11 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2013-11-13 13:53:11 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013-11-12 08:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2013-11-12 08:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2013-11-12 06:16:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\AutoKMS
[2013-09-23 08:33:52 | 446,684,064 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\AppData\Local\TempSECURITY999ALDORA.exe
[2013-08-27 11:43:10 | 000,338,000 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vnetstats.exe
[2013-08-27 11:43:08 | 000,776,272 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vnetlib.dll
[2013-08-27 11:43:06 | 000,071,248 | ---- | C] (The libsigc++ development team (see AUTHORS)) -- C:\Users\pascal\sigc-2.0.dll
[2013-08-27 11:43:04 | 020,588,112 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-vmx-stats.exe
[2013-08-27 11:43:04 | 000,494,672 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmrun.exe
[2013-08-27 11:43:02 | 003,490,896 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmnetcfglib.dll
[2013-08-27 11:43:02 | 000,083,536 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-shell-ext-thunker.exe
[2013-08-27 11:43:00 | 000,113,744 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmeventmsg.dll
[2013-08-27 11:42:58 | 000,393,808 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmappsdk.dll
[2013-08-27 11:42:58 | 000,298,064 | ---- | C] (Info-ZIP) -- C:\Users\pascal\zip.exe
[2013-08-27 11:42:56 | 000,447,056 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\drvInst64.exe
[2013-08-27 11:42:56 | 000,068,688 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\adjperm.dll
[2013-08-27 11:42:56 | 000,043,600 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-tray-helper.dll
[2013-08-27 11:42:56 | 000,024,144 | ---- | C] (The GLib developer community) -- C:\Users\pascal\gmodule-2.0.dll
[2013-08-27 11:42:54 | 004,845,648 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-remotemks.exe
[2013-08-27 11:42:54 | 004,630,608 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmwarewui.dll
[2013-08-27 11:42:52 | 000,163,408 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\elevated.dll
[2013-08-27 11:42:50 | 022,555,216 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-vmx-debug.exe
[2013-08-27 11:42:50 | 017,969,232 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-vmx.exe
[2013-08-27 11:42:50 | 003,003,984 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmnetcfg.exe
[2013-08-27 11:42:50 | 000,358,480 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\VMnetDHCP.exe
[2013-08-27 11:42:48 | 000,887,888 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmss2core.exe
[2013-08-27 11:42:48 | 000,111,696 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-tray.exe
[2013-08-27 11:42:46 | 002,732,112 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmplayer.exe
[2013-08-27 11:42:46 | 000,393,296 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vixDiskMountServer.exe
[2013-08-27 11:42:46 | 000,030,800 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmnetUserif.sys
[2013-08-27 11:42:44 | 000,351,824 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vnetsniffer.exe
[2013-08-27 11:42:42 | 004,727,888 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\gvmomi.dll
[2013-08-27 11:42:38 | 000,645,200 | ---- | C] (The glibmm development team (see AUTHORS)) -- C:\Users\pascal\glibmm-2.4.dll
[2013-08-27 11:42:36 | 000,902,224 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vixDiskMountApi.dll
[2013-08-27 11:42:36 | 000,630,864 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-kvm.exe
[2013-08-27 11:42:34 | 001,236,048 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\sysimgbase.dll
[2013-08-27 11:42:32 | 000,088,656 | ---- | C] (Free Software Foundation) -- C:\Users\pascal\intl.dll
[2013-08-27 11:42:32 | 000,031,312 | ---- | C] (The GLib developer community) -- C:\Users\pascal\gthread-2.0.dll
[2013-08-27 11:42:30 | 000,190,032 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-unity-helper.exe
[2013-08-27 11:42:30 | 000,132,176 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmdkShellExt.dll
[2013-08-27 11:42:28 | 005,135,952 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-remotemks-debug.exe
[2013-08-27 11:42:28 | 004,772,944 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmwarebase.dll
[2013-08-27 11:42:28 | 000,598,608 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmappcfg.dll
[2013-08-27 11:42:26 | 003,127,888 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmapputil.dll
[2013-08-27 11:42:26 | 000,930,384 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vnetlib64.dll
[2013-08-27 11:42:26 | 000,753,232 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vnetlib.exe
[2013-08-27 11:42:24 | 001,074,256 | ---- | C] (The GLib developer community) -- C:\Users\pascal\glib-2.0.dll
[2013-08-27 11:42:24 | 000,302,160 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmclientcore.dll
[2013-08-27 11:42:24 | 000,287,824 | ---- | C] (The GLib developer community) -- C:\Users\pascal\gobject-2.0.dll
[2013-08-27 11:42:22 | 000,905,296 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vnetlib64.exe
[2013-08-27 11:42:20 | 000,064,080 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmx86.sys
[2013-08-27 11:42:18 | 007,896,656 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmwarecui.dll
[2013-08-27 11:42:18 | 001,123,920 | ---- | C] (Free Software Foundation) -- C:\Users\pascal\iconv.dll
[2013-08-27 11:42:18 | 000,049,744 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmwarestring.dll
[2013-08-27 11:42:14 | 000,437,328 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmnat.exe
[2013-08-27 11:42:14 | 000,240,208 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmdbCOM.dll
[2013-08-27 11:42:12 | 002,110,544 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware.exe
[2013-08-27 11:42:02 | 000,080,464 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmnetBridge.dll
[2013-08-27 11:42:02 | 000,049,232 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vnetinst.dll
[2013-08-27 11:42:02 | 000,046,160 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmnetBridge.sys
[2013-08-27 11:42:02 | 000,024,656 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmnet.sys
[2013-08-27 11:42:02 | 000,020,560 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmnetAdapter.sys
[2013-08-27 11:41:58 | 000,140,880 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\libcds.dll
[2013-08-27 11:41:58 | 000,034,896 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmUpdateLauncher.exe
[2013-08-27 11:10:30 | 000,432,264 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\amqp.dll
[2013-08-27 11:10:30 | 000,220,752 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmcf.dll
[2013-08-27 11:09:36 | 002,252,368 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmomi.dll
[2013-08-27 11:09:34 | 000,222,800 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\pascal\ssleay32.dll
[2013-08-27 11:09:32 | 021,840,464 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\types.dll
[2013-08-27 11:09:32 | 001,027,664 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\pascal\libeay32.dll
[2013-08-27 11:09:30 | 003,647,056 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmacore.dll
[2013-08-27 10:50:10 | 000,086,096 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-authd.exe
[2013-08-27 10:50:10 | 000,011,344 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmauthd.dll
[2013-08-27 10:48:58 | 000,018,512 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vprintproxy.exe
[2013-08-27 10:48:54 | 001,230,160 | ---- | C] (Cortado AG) -- C:\Users\pascal\TPView.dll
[2013-08-27 10:48:54 | 000,808,272 | ---- | C] (Cortado AG) -- C:\Users\pascal\TPClnt.dll
[2013-08-27 10:48:54 | 000,182,096 | ---- | C] (Cortado AG) -- C:\Users\pascal\TPClnRDP.dll
[2013-08-27 10:48:54 | 000,177,488 | ---- | C] (Cortado AG) -- C:\Users\pascal\TPViewdeu.dll
[2013-08-27 10:48:54 | 000,169,296 | ---- | C] (Cortado AG) -- C:\Users\pascal\TPViewjpn.dll
[2013-08-27 10:48:54 | 000,116,048 | ---- | C] (ThinPrint GmbH) -- C:\Users\pascal\TPClnVM.dll
[2013-08-27 10:48:54 | 000,116,048 | ---- | C] (Cortado AG) -- C:\Users\pascal\TPClntdeu.dll
[2013-08-27 10:48:54 | 000,111,952 | ---- | C] (Cortado AG) -- C:\Users\pascal\TPClntloc.dll
[2013-08-27 10:48:54 | 000,107,856 | ---- | C] (Cortado AG) -- C:\Users\pascal\TPClntjpn.dll
[2013-08-27 10:42:44 | 000,559,696 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmPerfmon.dll
[2013-08-27 10:42:20 | 001,310,800 | ---- | C] (VMware, Inc.) -- C:\Users\pascal\vmware-vdiskmanager.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-12-09 16:48:01 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-12-09 16:19:59 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-12-09 16:19:35 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-12-09 16:16:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013-12-09 16:16:42 | 2342,322,175 | -HS- | M] () -- C:\hiberfil.sys
[2013-12-09 16:08:00 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-12-09 14:47:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\pascal\Desktop\OTL.exe
[2013-12-09 08:34:04 | 002,038,090 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013-12-09 08:34:04 | 000,885,342 | ---- | M] () -- C:\WINDOWS\SysNative\perfh013.dat
[2013-12-09 08:34:04 | 000,790,674 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013-12-09 08:34:04 | 000,197,616 | ---- | M] () -- C:\WINDOWS\SysNative\perfc013.dat
[2013-12-09 08:34:04 | 000,162,958 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013-12-08 15:26:43 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\SimCity.lnk
[2013-12-08 15:16:41 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2013-12-06 20:20:06 | 000,001,185 | ---- | M] () -- C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
[2013-12-06 20:19:57 | 000,001,319 | ---- | M] () -- C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2013-12-05 17:58:35 | 000,001,138 | ---- | M] () -- C:\Users\pascal\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2013-12-05 11:52:55 | 000,556,256 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013-12-03 20:52:22 | 000,001,225 | ---- | M] () -- G:\pascal\Desktop\Play NFS Rivals 64BIT.lnk
[2013-12-03 20:52:22 | 000,001,225 | ---- | M] () -- G:\pascal\Desktop\Play NFS Rivals 32BIT.lnk
[2013-12-03 14:23:37 | 000,000,220 | ---- | M] () -- G:\pascal\Desktop\Garry's Mod.url
[2013-12-02 17:38:26 | 021,876,372 | ---- | M] () -- G:\pascal\Documents\Geen titel 1.odt
[2013-12-02 16:56:30 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2013-11-30 19:25:13 | 000,001,026 | ---- | M] () -- C:\Users\pascal\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2013-11-30 19:25:13 | 000,001,002 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013-11-29 17:56:58 | 001,096,480 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2013-11-29 17:56:57 | 000,979,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspcap.dll
[2013-11-27 19:13:21 | 277,872,639 | ---- | M] () -- G:\pascal\Documents\openSUSE-13.1-DVD-x86_64.iso
[2013-11-26 12:00:32 | 000,291,500 | ---- | M] () -- G:\pascal\Documents\cc_20131126_120015.reg
[2013-11-23 20:26:48 | 030,361,888 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013-11-23 20:26:48 | 025,257,248 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013-11-23 20:26:48 | 022,951,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013-11-23 20:26:48 | 018,293,096 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2013-11-23 20:26:48 | 018,208,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013-11-23 20:26:48 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013-11-23 20:26:48 | 015,862,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013-11-23 20:26:48 | 015,218,504 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2013-11-23 20:26:48 | 011,566,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013-11-23 20:26:48 | 011,441,664 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013-11-23 20:26:48 | 009,663,656 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013-11-23 20:26:48 | 009,619,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013-11-23 20:26:48 | 003,132,704 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013-11-23 20:26:48 | 003,125,024 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013-11-23 20:26:48 | 003,069,608 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2013-11-23 20:26:48 | 002,947,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013-11-23 20:26:48 | 002,747,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013-11-23 20:26:48 | 002,697,248 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013-11-23 20:26:48 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433193.dll
[2013-11-23 20:26:48 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433193.dll
[2013-11-23 20:26:48 | 001,436,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2013-11-23 20:26:48 | 001,242,400 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2013-11-23 20:26:48 | 000,707,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013-11-23 20:26:48 | 000,657,184 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013-11-23 20:26:48 | 000,609,568 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013-11-23 20:26:48 | 000,562,464 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013-11-23 20:26:48 | 000,479,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2013-11-23 20:26:48 | 000,405,280 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2013-11-23 20:26:48 | 000,357,152 | ---- | M] () -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2013-11-23 20:26:48 | 000,317,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2013-11-23 20:26:48 | 000,314,656 | ---- | M] () -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2013-11-23 20:26:48 | 000,266,984 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2013-11-23 20:26:48 | 000,168,616 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2013-11-23 20:26:48 | 000,141,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2013-11-23 20:26:48 | 000,032,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys
[2013-11-23 20:26:48 | 000,023,754 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013-11-23 18:42:12 | 006,674,208 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2013-11-23 18:42:12 | 003,490,080 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2013-11-23 18:42:10 | 002,559,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2013-11-23 18:42:10 | 001,065,248 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2013-11-23 18:42:10 | 000,598,304 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\oemdspif.dll
[2013-11-23 18:42:10 | 000,219,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2013-11-23 18:42:10 | 000,067,072 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2013-11-23 18:42:10 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2013-11-22 17:28:31 | 003,498,475 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2013-11-21 07:25:03 | 000,000,460 | ---- | M] () -- G:\pascal\Desktop\School.lnk
[2013-11-18 07:31:16 | 000,001,024 | ---- | M] () -- C:\.rnd
[2013-11-17 14:48:22 | 700,508,160 | R--- | M] () -- G:\pascal\Documents\Chrome_OS.i686-1.5.874.iso
[2013-11-15 11:57:28 | 000,001,136 | ---- | M] () -- C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2013-11-14 13:41:50 | 000,003,260 | ---- | M] () -- C:\Users\pascal\AppData\Local\recently-used.xbel
[2013-11-14 12:58:09 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433182.dll
[2013-11-14 12:58:09 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433182.dll
[2013-11-13 20:41:56 | 000,001,128 | ---- | M] () -- C:\Users\pascal\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013-11-13 14:28:43 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013-11-13 14:28:41 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013-11-13 14:28:41 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013-11-13 14:28:40 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013-11-13 07:08:33 | 000,002,330 | ---- | M] () -- C:\Users\pascal\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-11-11 18:20:05 | 000,001,029 | ---- | M] () -- C:\Users\pascal\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk
[2013-11-11 18:20:05 | 000,001,029 | ---- | M] () -- C:\Users\pascal\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo GIF.lnk
[2013-11-10 06:15:55 | 000,409,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-12-08 15:26:14 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\SimCity.lnk
[2013-12-08 15:16:41 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013-12-06 19:43:44 | 000,001,319 | ---- | C] () -- C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2013-12-06 19:41:06 | 000,001,185 | ---- | C] () -- C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
[2013-12-05 17:58:35 | 000,001,138 | ---- | C] () -- C:\Users\pascal\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2013-12-03 20:52:22 | 000,001,225 | ---- | C] () -- G:\pascal\Desktop\Play NFS Rivals 64BIT.lnk
[2013-12-03 20:52:22 | 000,001,225 | ---- | C] () -- G:\pascal\Desktop\Play NFS Rivals 32BIT.lnk
[2013-12-03 15:54:31 | 000,000,220 | ---- | C] () -- G:\pascal\Desktop\Garry's Mod.url
[2013-12-02 17:38:26 | 021,876,372 | ---- | C] () -- G:\pascal\Documents\Geen titel 1.odt
[2013-12-02 16:58:43 | 000,000,976 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-registratie.lnk
[2013-12-02 16:56:30 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013-11-30 19:25:13 | 000,001,026 | ---- | C] () -- C:\Users\pascal\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2013-11-30 19:25:13 | 000,001,002 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013-11-28 10:46:10 | 000,357,152 | ---- | C] () -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2013-11-28 10:46:09 | 000,314,656 | ---- | C] () -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2013-11-27 18:25:22 | 277,872,639 | ---- | C] () -- G:\pascal\Documents\openSUSE-13.1-DVD-x86_64.iso
[2013-11-26 20:31:54 | 000,556,256 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013-11-26 12:00:18 | 000,291,500 | ---- | C] () -- G:\pascal\Documents\cc_20131126_120015.reg
[2013-11-21 07:25:03 | 000,000,460 | ---- | C] () -- G:\pascal\Desktop\School.lnk
[2013-11-17 15:44:10 | 000,385,528 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013-11-17 14:38:53 | 700,508,160 | R--- | C] () -- G:\pascal\Documents\Chrome_OS.i686-1.5.874.iso
[2013-11-15 11:57:28 | 000,001,136 | ---- | C] () -- C:\Users\pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2013-11-14 13:41:50 | 000,003,260 | ---- | C] () -- C:\Users\pascal\AppData\Local\recently-used.xbel
[2013-11-13 20:14:32 | 000,001,013 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2013-11-03 08:13:28 | 009,879,552 | ---- | C] () -- C:\Users\pascal\darwin.iso
[2013-11-03 08:13:28 | 000,000,256 | ---- | C] () -- C:\Users\pascal\darwin.iso.sig
[2013-10-17 16:39:47 | 002,057,024 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013-10-17 15:32:46 | 000,262,216 | ---- | C] () -- C:\WINDOWS\SysWow64\IPTests.dll
[2013-10-17 15:31:45 | 000,422,000 | ---- | C] () -- C:\WINDOWS\SysWow64\wgapi.dll
[2013-10-17 15:31:45 | 000,077,824 | ---- | C] () -- C:\WINDOWS\SysWow64\wgapiloc.dll
[2013-10-09 13:32:59 | 000,004,510 | ---- | C] () -- C:\Users\pascal\AppData\Roaming\CamStudio.cfg
[2013-10-09 13:32:59 | 000,000,408 | ---- | C] () -- C:\Users\pascal\AppData\Roaming\CamShapes.ini
[2013-10-09 13:32:59 | 000,000,408 | ---- | C] () -- C:\Users\pascal\AppData\Roaming\CamLayout.ini
[2013-10-09 13:32:59 | 000,000,046 | ---- | C] () -- C:\Users\pascal\AppData\Roaming\Camdata.ini
[2013-10-03 22:42:46 | 000,343,040 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013-10-03 22:42:40 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013-10-03 22:42:38 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013-08-27 11:42:58 | 001,260,624 | ---- | C] () -- C:\Users\pascal\libxml2.dll
[2013-08-27 11:42:54 | 000,319,056 | ---- | C] () -- C:\Users\pascal\libldap_r.dll
[2013-08-27 11:42:52 | 000,298,576 | ---- | C] () -- C:\Users\pascal\libldap.dll
[2013-08-27 11:42:46 | 000,390,224 | ---- | C] () -- C:\Users\pascal\ssoclient.dll
[2013-08-27 11:42:38 | 000,643,152 | ---- | C] () -- C:\Users\pascal\emmett.exe
[2013-08-27 11:42:38 | 000,432,304 | ---- | C] () -- C:\Users\pascal\mkisofs.exe
[2013-08-27 11:42:36 | 000,329,808 | ---- | C] () -- C:\Users\pascal\libcurl.dll
[2013-08-27 11:42:34 | 000,146,000 | ---- | C] () -- C:\Users\pascal\liblber.dll
[2013-08-27 11:42:34 | 000,069,712 | ---- | C] () -- C:\Users\pascal\zlib1.dll
[2013-08-27 11:42:20 | 000,527,952 | ---- | C] () -- C:\Users\pascal\vmware-vprobe.exe
[2013-08-27 11:42:02 | 000,010,486 | ---- | C] () -- C:\Users\pascal\vmnetadapter.cat
[2013-08-27 11:42:02 | 000,009,040 | ---- | C] () -- C:\Users\pascal\vmnetbridge.cat
[2013-08-27 11:42:00 | 000,022,258 | ---- | C] () -- C:\Users\pascal\netadapter.inf
[2013-08-27 11:42:00 | 000,004,381 | ---- | C] () -- C:\Users\pascal\netbridge.inf
[2013-08-27 11:41:58 | 009,609,648 | ---- | C] () -- C:\Users\pascal\icudt44l.dat
[2013-08-27 11:41:58 | 000,044,701 | ---- | C] () -- C:\Users\pascal\LearnMore.jp.html
[2013-08-27 11:41:58 | 000,037,309 | ---- | C] () -- C:\Users\pascal\vm-support.vbs

---------- Bericht toegevoegd op 19:35 ---------- Vorige bericht was op 19:34 ----------

[2013-08-27 11:41:58 | 000,037,044 | ---- | C] () -- C:\Users\pascal\LearnMore.zh_CN.html
[2013-08-27 11:41:58 | 000,022,809 | ---- | C] () -- C:\Users\pascal\LearnMore.html
[2013-08-27 11:41:58 | 000,000,460 | ---- | C] () -- C:\Users\pascal\tools-key.pub
[2013-08-27 11:34:04 | 085,360,640 | ---- | C] () -- C:\Users\pascal\windows.iso
[2013-08-27 11:34:04 | 014,090,240 | ---- | C] () -- C:\Users\pascal\winPre2k.iso
[2013-08-27 11:34:04 | 013,701,120 | ---- | C] () -- C:\Users\pascal\solaris.iso
[2013-08-27 11:34:04 | 000,000,256 | ---- | C] () -- C:\Users\pascal\winPre2k.iso.sig
[2013-08-27 11:34:04 | 000,000,256 | ---- | C] () -- C:\Users\pascal\windows.iso.sig
[2013-08-27 11:34:04 | 000,000,256 | ---- | C] () -- C:\Users\pascal\solaris.iso.sig
[2013-08-27 11:34:02 | 062,408,704 | ---- | C] () -- C:\Users\pascal\linux.iso
[2013-08-27 11:34:02 | 015,671,296 | ---- | C] () -- C:\Users\pascal\freebsd.iso
[2013-08-27 11:34:02 | 000,540,672 | ---- | C] () -- C:\Users\pascal\netware.iso
[2013-08-27 11:34:02 | 000,000,256 | ---- | C] () -- C:\Users\pascal\netware.iso.sig
[2013-08-27 11:34:02 | 000,000,256 | ---- | C] () -- C:\Users\pascal\linux.iso.sig
[2013-08-27 11:34:02 | 000,000,256 | ---- | C] () -- C:\Users\pascal\freebsd.iso.sig
[2013-08-27 11:09:34 | 014,401,104 | ---- | C] () -- C:\Users\pascal\vmware-hostd.exe
[2013-08-27 11:09:34 | 000,900,176 | ---- | C] () -- C:\Users\pascal\diskLibWrapper.dll
[2013-08-27 11:09:28 | 000,352,336 | ---- | C] () -- C:\Users\pascal\openssl.exe
[2013-08-27 10:53:58 | 000,001,689 | ---- | C] () -- C:\Users\pascal\tagExtractor.xml
[2013-08-27 10:53:40 | 000,001,236 | ---- | C] () -- C:\Users\pascal\dispatcher.xml
[2013-08-27 10:42:42 | 000,002,962 | R--- | C] () -- C:\Users\pascal\vmPerfmon.ini
[2013-08-27 10:42:42 | 000,000,789 | R--- | C] () -- C:\Users\pascal\vmPerfmon.h
[2013-08-27 09:54:52 | 000,624,951 | ---- | C] () -- C:\Users\pascal\EULA.zh_CN.rtf
[2013-08-27 09:54:52 | 000,124,888 | ---- | C] () -- C:\Users\pascal\EULA.jp.rtf
[2013-08-27 09:54:52 | 000,040,959 | ---- | C] () -- C:\Users\pascal\EULA.rtf
[2013-08-27 09:54:52 | 000,001,223 | ---- | C] () -- C:\Users\pascal\environments.xml
[2013-08-22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013-08-22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013-08-22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-08-22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013-08-22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013-08-22 04:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013-08-22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013-08-22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013-06-27 23:52:12 | 000,000,198 | -H-- | C] () -- C:\ProgramData\Lenovo-13472.vbs
[2013-06-27 23:51:53 | 000,000,198 | -H-- | C] () -- C:\ProgramData\Lenovo-13410.vbs
[2013-06-27 23:49:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013-06-27 23:37:15 | 000,172,097 | ---- | C] () -- C:\WINDOWS\SysWow64\NoMSGuninstall.exe
[2013-06-27 23:37:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\SysWow64\UMonit64.exe
[2013-06-27 23:37:15 | 000,001,519 | ---- | C] () -- C:\WINDOWS\SysWow64\_IconCfg0.ini
[2013-06-27 23:37:15 | 000,000,911 | ---- | C] () -- C:\WINDOWS\SysWow64\ProductName.ini
[2013-06-27 23:37:15 | 000,000,213 | ---- | C] () -- C:\WINDOWS\SysWow64\IconCfg0.ini
[2013-02-13 20:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2012-07-25 21:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012-07-25 21:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin

========== ZeroAccess Check ==========

[2013-11-22 20:43:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-11-05 21:21:27 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-11-05 19:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-11-27 12:17:39 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\.minecraft
[2013-10-26 16:07:59 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\ActiveState
[2013-10-16 11:16:38 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\AVAST Software
[2013-12-02 15:13:57 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\FileZilla
[2013-10-07 17:51:37 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\Gyazo
[2013-09-23 18:40:06 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\ImgBurn
[2013-09-22 07:08:21 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\Lenovo
[2013-10-29 19:28:18 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\LibreOffice
[2013-09-22 18:17:31 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\LolClient
[2013-09-21 20:12:06 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\Nitro
[2013-10-31 07:17:44 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\Nitro PDF
[2013-10-10 16:34:08 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\Notepad++
[2013-12-08 16:11:39 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\Origin
[2013-09-22 09:44:29 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\Riot Games
[2013-10-10 08:54:10 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\SystemRequirementsLab
[2013-11-08 09:55:49 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\TeamViewer
[2013-09-27 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\TechSmith
[2013-12-08 10:10:05 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\TS3Client
[2013-11-16 18:32:10 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\Unified Remote
[2013-12-09 11:33:11 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\uTorrent
[2013-10-03 17:13:20 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\WebApp
[2013-12-02 13:28:24 | 000,000,000 | ---D | M] -- C:\Users\pascal\AppData\Roaming\X-Chat 2

========== Purity Check ==========



========== Custom Scans ==========

< services.* >
[2013-08-22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013-09-22 09:21:48 | 000,001,074 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013-09-22 09:22:03 | 000,001,078 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013-10-17 16:37:11 | 000,000,264 | ---- | C] () -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
[2013-10-26 15:22:18 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< explorer.exe >

< winlogon.exe >

< Userinit.exe >

< svchost.exe >

========== Base Services ==========
SRV:64bit: - [2013-08-22 12:31:58 | 000,207,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013-08-22 12:34:22 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2013-08-22 10:53:13 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2013-08-22 11:19:14 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2013-10-12 22:48:42 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013-08-22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2013-08-22 03:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013-08-22 10:40:30 | 000,468,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2013-08-22 03:38:29 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2013-08-22 11:00:58 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013-08-22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2013-08-22 10:50:00 | 000,761,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2013-09-30 05:15:06 | 000,353,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2013-09-30 05:15:18 | 000,285,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2013-10-08 06:48:10 | 000,255,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2013-08-22 10:44:18 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:64bit: - [2013-08-22 12:34:06 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2013-08-22 05:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2013-09-14 10:11:03 | 000,433,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2013-08-22 10:35:27 | 000,403,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2013-08-22 10:23:23 | 000,716,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2013-08-22 10:54:27 | 000,070,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2013-08-22 10:05:22 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2013-08-22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-08-22 10:35:48 | 000,387,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2013-08-22 14:25:35 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2013-08-22 12:35:42 | 000,124,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2013-08-22 10:10:12 | 000,798,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:64bit: - [2013-08-22 12:22:30 | 000,101,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2013-08-22 10:18:58 | 000,534,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2013-08-22 10:50:00 | 000,761,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2013-08-22 12:32:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013-08-22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2013-08-22 10:12:56 | 000,133,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2013-08-22 10:48:09 | 000,324,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2013-08-22 10:24:27 | 000,629,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2013-08-22 03:27:04 | 000,564,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2013-08-22 10:07:32 | 001,212,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2013-08-22 11:55:30 | 000,306,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2013-08-22 04:33:38 | 000,248,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2013-08-22 11:00:18 | 000,050,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2013-10-10 12:38:48 | 000,221,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2013-08-22 10:19:19 | 001,436,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2013-08-22 10:23:08 | 000,835,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:64bit: - [2013-08-22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:64bit: - [2013-08-22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013-08-22 10:44:27 | 001,669,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:64bit: - [2013-08-22 10:23:55 | 000,878,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2013-08-22 11:39:20 | 000,634,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2013-08-22 12:23:10 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2013-08-22 04:56:51 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2013-08-22 10:48:04 | 000,220,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2013-10-07 03:13:16 | 003,532,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2013-08-22 11:30:45 | 000,258,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2013-09-30 05:15:09 | 001,503,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:64bit: - [2013-08-22 10:54:22 | 000,284,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST1000LM024 HN-M101MBB
Partitions: 11
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1.000,00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260,00MB
Starting Offset: 1049624576
Hidden sectors: 0


DeviceID: Disk #0, Partition #10
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260,00MB
Starting Offset: 1049624576
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1.000,00MB
Starting Offset: 1322254336
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 100,00GB
Starting Offset: 2505048064
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 350,00MB
Starting Offset: 110321729536
Hidden sectors: 0


DeviceID: Disk #0, Partition #5
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 601,00GB
Starting Offset: 110688731136
Hidden sectors: 0


DeviceID: Disk #0, Partition #6
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1,00MB
Starting Offset: 755511590912
Hidden sectors: 0


DeviceID: Disk #0, Partition #7
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 142,00GB
Starting Offset: 755512639488
Hidden sectors: 0


DeviceID: Disk #0, Partition #8
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 8,00GB
Starting Offset: 908450594816
Hidden sectors: 0


DeviceID: Disk #0, Partition #9
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 62,00GB
Starting Offset: 916751122432
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\*.* >
[2013-11-18 07:31:16 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012-07-26 04:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2013-06-18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2013-03-25 23:01:42 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013-12-09 16:16:42 | 2342,322,175 | -HS- | M] () -- C:\hiberfil.sys
[2013-09-21 05:16:25 | 000,000,000 | ---- | M] () -- C:\Recovery.txt
[2013-11-03 12:15:21 | 000,000,282 | ---- | M] () -- C:\SSUUpdater.log
[2013-12-09 16:16:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.sys /90 >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

< G:\ >

< %PROGRAMFILES%\* >
[2013-08-22 16:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013-09-11 03:28:48 | 000,871,608 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013-09-11 03:28:48 | 000,871,608 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013-09-11 03:28:48 | 000,871,608 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2013-09-11 03:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2013-09-11 03:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2013-09-11 03:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013-08-22 13:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013-08-22 13:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2013-09-11 03:28:48 | 000,871,608 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2013-09-11 03:28:48 | 000,871,608 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2013-09-11 03:28:48 | 000,871,608 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2013-09-11 03:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2013-09-11 03:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2013-09-11 03:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2013-10-19 06:19:05 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2013-10-19 06:19:05 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2013-10-19 06:19:05 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013-08-22 13:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2013-08-22 13:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\pascal\SkyDrive:ms-properties

< End of report >


heeft u hier wat aan?
 
Laatst bewerkt door een moderator:
Re: bsod met simcity en need for speed rivals

Graag de drie logs in ??n keer posten.

Stap •1•
Download
52186926180a1-adwcleaner_nieuw.png
AdwCleaner by Xplode.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
AdwCleaner opstarten:
  • Windows 2000 en Windows XP: dubbelklik op adwcleaner.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".
AdwCleaner is opgestart:
  • Klik op de knop Scan
  • Is de scan gereed, klik dan op de knop Clean
  • Klik bij AdwCleaner – Afsluiting van de programma's op OK
  • Klik bij AdwCleaner – Herstarten noodzakelijk op OK
AdwCleaner logbestand:
  • Nadat de PC opnieuw is opgestart, opent een logfile.
  • Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\AdwCleaner[R0, of 1, of 2].txt
  • Post vervolgens de inhoud van dit log in je volgende bericht.

Stap •2•
Download
51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg
Junkware Removal Tool by Thisisu.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
  • Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.
Junkware Removal Tool by Thisisu opstarten:
  • Windows 2000 en Windows XP: dubbelklik op JRT.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
  • JRT.exe zal daarna Windows gaan scannen.
  • Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
  • Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
  • Post de inhoud van dit log in je volgende bericht.

Stap •3•
Download
51c58e5dea07b-Mbam_resized.png
Malwarebytes MBAMhttp://www.malwarebytes.org/mbam/program/mbam-setup.exe

Allereerst:
  • Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
  • Ook bij herhaald gebruik: eerst Malwarebytes MBAM updaten via de tab 'Update'!
Malwarebytes MBAM opstarten:
  • Sluit nu eerst alle nog openstaande programmavensters!
  • Windows 2000 en Windows XP: dubbelklik op de MBAM -snelkoppeling.
  • Windows Vista, Windows 7 en Windows 8: rechtsklik op de MBAM-snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
Let op:
  • Malwarebytes MBAM verstrekt nu de volledige versie van MBAM.
  • Zodra het afsluitende installatievenster opstart, kijg je de mogelijkheid de gratis probeerversie van Malwarebytes AntiMalware tijdelijk te gebruiken.
  • Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan voor de gratis versie te gaan en dus het bovenste vinkje bij de probeerversie te verwijderen.
  • Zodoende zal Malwarebytes MBAM als gratis versie verder te gebruiken zijn
Doe ook nog het volgende:
  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
Scannen:
  • Bij het starten Malwarebytes MBAM kies je voor 'Snelle Scan'.
  • Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
  • Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.
Infecties gevonden:
  • Klik nu eerst op OK om de melding weg te klikken
  • Klik vervolgens rechtsonder op de knop Bekijk resultaten.
  • Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
  • Daarna zal Malwarebytes MBAM vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.
MBAM-Log:
  • Het log wordt automatisch bewaard door Malwarebytes MBAM en dat kan je terugvinden door in het hoofdmenu van Malwarebytes MBAM op de tab 'Logbestanden' te klikken.
Post aansluitend in je volgende bericht de inhoud van het MBAM-log.
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan